Unofficial Python SDK for the Hack The Box (labs.hackthebox.com) API, reverse-engineered from live traffic.
Project description
htb-sdk
Unofficial, typed Python SDK for Hack The Box —
reverse-engineered from the live labs.hackthebox.com API.
pip install htb-sdk
from htb import HTBClient, Difficulty
htb = HTBClient(token="...") # or set HTB_TOKEN
htb.user.me()
box = htb.machines.list(per_page=1)[0]
htb.machines.spawn(box["id"])
htb.machines.submit_flag(box["id"], "HTB{...}", Difficulty.MEDIUM)
htb.machines.terminate(box["id"])
htb.get("/api/v4/season/list") # raw access to any endpoint
Get an App Token at Profile → Settings → App Tokens on app.hackthebox.com.
17 typed resource namespaces — machines, challenges, sherlocks, fortresses,
prolabs, endgames, tracks, seasons, teams, universities, rankings, user,
connection, pwnbox, tokens, walkthroughs, platform. Full map:
docs/ENDPOINTS.md.
CLI & MCP
Both are auto-generated from the SDK — every method is a command and a tool.
pip install htb-sdk[cli] # Typer CLI
htb machines list --per-page 5 # Rich table
htb machines spawn 351 # write ops too
htb machines list --json | jq . # raw JSON for scripting
htb raw GET /api/v4/season/list # any endpoint
pip install htb-sdk[mcp] # FastMCP server (stdio), reads HTB_TOKEN
htb-mcp # tools: machines_spawn, user_me, …
Docs & examples
Runnable scripts in examples/; full CLI reference in
docs/cli.md. Browse the typed API interactively:
uv sync --group docs && uv run mkdocs serve # http://127.0.0.1:8000
Develop
uv sync --all-groups
uv run pytest # add --e2e for live tests (needs HTB_TOKEN)
The API map is reverse-engineered from real browser traffic + frontend JS;
re-run the pipeline in capture/ when HTB changes their API.
License
MIT
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file htb_sdk-0.2.0.tar.gz.
File metadata
- Download URL: htb_sdk-0.2.0.tar.gz
- Upload date:
- Size: 149.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: uv/0.11.19 {"installer":{"name":"uv","version":"0.11.19","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
0ac0af8717a1834b6a8f72603aa4e670161a93716c84f9064096979693796fde
|
|
| MD5 |
e786454488e792e90ba8e66602eda902
|
|
| BLAKE2b-256 |
08e80d0706200683abae2520c1edfdd353d9dad29a95639b8c32a3ce6e00f521
|
File details
Details for the file htb_sdk-0.2.0-py3-none-any.whl.
File metadata
- Download URL: htb_sdk-0.2.0-py3-none-any.whl
- Upload date:
- Size: 34.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: uv/0.11.19 {"installer":{"name":"uv","version":"0.11.19","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"Ubuntu","version":"24.04","id":"noble","libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":true}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
588f552a1be3332c085f8dfe91cc67cec0a4f505c0c6e1fbb02a9094ab5180a4
|
|
| MD5 |
3cccd4994a812373b926216363375b60
|
|
| BLAKE2b-256 |
c727f7f889f9bb3e5b2abbe14b2ada4611cce15ac21f516de789b820ca3e5619
|
