My Guide to HTB’s CPTS Course/Exam
HTML-код
- Опубликовано: 3 авг 2024
- Recently I passed the CPTS exam by HackTheBox. In this video I discuss my experience with the course and exam, as well as how it differs from the OSCP.
HTB Discord: / discord
Chapters:
0:00 Introduction
0:29 The Course
3:35 The Exam
5:38 The Report
8:11 Tips & Tricks
11:46 FAQ: How does CPTS compare to OSCP?
18:55 Outro
Background Music:
Airport Lounge - Disco Ultralounge by Kevin MacLeod is licensed under a Creative Commons Attribution 4.0 license. creativecommons.org/licenses/...
Source: incompetech.com/music/royalty-...
Artist: incompetech.com/
Well done! I just finished OSCP and am starting the course modules . I think you are the first person to provide a review on the course. Thank you very much
Other than AD, it doesn’t rly make sense to do CPTS after OSCP
@@80572 More certifications for employers to look at I suppose.
Congrats on passing the OSCP, I have my exam in June
How would you compare the OSCP material to the CPTS?
@@Haxr-dq6wt I've heard a lot of people say that the CPTS is harder and more challenging than the OSCP.
well done man, and thanks for the video
Thanks mate. I've been planning to take this cert after PJPT :)
Nice video mate!
Congrats on the CPTS!
Very nice video! Gives a really good overview of what to expect and also your workflow, keep up the good content!
Great video. I am currently working on the HTB pentester path. Looking forward to take the exam in the future.
Currently busy with the CPTS path and was a bit worried if it would be worth it, you convinced me that it is. Great vid! Thank you!
hey! you cleared it?
Great explanation, I'm also full time penetration tester and to be honest I was struggle with some labs with DNS etc. I will watch this one more time before taking exam because it is a full useful information
very informative, thank you for this!
Congrats ! Thanks a lot for your feedback !
Been waiting for a review on this since I saw it come out. I’m about 42% of the way through the path. Let’s see that CBBH review as well!
Thank you for the information!
Thanks for the video mate
thank you for taking the time to give review - great \o/
Thanks again, I manage to pass my CPTS exam end of 2023, appreciate the content and reviews !
ur amazing bro, god bless you
Bro.. you should keep making videos.. this was 🔥!!. Do share your pentesting knowledge.. i think you have done prettymuch every certs.
Great video, thanks
Thanks a lot. Keep upload more video
Great guide!
This is really good review.
Thnx man!
Great video🎉
Wow, first to pass that's awesome. TOP review, thanks. Also, that is some serious elevator music.
Thank you for including the time limit you have on the exam. I have been trying to look for that info since I started the course. I am excited to complete the course and take the exam. I just wish you could turn off the black background on academy. In my personal experience it makes things hard to read without increasing my screen brightness.
I'm at 40%, and it feels like the endless story movie
Excellent.
Thanks man
Convinced me to go for it.
Certificate - Passing is all good but you have amazing note taking skills :)
You convinced me to sign up.
Looks Like CPTS shows more care for customers ,OSCP shows more care to the money :D
Thank you ... I saw that John Hammond failed and was just like 🥺...considering taking it so anymore advice is much appreciated. Liked and Subbed!!!
John Hammond is not as good as everyone think he is lol
@@smnomad9276 meh idk, I believe he'd be a formidable advisary. He certainly wouldn't be easily to compromise.
@@repairstudio4940 He failed cpts which is roughly the same level as oscp, which is a mid-level certification. Also he has been trying to get OSEE for 2 years now with no results. There are thousands of guys following him that are way more skilled than he is.
Thanks
Is the Time log you show on 05:10 a data dump from another tracking software or is that just your notes entering as you go? - Great video, thanks!
I was waiting for your subjective opinion on which exam is more difficult :) My understanding is that CPTS is more difficult as it covers a lot more stuff (see John Hammond's video) Also, is going through HTB Academy Pentester path + TCP Security Practical Ethical Hacking + HTB machines + Proving Grounds a good preparation for OSCP?
Hi , first of all great video. I want to know about your note taking, I don't want your personal notes. Just want to know the detailed way in which you take notes and if you prefer.
