2023-06-25

cpts review and guide

CPTS Review and Guide

after a few years since i got the oscp in 2021 and a ton of other certs, i decided to start writing reviews and personal guides to how others can succeed.

what is the cpts

the cpts or certified penetration testing specialist is a certification course offered by hackthebox. it focueses on penetration testing with very little known vulnerabilites. the point is to be able to idenitify misconfigurations and exploit vulnerabilites by truly understanding the software, without having to rely on someone elses work.

this really focuses on honing a users skill at identifying flaws and vulnerabilites in web applications and active directory environments.

the content

the conent is absolutely amazing, it is self paced; however, you have to compelete it. you have to complete 20 modules or so at the time i took the course before being able to attempt the exam. this content is in the form of modules that have submodules that build the skillset from the ground up. this allows someone to start at a newbie level and build up to an intermediate level with any sort of vulnerability. this content is absolutely ground breaking when it comes to the current market.

This cert competes with offsec and imo it beats it out completely. It is updated daily so you aren’t stuck with a 2021 exam and course and waiting for a pdf update. the course work is generally much more challenging and requires a lot more thought. you really change your mentality to “whats that CVE?” to “can i find a CVE?”. this change in mentality is crucial to increasing your skill as a hacker.

the exam

10 day exam, with an idk how long report writing period. again very nice environment, with the goal of admin on most of the machines. it is honestly a very fun lab, so far the most challenging exam ive done.

who should get the cpts

anyone that wants to really really get good at pentesting should take this course. someone whos been aroudn the block will still struggle. as an oscp holder i was still having trouble, even when finishing the exam in half the time alotted, it still felt at times like i won’t pass the exam.

how to prep

do hack the box

do all the modules, multiple times over. i had to do all the modules twice. i did them the first time around then went back after finishing them all and did the skill assessments again which are mini exams at the end of each module. this helped me freshen up the older content as the new content usually pushes those out of my brain. same as the cbbh.

use the search feature

while taking the exam, you can use academy’s search feature to search whatever you like from the course. so if you see and lfi for example you can search lfi and see the many techniques that they teach very quickly. same as the cbbh

use iredteam

iredteam is a site held by what i like to call a genius @spottheplanet or more accurately Mantvydas Baranauskas.

it is a ton of notes about everything red team and frankly, it will help you on the exam.

conclusion

get the cert, its fun, challenging, and rewarding all at the same time.

best, gerbsec