CBBH

HTB's Certified Bug Bounty Hunter Certification. There's modules that overlap with CPTS

Cost = 1410 cubes

Exam:

attack multiple websites write report + submit 10 flags = 100 points 85/100 to pass (so +- 8 or 9 flags) admin access or RCE

1. Multiple ways to get in, don't stay stuck for too long

2. use HTB's Academy's search feature

3. schedule a start time which gives you plenty on uninterrupted time

4. Take screenshots and write down as you go to save time on report writing

Preparing for CBBH the exam

After completing the training path, it’s essential to practice and apply one's knowledge on real-world scenarios. One of the best ways to do this is by utilizing HTB's Academy X HTB labs feature, which offers a wide range of labs to test your skills. One cal also take on web security challenges from PortSwigger’s Web Academy to further hone your skills and solidify your understanding of web security concepts. Challenges which might be super helpful:

1. OWASP-top 10 track on Hackthebox https://app.hackthebox.com/tracks/OWASP-Top-10

2. Akvera fortress from hackthebox https://app.hackthebox.com/fortresses/2

3. Look also at boxes like

BountyHunter - done

Horizontall - done to user

Academy - done

Meta

Forge - done user flag

Nineveh - done

more machines metioned: backdoor - WP apocalyst - WP tenet - WP Steamcloud Ransom

1. Have a look at the labs on portswigger web academy.

HTML Character encoding https://www.w3schools.com/tags/ref_urlencode.ASP