About this project
rootea.es (formerly HTB Writeups Hub) was born as an open-source directory aggregating verified writeup links for retired Hack The Box machines. Today it’s something more: a complete learning system for pentesters who refuse to settle for “just solving machines”.What you’ll find here
200+ HTB machines
Full catalog of retired machines with HTTP-validated writeups
by S4vitar, El Pingüino, 0xdf, and IppSec.
Level Up
Tactical glossary (100+ terms), professional methodology,
report template, curated resources, professional web recon.
Advanced specialization
AD CS · Cloud Pentest · LLM Security · Modern Red Team ·
Bug Bounty. Each page with 500+ lines of content updated
2024-2026.
OSCP+ Roadmap
30 curated machines + official OSCP+ 2024 changes +
professional checklist per machine.
Who maintains it
Open-source project maintained by the community. The code and catalog live at github.com/FFuson/HTB_Writeups. Anyone can contribute via Pull Request:- Report a dead link: the pipeline catches them weekly, but an issue speeds things up.
- Propose a new whitelisted author: dedicated issue template available on GitHub.
- Add a skill to the glossary: same, template available.
Original purpose — and current purpose
Original (2024): HTB documentation was scattered across hundreds of blogs, YouTube channels, and ephemeral Medium posts. The hub solved the fragmentation problem. Current (2026): training platforms (HTB, TryHackMe, OffSec) produce operators. They don’t produce professional auditors. Missing: methodology, corporate language, awareness of defensive footprint, and the connection between technique and report. This hub fills that gap. That’s why content evolved toward sections like Methodology, Report template, and the advanced blocks (AD CS, Cloud, LLM, Red Team, Bug Bounty).What we are NOT
- We don’t host writeup content. Only links to original authors.
- We don’t publish hints for active machines. Zero exceptions.
- We don’t editorialize on machines: if it has 4 validated writeups, we show all 4. Selection is up to the reader.
- We don’t replace training platforms (PortSwigger, TryHackMe, TCM PEH). We complement them with professional methodology and Spanish-language content.
Contact
All communication flows through GitHub:- Issues / contributions: GitHub Issues.
- DMCA or takedown requests: open a public issue tagged
legal. - Open discussion: GitHub Discussions.