One tip I can provide is when you copy-paste commands for quick use in your notes, replace the "target ip" with $IP in your notes and in your terminal just do export IP="target ip", so you can just paste the commands directly and the "$IP" would replace with the exported target IP in the terminal. When you close that terminal instance it would clear the $IP var.
Thanks, I prefer to use CherryTree just because that's what I started with. In the video is my HackTheBox-specific CherryTree document which is organized by Machines(Easy/Med/Hard), Challenges(Web/Crypto/...), Academy(Modules/Exams). I don't have notes which are for specific things, like one section for SQL injections, I kinda just use 'search all nodes' for what I'm looking for.
@@bmdyy Great , I also use cherryTree , just wanted to know the format you organize your data in, thank you for the reply.
could you make a video to share what is the best way to store all the command line used and credential found?Are there an automated way of doing it or simply just copy and paste whenever a command worked?
hey I just started the CPTS course. So far its going great. Its definitely alot of reading for now. They really are hard about information gathering and covering all aspects of finding all vulnerabilities. How did you organize all your notes, screenshots, found credentials, and commands? Possibly a quick video?
how's your preparation going on?
98 pages!?!?! SHEESH lol. Just picked the course up! I have done PNPT, CRTO, and CRTP. Hoping this can piggy back off of them.
good one
Great video! One small suggestion, your audio is a little low. Maybe bump it up a wee bit.
Thanks for the suggestion, I wasn't sure if it was too quiet or not
thanks for this review i just started the modules and i was wondering if i would pursue the cert at the end. is the cert something that would get you into a job as a pen tester?
The cert is very new / not widely known, so I don't think it would be very likely that you get hired just for having it
nice review and congratulations on pasing the exam.
Thank you!
OSCP might be left in the dust soon. The only reason I say that is, with organizations like HTB and TCM Security putting out certifications that are "realistic" in nature (ALL TOOLS available and actual test environment) it almost puts the OSCP to shame. The OSCP both shines and fails by requiring the 24 hour test and no automated tools available which removes the realism of a penetration test but also helps in forcing you to know how to "live off the land" so to speak. This is, of course, just my two cents.
Let’s fucking gooooo
Wow the first well done!
Can you share your notes? Really liked the way it's formatted
Great video, thank you for the info. Can you point me to the report template?
Hey man, thank you so much for the review. Very informative! I also saw that your notes on Cherrytree look very neat. Please share them with me if possible. I m preparing for the same cert, and I find it very hard to organize my notes
Thank you! I won't share my personal notes because a lot of it is just answers to the module questions and in my opinion using someone else's notes is not nearly as beneficial as creating your own. Personally I organize my notes by creating separate nodes for each module and then writing down all the commands / answers.
You could also do 1 month Platinum and 1 month gold that will give 1500 cubes, rest should come from completing modules.
big congrats on the certification and the video.
Dude I need to ask. If you had done the opposite, first you had studied for the CPTS, with the knowledge of it you can pass the OSCP. Dude, I've already done OSCP 2 times and I'm going to the third exam, my best score was 60 points (no hypocrisies, no examservices dumps of course). I ask all this because I'm thinking about studying for the CPTS and I wanted to take advantage of the knowledge to refine and pass the OSCP too. Do you think it is possible ? thanks man
Hi, I think that the knowledge you gain from completing the CPTS course and exam will certainly help you pass the OSCP. Not to say that the CPTS course only will prepare you for the OSCP exam, but it will definitely supplement your currently knowledge.
CPTS goes further than OSCP. If you do the HTB Academy pentester course first, then get the CPTS, OSCP will be a lot easier.
New Subs here! just a question, I want to shift career into pentesting. I'm just starting my eJPT course and will take the once I get comfortable and learn by heart. after that PNPT or eCPPT but along with that, will you recommend doing the CPTS course for a beginner like me ? can I cope up with the course ? i need your honest opinion thank you
Nice one, clear, concise, and articulate explanation.
One question I have is in regards to time management. how did you manage to work full time, do gym and prepare for the cert?
