Getting Started¶

This guide will help navigate the documentation.

Prerequisites¶

Basic Cybersecurity Knowledge: Understanding of networking, operating systems, and security fundamentals
HTB Academy Account: Active subscription to access modules and labs
Study Environment: Virtual machines for hands-on practice
Time Commitment: Dedicated study schedule (recommended 10-15 hours per week)

Brief Overview of Certifications

CPTS - Certified Penetration Testing Specialist¶

Best for: Aspiring penetration testers and red team professionals

Prerequisites: - Strong Linux/Windows command line skills - Basic networking knowledge - Understanding of web technologies

Time Investment: 6-12 months of dedicated study

CBBH - Certified Bug Bounty Hunter¶

Best for: Web application security enthusiasts and bug bounty hunters

Prerequisites: - Web development fundamentals (HTML, JavaScript, HTTP) - Basic understanding of web vulnerabilities - Familiarity with Burp Suite or similar tools

Time Investment: 4-8 months of dedicated study

CDSA - Certified Defensive Security Analyst¶

Best for: SOC analysts and defensive security professionals

Prerequisites: - Log analysis experience - Understanding of network protocols - Familiarity with SIEM tools

Time Investment: 4-8 months of dedicated study

Study Strategy¶

1. Structured Learning Path¶

Start with foundational modules
Complete hands-on labs for each module
Document your learning and create notes
Practice skills assessments

2. Hands-On Practice¶

Set up dedicated lab environment
Practice techniques on vulnerable applications
Build a methodology for each skill area
Document your processes

3. Exam Preparation¶

Review all module notes
Complete practice scenarios
Time management practice
Report writing skills

Essential Tools¶

General Tools¶

VMware/VirtualBox: For running virtual machines
Kali Linux: Primary penetration testing distribution
Note-taking app: Obsidian, Notion, or similar
Screen capture tools: For documentation

CPTS-Specific Tools¶

Burp Suite Professional: Web application testing
Nmap: Network scanning and enumeration
Metasploit: Exploitation framework
PowerShell Empire: Post-exploitation

CBBH-Specific Tools¶

Burp Suite Professional: Essential for web testing
OWASP ZAP: Free alternative to Burp
Custom scripts: Automation and efficiency
Browser extensions: For testing assistance

CDSA-Specific Tools¶

Splunk: Log analysis and SIEM
Wireshark: Network traffic analysis
Volatility: Memory analysis
YARA: Malware detection

Documentation Best Practices¶

Note-Taking Guidelines¶

Organized Structure: Follow the certification module structure
Command Documentation: Include exact commands with context
Screenshots: Capture important steps and results
Methodology: Document your systematic approach
Lessons Learned: Record insights and improvements

Lab Documentation¶

Objective: Clear statement of what you're trying to achieve
Reconnaissance: Information gathering phase
Exploitation: Step-by-step attack execution
Post-Exploitation: Privilege escalation and persistence
Remediation: How to fix discovered issues

Exam Preparation Tips¶

Time Management¶

Create a realistic study schedule
Set milestone checkpoints
Practice under time pressure
Balance theory with hands-on practice

Technical Preparation¶

Master your toolkit
Develop consistent methodology
Practice report writing
Build troubleshooting skills

Mental Preparation¶

Stay organized and focused
Take regular breaks
Join study communities
Maintain work-life balance

Additional Resources¶

Community Resources¶

HTB Academy Discord: Connect with other students
Reddit Communities: r/HackTheBox, r/netsec
YouTube Channels: IppSec, John Hammond, LiveOverflow
Twitter: Follow cybersecurity professionals

Practice Platforms¶

Hack The Box: Additional practice machines
TryHackMe: Beginner-friendly labs
VulnHub: Downloadable vulnerable VMs
PortSwigger Web Security Academy: Free web app security training