CPTS Certified - Review
The Certified Penetration Testing Specialist (CPTS) is the entry-level certification offered by Hack The Box as part of their Penetration Testing career path. Despite being labeled “beginner,” this cert packs a serious punch. It covers a broad range of attack paths and techniques with a ton of hands-on content.
Just finishing the course is an achievement. It’s packed with challenges that force you to apply what you’ve learned. The exam? It’s a great way to put your skills to the test after months of grinding, note-taking, and pwning boxes.
My Experience
The exam was a ride from start to finish. I hit 40% in the first three days, then hit a wall and floundered for the next two. Eventually, I broke through and pushed forward—but just when I was about to submit my report, with two minutes left on the clock, Hack The Box went down.
Yeah. Brutal.
After a few hours of support tickets and waiting, they gave me another attempt—just to re-enter the flags and get the points. Here’s proof of how close I was:
Background
I’ve been working as a pentester for nearly three years (2 full-time, 1 part-time), and in cyber for over four. Even with that experience, CPTS was incredibly valuable. It helped solidify fundamentals and gave me hands-on practice with scenarios I hadn’t seen before.
The course covers:
- Web application testing
- Network testing
- Active Directory testing
- Privilege Escalation
- Documentation and reporting
If you’re less than 3 years into your pentesting career, I highly recommend it. It’s a strong foundation builder.
The Big Exam
Calling the exam easy doesn’t tell the whole story. Technically, it’s not overly difficult—but that’s not the point. The challenge lies in your methodology, tool usage, and data interpretation.
The Active Directory (AD) environment is large and noisy. It’s easy to get lost in the weeds. You need a solid process from the start to avoid wasting time chasing dead ends.
For me, reporting was the toughest part. Not because I hate documentation—in fact, I take too many screenshots, and try too hard to make them look nice. My problem? They were unorganized. I ended up retaking all my screenshots during the final days just to make sense of them.
Tips for the Exam
Here are the raw tips I wish I’d followed more strictly:
- Document everything, clearly and in order. Write down the commands you run and what they do. Cheat sheets help, but short, well-labeled steps are better. Future-you will thank you.
- Tools won’t always give you the answers. Learn to interpret raw output. Don’t just run tools—understand what they’re telling you. That skill is gold in both the exam and real-world pentests.
- Automate repetitive tasks. Save time and brainpower. Write scripts to run Gobuster on all HTTP servers, or automate routine recon steps.
- Use Zenmap. Run your nmap commands, then load the output into Zenmap for clean, centralized viewing. It’s a massive timesaver.
- Pivot with Ligolo-ng. It’s fast and simple. These are the commands I used after the connection was received:
1 2 3
ligolo > interface_create --name pivot1 ligolo > route_add --name pivot1 --route x.x.x.x/24 ligolo > tunnel_start --tun pivot1
- Stuck? Simplify. Try a different method. If a technique or exploit fails, try another approach before moving on. Sometimes it’s not the vulnerability—it’s the method.
- Use Sysreptor ahead of time. Set up your report structure before the exam. Import templates from other tools. If you can, take notes like you’re already writing the report. It will cut your reporting time in half.
- Relax. Seriously. Take breaks. Come back fresh. You’ll think clearer and solve faster.
If you’re reading this before your exam: Good luck. Stay sharp, stay calm, and don’t overthink it. You got this.