# CBBH
\
Cost = 1410 cubes
**Exam:**
attack multiple websites \
write report + submit\
10 flags = 100 points\
85/100 to pass (so +- 8 or 9 flags)\
admin access or RCE
1. Multiple ways to get in, don't stay stuck for too long
2. use HTB's Academy's search feature
3. schedule a start time which gives you plenty on uninterrupted time
4. Take screenshots and write down as you go to save time on report writing
## Preparing for CBBH the exam
After completing the training path, it’s essential to practice and apply one's knowledge on real-world scenarios. One of the best ways to do this is by utilizing HTB's Academy X HTB labs feature, which offers a wide range of labs to test your skills. One cal also take on web security challenges from PortSwigger’s Web Academy to further hone your skills and solidify your understanding of web security concepts. \
\
Challenges which might be super helpful:
1. OWASP-top 10 track on Hackthebox
2. Akvera fortress from hackthebox
3. Look also at boxes like
[BountyHunter](https://app.hackthebox.com/machines/BountyHunter) - **done**
[Horizontall](https://app.hackthebox.com/machines/Horizontall) - **done** to user
[Academy](https://app.hackthebox.com/machines/Academy) - **done**
[Meta](https://app.hackthebox.com/machines/Meta)
[Forge](https://app.hackthebox.com/machines/Forge) - **done user flag**
[Nineveh](https://app.hackthebox.com/machines/54) - **done**
more machines metioned:\
backdoor - WP\
apocalyst - WP\
tenet - WP\
~~Steamcloud~~\
~~Ransom~~\
1. Have a look at the labs on [portswigger](https://portswigger.net/web-security/all-labs) web academy.
HTML Character encoding\
