I’m pretty new to HTB, CTFs, and pentesting in general, so please forgive me if this question is dumb.
Looking at the “Active” (non-retired) easy/medium boxes, there are a grand total of 0 Windows boxes right now. Is this the norm? Does it simply reflect what is to be expected in real-world pentesting scenarios? I honestly do not know.
I was thinking, especially with the recent changes to OSCP where an Active Directory environment is 40% of your score, that there would be more Windows boxes available. Even if they weren’t full AD environments, some AD-adjacent technologies (SMB, PowerShell, etc.) would be relevant and useful, I’d expect.
I realize that there are many retired Windows boxes and I have been working through them. I’m just curious to know what the mix of “Active” machines usually looks like in this regard. Are we instead meant to tackle things like the Pro Labs for AD experience?
Is there shortage of Windows box creators?
Let me know what you think.