Skip to content
/ Ultimate-CPTS-Walkthrough Public
forked from xiyusec/Ultimate-CPTS-Walkthrough

All key information of each module and more of Hackthebox Academy CPTS job role path. Solutions and walkthroughs for each question and each skills assessment.

0 stars 31 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

shironigun/Ultimate-CPTS-Walkthrough

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

98 Commits
HTB-Academy
HTB-Academy
 
 
HTB-Machines
HTB-Machines
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

Ultimate-CPTS-Walkthrough

This repository will encompass all Hack The Box Academy modules of "Certified Penetration Testing Specialist" job role path. Here you will find everything that will help you to ace your CPTS exam, including all walkthroughs of all modules, all skills assessments, as well as some tips and most useful commands and techniques which I use myself. Although the HTB CPTS job role path consists of 28 modules, but I also included some additional ones, which in my opinion will help to get better understanding of the whole process and cover all topics. Here is what a layout of modules looks like, divided into phases of a real penetration test:

Introduction & General Knowledge:

  1. Penetration Testing Process
  2. Getting Started
  3. Introduction to Networking
  4. Linux Fundamentals
  5. Windows Fundamentals
  6. Introduction to Windows CLI
  7. Introduction to Active Directory
  8. Introduction to Web Applications
  9. Web Requests

Reconnaissance, Enumeration & Attack Planning

  1. Network Enumeration with NMAP
  2. Footprinting
  3. Information Gathering - Web Addition
  4. Vulnerability Assessment
  5. File Transfers
  6. Shells & Payloads
  7. Using the Metasploit Framework

Exploitation & Lateral Movement

  1. Password Attacks
  2. Attacking Common Services
  3. Pivoting, Tunneling, and Port Forwarding
  4. Active Directory Enumeration & Attacks

Web Exploitation

  1. Using Web Proxies
  2. Attacking Web Applications with Ffuf
  3. Login Brute Forcing
  4. SQL Injection Fundamentals
  5. SQLMap Essentials
  6. Cross-Site Scripting (XSS)
  7. File Inclusion
  8. File Upload Attacks
  9. Command Injections
  10. Web Attacks
  11. Attacking Common Applications

Post-Exploitation

  1. Linux Privilege Escalation
  2. Windows Privilege Escalation

Reporting & Capstone

  1. Documentation & Reporting
  2. Attacking Enterprise Networks

This path can be adjusted according to your level of knowledge and previous experience. If you are a complete beginner, I think that this path is just for you. If you are an advanced specialist, you can skip some introduction modules where necessary. Also, if you conduct a black box pentest, then you can swap Exploitation & Lateral Movement and Web Attacks modules, as in black box pentest you only have some IP addresses, domains and usually you start by testing web application and exploiting vulnerabilities there, which then, will give you access to the internal part (Active Directory as an example)

About

All key information of each module and more of Hackthebox Academy CPTS job role path. Solutions and walkthroughs for each question and each skills assessment.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published