HackTheBox CPTS Certification

My Journey to the CPTS by HackTheBox

1/13/20222 min read

HTB CPTS: Certified Penetration Testing Specialist

I recently enrolled in the CPTS path to eventually gain the CPTS certification by HackTheBox.

When you’re setting up your social media accounts, check that you can use the same or a very similar version of your website’s domain as your account handle. This will make it easier for your audience to remember you, no matter which platform you’re using.

How much is it?

I chose the $38 a month US Dollar monthly subscription that comes with 500 cubes. Cubes are the currency used to purchase modules for the Pentester path. They range from 5 or 10 cubes onwards. Depending on the module the cube value can go up or down. You also get 1 month of Pownbox which is their own ParrotOS version for HackTheBox in the cloud used to complete the given challenges after each exercise.

How long do you have to take the final exam?

This depends on your experience and how many hours a day you set aside to study for the CPTS Exam. If you don't work full time you obviously have a better chance of finishing quicker than someone who works a 9 t o5 job.

You should realistically set aside a few hours a day to complete the modules and take notes. The longer you study the quicker you will be ready for the final exam.

How long do you have to take the final exam?

The HTB website states that you have 7 days to take the exam and finish writing your report and have it sent in. Even if you don't finish the exam make sure you write the report so you can keep the free 2nd voucher you receive when purchasing the CPTS exam.

HackThebox Logo
HackThebox Logo

Penetration Testing Process

Getting Started

Reconnaissance Enumeration & Attack Planning

Network Enumeration with Nmap


Information Gathering - Web Edition

Vulnerability Assessment

File Transfers

Shells & Payloads

Using the Metasploit Framework Exploitation & Lateral Movement

Password Attacks

Attacking Common Services

Pivoting, Tunneling, and Port Forwarding

Active Directory Enumeration & Attacks Web Exploitation

Using Web Proxies

Attacking Web Applications with Ffuf

Login Brute Forcing

SQL Injection Fundamentals

SQLMap Essentials

Cross-Site Scripting (XSS)

File Inclusion

File Upload Attacks

Command Injections

Web Attacks

Attacking Common ApplicationsPost-Exploitation

Linux Privilege Escalation

Windows Privilege Escalation Reporting & Capstone

Documentation & Reporting Attacking Enterprise Networks

Attacking Enterprise Networks

27 Modules of CPTS