Great vid brother. That's my goal in the next 2-3 months. Since I will be doing mostly 2-3 hours /daily, nothing more, since I'm a bit limited in time. and I also want to take twice as much time to learn everything thoroughly.
Just what I was looking for, seems worth taking at that price point and course content. Thanks for going in depth, answered everything one would need to know.
About the flag system, is it figurativly or actually .Will I actually find a string that I would submit and get the points? Or when i get to the admin or rce then this is considered a flag ? Another thing is Previelege Escalation, typically in htb machine you find a vuln in the website that leads to low level shell (rce ) then you use privilege escalation techniques like using linpeas to achieve root privileges . Is this the case in the cbbh exam so I can go and practice on the Priv Esc techniques ?
Probably a dumb question, but If I choose to run parrot/kali as my main OS, can I write my reports on them? I've used them in the past as main OS but never written a report. Also thanks for always taking the time to view/answer comments!
Hello. Thank you for the video. If you get the Platinum subscription for two months, you'll have cubes left over. I think it's 920 left over after they refund some. What do you recommend using them on after this cert?
Thank you for the detailed guide! So in this case it would make more sense to do the CBBH instead of the CPTS due to more modules being included in the CBBH, correct? Or are there other modules inside the CPTS which are not included in the CBBH? If so i need to check out your video on that :D
Thank you for the video. I have done a bit of programming long time back but can't remember much now. Do i need to know programming for this exam? If yes, to what extent and what lanaguages
@@bmdyy I guess that the 60 points part of OSCP for example, remains to be almost the same. As for OSCE and the others I don't really know as I'm not into them yet :)
would you say this was easier or harder than BSCP? and which one would you do first? it seems to me that logistics wise this one is way easier (no need to get 100%, personalized feedback, longer period-- 7 days instead of 4 hours).
In my opinion, BSCP was easier by far. It does cover some attacks that CBBH does not though. The amount of stuff you need to check in CBBH is just more
I'm wondering how the scoring works for exam, so it says the passing score is 85, but a report is also required. Can you get the 85 points and still fail based on the report?
I would say the main difference is that OSWE is white-box and CBBH is black-box. Apart from that, OSWE focuses heavily on (Python) exploit development.
Great vid brother. That's my goal in the next 2-3 months. Since I will be doing mostly 2-3 hours /daily, nothing more, since I'm a bit limited in time. and I also want to take twice as much time to learn everything thoroughly.
Just what I was looking for, seems worth taking at that price point and course content.
Thanks for going in depth, answered everything one would need to know.
Would love to see a video start to finish about your methodology for attacking web applications.
Thank you for the review; it was detailed and concise. I'm looking forward to taking the CBBH soon.
Great tips , I used Notion to take notes about commands or screenshots .
Damnnn brooo!!! That's a wall of death behind you man! Kudos!
thanks for the vids, actually what we are looking for atm at my workplace.. i forwarded it to my colleagues who are responsible for that 👍🏻
About the flag system, is it figurativly or actually .Will I actually find a string that I would submit and get the points? Or when i get to the admin or rce then this is considered a flag ?
Another thing is Previelege Escalation, typically in htb machine you find a vuln in the website that leads to low level shell (rce ) then you use privilege escalation techniques like using linpeas to achieve root privileges . Is this the case in the cbbh exam so I can go and practice on the Priv Esc techniques ?
Probably a dumb question, but If I choose to run parrot/kali as my main OS, can I write my reports on them? I've used them in the past as main OS but never written a report. Also thanks for always taking the time to view/answer comments!
I used Kali as my host OS during the exam just fine. Wrote the report in Libreoffice
@@bmdyy Thanks a lot! :)
Hello. Thank you for the video. If you get the Platinum subscription for two months, you'll have cubes left over. I think it's 920 left over after they refund some. What do you recommend using them on after this cert?
Thank you for the detailed guide! So in this case it would make more sense to do the CBBH instead of the CPTS due to more modules being included in the CBBH, correct? Or are there other modules inside the CPTS which are not included in the CBBH? If so i need to check out your video on that :D
Great review, thanks.
Geat video man! Just a question, the content of the course is good enough to start doing bug bounty?
Congrats! I want that cert in the future
Useful, thanks :)
Thank you for the video. I have done a bit of programming long time back but can't remember much now. Do i need to know programming for this exam? If yes, to what extent and what lanaguages
Thank you so much for this.
Could you do a video on AV evasion???
Please start a hacking bootcamp/tutorials on your channel.
Hello, will you do this kind of video for the OSCP, OSCE, in general offsec certs?
Possibly, although it's been longer since I've done those certs (~1-2 years) so my information could be outdated
@@bmdyy I guess that the 60 points part of OSCP for example, remains to be almost the same.
As for OSCE and the others I don't really know as I'm not into them yet :)
Does it have that sense of ctf style that most of htb boxes have? Or is it more realistic? Is it compare with real world bug bounty?
The exam didn't feel too "ctf-y" in my opinion, and the techniques learned here can certainly be applied to real world bug bounty
@@bmdyy Great thanks!
Thanks bro!
Completing the CBBH Path good enough to pass the exam or would you recommend studying extra in other areas?
Do the modules have videos or do we have to read through everything?
hey i just joined a red team firm i wanted to get a stronger grip on web apps and improve my knowledge will this course modules help me ?
I ended up getting the student sub. Should I do this first before the CPTS?
I don't think the order you do them in matters all too much. I took CBBH first because it came out first.
Cpts vs pnpt what is the best?
Does the training give you all the Knowledge needed to pass?
would you say this was easier or harder than BSCP? and which one would you do first? it seems to me that logistics wise this one is way easier (no need to get 100%, personalized feedback, longer period-- 7 days instead of 4 hours).
In my opinion, BSCP was easier by far. It does cover some attacks that CBBH does not though. The amount of stuff you need to check in CBBH is just more
@@bmdyywhat about ewptxv2? Easier or harder than cbbh? Thank you!
I'm wondering how the scoring works for exam, so it says the passing score is 85, but a report is also required. Can you get the 85 points and still fail based on the report?
Theoretically yes, but I think it would have to be a pretty bad report to fail like that
Does anyone know if the modules are still accessible months after successfully completing them?
full completed modules will always be accessible
Would you say this is a good exam to get for AppSec engineers?
It certainly wouldn't hurt, it is a course focused on attacking though
Will your nosql module be added to the cbbh?
It won't be added to the CBBH
This sounds similar to the OSWE. Would CBBH be a comparable certification or not really?
I would say the main difference is that OSWE is white-box and CBBH is black-box. Apart from that, OSWE focuses heavily on (Python) exploit development.
@@bmdyy Maybe more similar to the OSWA (WEB-200)?
Would CBBH or CPTS be too difficult for a beginner to pass in 3-4 months?
yes
bosule esti tare
Why does it say u have unlimited cubits on hackthebox?
he has authored a coupled of modules on hackthebox academy. they probably just gave him unlimited.