I’m in a bit of a pickle myself where I’m about to enter a full-time job but I also have training on the side, and to add the CPTS cert on top would be quite deadly.
I’d like to know how you ended up managing everything in sync so that I can apply it to myself 💉
Keep it up with the videos, very informative!
It was not easy, pretty much all the free-time I had went towards studying. I did the whole course in about a month though, if you were to spread it out over a longer period of time it would be quite managable.
Understood, it’s surely been a sacrifice in time as a payment coin. Thanks for answering my inquiry!
Hey,
thanks a lot for the insight.
Do you think the cert is doable if didnt have any other certs or job experience? Do you think the modules prepare you well enough?
Yes can
Can you make a crash course video of particular subjects?
If you were to hire a penetration tester and you had 3 candidates. All 3 have no experience. One has OSCP, one has PNPT, and one has CPTS. Which candidate would you be confident would be able to perform the job with minimal training?
I took the PNPT exam without the course, and I took OSCP 2 years ago (before AD was added). With that in mind, I feel like CPTS taught the most.
hey, one question - in 15:00 you mention ‘there are no labs in CPTS’.. how is one supposed to go about practicing the CPTS content then? do you have to do it in your own home lab? if so, how would you simulate the specific vulnerable environment the module focuses on teaching? thanks!
Do you think CPTS covers most of the CBBH and would be a better option if taking only one of the two exams, or is CBBH way more in-depth for apps? (I know it's for web specifically, but a lot of modules overlap :( ) The real question is, if CPTS has enough web/app info for Bug bounty? Since it's got a broader scope I see it as a better option.
Tbh I'm thinking it might be better to do CBBH and the do CPTS. Alot of CBBH overlaps with CPTS and you'll get a good web foundation you can use for CPTS.
I have many account passwords, tried evim-winrm, psexec... all failed
I don't know what to do next, I may have missed some way to get the shell, I hope you to advise for me
I guess it is the Active Directory penetration knowledge that I have missed. I searched the relevant modules and still have no answer. I saw the mind map you recommended, which is very good.
Hi this is really informative Thanks! Just wanna ask, is it better to buy cubes or just get the Silver Annual subscription that includes exam? ($490)
I believe any subscription ends up being cheaper than buying the cubes directly
@@bmdyy thanks man! will consider this. If you don't mind, may I ask if I can cancel my subscription any time? and if do, does it remove my access to modules? btw, i subbed. :)
Yes you can cancel any time. You maintain access to modules which you completed 100%
@@bmdyy Thanks! I appreciate your fast response.
Hi, is it possible on HTB to cancel a monthly subscription after 3 or 4 months or it's a monthly payment but for a full year ? Because i just need 2000 cubes.
In terms of the training aspect, can you compare/contrast the type of people who may enjoy the training part of PNPT versus that of CPTS?
Hi, I took the PNPT exam without doing the training so I can't really compare the two, sorry
Hey, how has doing the CPTS benefited you in doing the HTB active/retired content?
Excelent video 🎉 cheers is it possible to share your notes? I been looking for notes CPTS. I find more about CISSP than from the CPTS.
You don’t share notes , that’s personal . It also defeats its purpose . You learn while you take notes not stealing someone else’s
Would a 2 cpu cores 4 gb ram vm be enough?
what is the prerequisite for Ctps course? can a fresher with no experience can do it ?
What you think about THM SOC level 1
Does the exam let you into a VM to do the testing or you use your own VM. Also for everyday testing, do you use VMs or a machine with main OS linux?
I use VMs daily, the exam requires you to use your own setup
how many cubes can I get for the monthly student plan?
Hey !! I have a question: I'm very interested in the internet security exams and certificates, but I have a very basic knowledge in coding, do you think it's possible?
Hey, many people in cybersecurity don't know how to code, so even a basic understanding is beneficial. What more important is an understanding of Windows/Linux
@@bmdyy great !!! Thank you for your time to answer 😸🐱😸🐱
How would you compare this in difficulty to PNPT?
Good question. CPTS was harder, and had a larger exam network than the PNPT for sure
Hello, Does this exam have tool restrictions like sqlmap, metasploit, etc, etc just like the OSCP?
