Hack The Box Certified Bug Bounty Hunter (CBBH) Review

7 months ago 73
BOOK THIS SPACE FOR AD
ARTICLE AD

Josselin Poupeney

I started the training in January 2024, and I had already completed the introduction modules, so I skipped them. After seeing some reviews that suggested the academy modules alone might not be enough to pass the exam, I decided to go through every module of the HTB Academy and practice them with PortSwigger Academy

I also bought two courses from Rana Khalil, who does a fantastic job explaining attacks and demonstrating them. The courses I bought are:

https://www.udemy.com/course/mastering-sql-injection-the-ultimate-hands-on-course/https://www.udemy.com/course/mastering-command-injection-the-ultimate-hands-on-course/

I suggest taking these courses in addition to the HTB Academy modules. What I did was first complete the PortSwigger Academy course to become comfortable with the topic, and then I went through the modules. This method really helped me during the HTB modules

Others PortSwigger Academy course I did:

https://portswigger.net/web-security/file-upload#what-are-file-upload-vulnerabilitieshttps://portswigger.net/web-security/ssrf#what-is-ssrfhttps://portswigger.net/web-security/server-side-template-injection#what-is-server-side-template-injectionhttps://portswigger.net/web-security/xxe#what-is-xml-external-entity-injection

Overall, the HTB Academy training was great. It taught me a lot of things and challenged me. I cannot recommend this training enough to someone interested in web pentesting/bug bounty

I cannot discuss the exam content, but the exam environment was super interesting, and challenging!

I encountered some stability issues during the exam, so I reached out to support. They were great and added extra time to compensate for the issues. If you encounter stability issues during the exam, send them a message and be patient they will take care of this

I was able to achieve a passing score on the exam in 3 days. I dedicated 10 hours per day. You have 7 days to achieve a passing score of 80 and upload your report, so you have more than enough time. For the report, I used the CBBH template for SysReptor (see more here). It saved me a lot of time during the report-writing.

Take notes! This is super important. Create your own cheat sheet that you can refer to during the examDon’t overlook topics, every topics from the Academy role path are important, make sure you understand themMake a blog, it can help you having a better understanding of the topicsDuring the exam, remember to take breaks and get enough sleep. You have ample time; there’s no need to rush

I hope this can help you in your CBBH journey. If you have any questions, don’t hesitate to reach out to me on LinkedIn

Read Entire Article