Skip to main content

About this project

rootea.es (formerly HTB Writeups Hub) was born as an open-source directory aggregating verified writeup links for retired Hack The Box machines. Today it’s something more: a complete learning system for pentesters who refuse to settle for “just solving machines”.

What you’ll find here

200+ HTB machines

Full catalog of retired machines with HTTP-validated writeups by S4vitar, El Pingüino, 0xdf, and IppSec.

Level Up

Tactical glossary (100+ terms), professional methodology, report template, curated resources, professional web recon.

Advanced specialization

AD CS · Cloud Pentest · LLM Security · Modern Red Team · Bug Bounty. Each page with 500+ lines of content updated 2024-2026.

OSCP+ Roadmap

30 curated machines + official OSCP+ 2024 changes + professional checklist per machine.

Who maintains it

Open-source project maintained by the community. The code and catalog live at github.com/FFuson/HTB_Writeups. Anyone can contribute via Pull Request:
  • Report a dead link: the pipeline catches them weekly, but an issue speeds things up.
  • Propose a new whitelisted author: dedicated issue template available on GitHub.
  • Add a skill to the glossary: same, template available.

Original purpose — and current purpose

Original (2024): HTB documentation was scattered across hundreds of blogs, YouTube channels, and ephemeral Medium posts. The hub solved the fragmentation problem. Current (2026): training platforms (HTB, TryHackMe, OffSec) produce operators. They don’t produce professional auditors. Missing: methodology, corporate language, awareness of defensive footprint, and the connection between technique and report. This hub fills that gap. That’s why content evolved toward sections like Methodology, Report template, and the advanced blocks (AD CS, Cloud, LLM, Red Team, Bug Bounty).

What we are NOT

  • We don’t host writeup content. Only links to original authors.
  • We don’t publish hints for active machines. Zero exceptions.
  • We don’t editorialize on machines: if it has 4 validated writeups, we show all 4. Selection is up to the reader.
  • We don’t replace training platforms (PortSwigger, TryHackMe, TCM PEH). We complement them with professional methodology and Spanish-language content.

Contact

All communication flows through GitHub: Hack The Box is a registered trademark of Hack The Box Ltd. This project is not affiliated with HTB nor with any of the listed authors (S4vitar, El Pingüino de Mario, 0xdf, IppSec). It only links to material they have publicly published under their respective licenses. If you are one of the authors and wish your material to be removed, open an issue and it will be taken down the next day.