No restrictions afaik
Looking at your time log (c. 5:00), I'm guessing that some of those slots are for sleep! (E.g. 01:09-08:07 on day 4.) Were you basically full-time in exam mode during your waking hours, or did you fit the exam in around your day job?
Just as a minor correction, OffSec will now offer feedback on the OSCP exam report. I'm not allowed to share mine: "Sharing OSCP exam feedback details with others is prohibited and will be considered a violation of our academic protocol." However, I'd say that it's less detailed than the feedback you got.
Hi, yes some of the slots are for sleep of course :P I was "almost" full-time exam mode for these days, I did have some things I needed to do for my job.
Hey bro I'm new to pentesting I wanted to ask you what should I start first... The pnpt certification or the cpts
It's really up to your preference, both are aimed at beginners and both cover more or less the same content.
@@bmdyy thank you bro 🙏
could you advise the pre-requisite for taking the CPTS as a complete beginner? is the course provided enough to pass the exam? appreciate your reply bro!@@bmdyy
Do you think CPTS it's enough to get an entry level job ?
Thanks!
thanks a lot. could you share these notes with us?
What the difference between this course and the CBBH course ?
I read somewhere that if you manage CPTS , you should be able to do OSCP without any bigger problems. Do you agree with this?
If yes, does this mean that the CBBH is the equitant to OSWE?
OSWE is a white-box course which focuses on code analysis and CBBH is a black-box approach for bug bounty hunters. They are not equivalent
May I ask how to use genericwrite in ad? I know that I can modify the user password, add spn and get hash, but I have many accounts and passwords but I can’t get the shell. Please advise, thank you
The Bloodhound has a great explanation for this: bloodhound.readthedocs.io/en/latest/data-analysis/edges.html
@@bmdyy thank you
I am planning to have CPTS as a start . If I studied the HTB materials well . will I Pass ?
Is that 41 days fulltime or an hour a day or somewhere in the middle?
Is CPTS harder than OSCP?
if I take CPTS course and exam, I will be prepared enough to take OSCP exam?
can you post your commands file you made?
You can indeed still download the PDF. I just came off of my 4th failure. The exam format is very stressful indeed. You feel the pressure of the clock. I'm taking a break for about a month, but I am thinking about going after the CPTS. The lack of feedback on the OSCP kinda sucks.
What about the AD part of the exam!? It was heavy!?
A large portion of the exam dealt with the various AD techniques taught in the course, I think most attacks taught showed up in the exam although not all led somewhere.
well this looks like hell tbh, the report part in particular. damn it looks so demanding
I'm a lucky guy
I remember when OSCP exam attempts user to be $60 a pop. Sigh
I have taken notes throughout the entire path and I cannot even find the first flag. It's bs.
Why did you stop uploading 😢
PNPT review
Hi guys, has this changed ?
Why you stopped making videos?
Life
@@martinlastname8548he died? 🙄
Really were you the first person to pass this exam?
What about beginners? i think i need more time than 49 days hahaXD
Looking at your wall you are obviously not only certified from top to bottom part have a ridiculous amount of experience I wanted to ask you and I hope you actually see this for someone that is handicapped and can only work from home from all the courses and search Etc would you say that the hack the box would be ideal given that they are highly practical and I believe one of them was in collaboration with heck of one and it doesn't need to be on a resume I guess what I'm saying is from your experience if you strip everything away and you had your standard Security knowledge do you think that those two pathways would allow you to begin working from home at least to begin? If not would you choose a different approach I really appreciate it if you don't answer.
Sure, now stop using my hardware for a dam dart board
Bro turn off this music.
Great vid ! I’m a student and want to start my journey early. Would this be considered a good pathway? given the CPTS is harder than the PNPT.
1. Tryhackme
2. eJPTv1 and/or v2
3. PNPT
4. Hackthebox academy
- CBBH
- CPTS
5. OSCP
( or maybe the OSCP before the CPTS?)
Thanks in advance!
Thanks, I have not taken any eLearnSecurity certs so I can't comment on those, but apart from that the path looks solid.
It's the same path he took
they lost me when they said it was free then expected ppl to pay tryhack me + vulnhub is a much better option