Awesome video, thank you so much. I recently failed my first attempt [5/12] flags, though I average about one flag per day. Flag 6 single-handedly killed my attempt. To be honest I’m kind of at a loss on how I can prepare other than improve my methodologies and review the course material. I’m just trying to figure out what’s the difference(s) between me, someone who failed, and those who pass. More importantly I need to then figure out how I can improve in that area the fastest way possible. If anybody has any advice or tips on how I should prepare for my next attempt I’d greatly appreciate it! Thanks again everyone, have a great day!
Hey bro I can 100% person understand you. I have been in exact same position with cbbh. My suggestion would be to do hard reset like fr.....I meant try something new. Don't try one attack or technique over and over again. If possible try to skip that attack path and lookout for another one. Also everything in the exam is from cpts path itself so try to revise those modules. BTW htb should provide you with list of modules to look at in your exam result.
First of all, congrats on passing! Im going to take the exam really soon here and have a few questions if you dont mind answering Are we gonna have like multiple "sub flags" or is it just like get 1 flag? If we get stuck on a box, can we move on to the next box? Can i just use ligolo only for pivoting/tunneling? Are all necessary wordlists provided, do we need to do outside research for wordlists/default creds? Was there password mutation? Was there any external osint? Does it include using debugger and exploiting thick client stuff? How much of the exam is web application attacks? what would you say are the most important topics to know?
Hey Thanks : ) There are 14 flags in total. Yup if you get stuck you can't move further. Yeah ligolo-ng is great!. I don't really remember about password wordlist. I am not sure if i can answer the external osint part (Remeber cpts exam only covers topics mentioned in HTB CPTS PATH). Can't reveal much about the exam. I would say active directory.
It would be call to get another CPTS list, subscribed to get the notification. I agree that with many of the points, especially the lack of any video material. Though in the modules they sometimes recommend presentations from different cybersec conferences, like the one they did for Kerberoast. It would be nice if they did this for all topics though, not just a few.
Hey m8, I can't say much about CRTP as I haven't pursued it myself. Also, both certifications focus on different areas. CRTP primarily deals with Active Directory (AD), whereas CPTS covers pentesting including AD and web applications.
Use my affiliate link: hacktheboxltd.sjv.io/Gmvygk to sign up for HTB CPTS Cert!!! You can follow IppSec's unofficial CPTS playlist to practice: ru-vid.com/group/PLidcsTyj9JXItWpbRtTg6aDEj10_F17x5&si=QbE0n4-Mjpy_880v. Use the timestamp to jump to a specific section. Timecode: 00:00 - Up Next 01:35 - Whoami 04:05 - CPTS Requirements 06:45 - What Should I Do If I Am Just Starting Out? 11:13 - Pricing 14:39 - My Journey with CPTS Path 19:30 - Reviewing HTB CPTS Path 33:46 - Tips for Studying for CPTS 43:03 - Talking About CPTS Exam Itself 57:34 - Outro
Regarding the flag system, is it figurative or literal? Will I actually find a string that I need to submit to get points, or is gaining admin access or RCE considered capturing the flag? Regarding Privilege Escalation, typically in HTB machines, you find a vulnerability on the website that leads to a low-level shell (RCE), and then you use privilege escalation techniques, like using LinPEAS, to achieve root privileges. Is this the case in the CBBH exam, so I can focus on practicing Privilege Escalation techniques?
Hey m8, You will get the flag string after completing the X attack or X question on the exam. Regarding HTB machine.......You just need to focus on initial shell. In CBBH you don't need to perform any local privilege escalation.
Great overview, I might go do Dante shortly. Been following you on Twitter for a while and now I have all this RU-vid content to binge! Do you have a Discord btw?
Hey thanks buddy for introducing this tool to make reports!like i had make an vapt report on word and it's take me around 4-5 days to make an report of 75 pages 😅
