John's skillset is both broad and deep. There is nothing to be afraid of regarding the exam. It simulates real-world situations and some critical thinking is, of course, required. Just don't try it while moving places/driving across the country, like John did etc. 😋
I failed my first attempt with 20 points. Passed second with 100 points. I made the same mistake of taking time for granted and thinking it was going to be a walk in the park in my first attempt. The second attempt I pretty much took a week off of work and dedicated the entire time to the exam. And even then I submitted the report with 4 hours to spare. The exam is hard. The report is EXTRA hard. But at the end of the day it’s been the best exam I’ve ever taken. I truly felt accomplished passing the CPTS.
@@peternavarroiii3944 Yeah if you don’t have kids it might be doable. After work if you dedicate about 6 hours to the exam every day. Or if you’re like bmdyy and are already an expert in the field you might not need to take time off. But I’m a SysAd, so it was a bit harder for me. You could attempt the exam on a Friday. That way you have 4 full days (Saturday and Sunday) of test time
@@rodnet2703 Oh I see, yea I'm an IT systems analyst so this be pretty difficult for me as well. Now that you mention it I am expecting my first newborn in the next two months lol so maybe I should take the course but hold off on the exam for a few months and just study and wait when it's the right time.
@@peternavarroiii3944 Newborns are really hard. It’s time consuming work. You won’t have a lot of sleep for the first 6 months. Maybe more. I’m not sure I would recommend the exam during that time. The exam is really stressful. You could be stuck for days in the exam trying to figure out the next step. It’s not like OSCP where if you’re stuck you can rotate to another machine. In CPTS if you’re stuck you figure it out or fail.
10:57 Of course their certificates never expire. For two reasons: 1. The training paths are continuously assessing attitudes. 2. The knowledge foundation is solid. Man, I absolutely LOVE things well made! 🤓🥰
You've taught me more about pentesting and programming in a short amount of time than I've learned ever before, mainly just by making it interesting. So, regardless of the experience you have, the way you present your content makes it enjoyable to learn things that otherwise can be hard to focus on.
Took me 2 attempts before I passed on my third. It was a great experience and really enjoyed how the exam was set up. Having taken OSCP previously and passed that exam, I felt personally this was a step up in both contents and in the report writing elements. Would love to see more exams of this calibre.
@@NahImPro haha I mean the oscp is 24 hours and this is 10 days so that makes sense. It'd be wild if this was easier AND they gave you 10x the time to do it
@@thehundaltech OSCP feels tough because of the added time pressure (24 hours), in my experience. It's also a different exam experience, the exam machines are all independent with the exception of the AD set. With CPTS, it does simulate a real-world network and does a really good job of testing you on the course modules. I think the 10 days is a good time period for this, emulates what you would expect in a real-world pen test (I'm not a pen tester - so correct me if I'm wrong!), and gives you downtime to recharge your brain and plan your next move. I follow John and Ippsec and from their channels, I've learnt a lot from them and this is what pushed me towards this exam, and no one should be disheartened from attempting it. Outside circumstances can factor in (my 2nd attempt was foolishly taken over Christmas week) but the hard work will pay off.
Thanks John for the great review, and for the great video as always 😄 I would add that it is important to remember that even though the exam is very challenging, the path absolutely prepares you for it and is the only resource needed to pass the exam. Many also don't know about the "Information Security Foundations" path, which contains 12 introductory modules completely free of charge. This path is meant for absolute beginners in the InfoSec field, such that anyone can start pursuing CPTS regardless of their current level, and can complete many modules without paying a penny 🔥 Good luck everyone!
Damn, this video got me pumped to do CPTS... and I've already done it 😂 As you said it's a great course + exam but not easy. Then again, anybody familiar with HTB probably doesn't associate it with the word "easy". Hopefully you do the exam again and if so, good luck! 🤞
How much do you need to know about pen testing to attempt the CPTS. I'm pretty much a complete beginner and am just doing the basic HTB boxes. I'm obviously not thinking about it yet, but wonder how good do you need to be to even sort of understand whats going on. Thanks to anyone that replies lol
This is a great review. I'm glad I saw this. I currently just started the academy since its really the cheaper version of the modified OSCP course. So far they've really been hard on on two things and thats documentation and information gathering not only externally but internally as well. It seems as if they want to train students to really have that attention to detail when searching for vulnerabilities inside the network. Its everything you've been saying, its a lot of reading so anyone thinking about doing it - take good notes.
This made me confident. I'm currently a beginner practically but theory wise I'm okay. So after watching John's review about CPTS I'm definitely gonna practice harder to take this medal. Even tho I haven't took this cert yet but still I want to point that whatever the case maybe, whether it's CPTS, OSCP, eCPPT, PNPT or any other cert, they are not just HARD. They just want you to try your best on fundamentals because every advance thing is just basically the mixture of different fundamentals.
Thanks for sharing your experience. Seeing the people we look up to fail occasionally makes us feel much better about our own setbacks. I'm surprised that the first OSCE3 holder doesn't consider themselves a pentester though.
Jk🤣🤣🤣 I have some issue where the most dickish thing to say is the first thing that comes to mind. I do agree with you and have struggled with imposter syndrome for years...but I really am kinda faking it 😂
@@tinoparsons3391 The exam window does not begin until you redeem the exam voucher. So you are free to complete the course at your own pace essentially.
I just got started with the HTB Academy and must say that when it comes to Penetration Testing, I'm still at the beginning. Yet, my goal is to take the exam in one year. I know its gonna be quite a hard road, but I think if you really want it, its possible! Thanks John for another awesome video - I already learned alot from your THM walkthroughs!
I saw an interview with Naham or Chuck or something years ago with John, and I remember thinking that John Hammond needed a bit of upgrading on his youtuber voice.... years later, this dude is killing it
Hey John! Try to give it a try to the CBBH too. It will be amazing to have a review for that one. I guess both HTB certs have an amazing intermediate level. And I hope that the industry will give them the recognition they deserve as some other certs that are out there.
Would have been nice if you compared it to other entry/intermediate level certs in the same space like OSEP/OSCP/eJPT or others. Feels more like an ad read on a podcast personally.
And here I am shitting myself for my CompTIA Security + exam on Friday! Pentesting is where I want to end up, one day..... Thanks for the run through! :)
@@tinoparsons3391 I some how managed to pass.... I used Prof Messer on here, Jason Dion test exams on Udemy and the r/compTIA reddit are all brilliant places to get started :) good luck with your adventure.
I'm currently going through it and streaming my progress. I have taken the cheatsheet and made additions and notes to it for my personal use. But the course is great.
not sure if im glad i watched this or not, i just started the training for CPTS yesterday but knowing you failed when i also know you are way better at hacking than me isnt great for the confidence :p, there are some good sounding tips in there and the main thing is i need to make sure i have absolutely nothing else to do in those 10 days when i get up to trying the exam
I don’t know how he would compare it, but I have heard many say in TH-cam reviews, and on the hackthebox discord that they consider the CPTS significantly harder than the OSCP. I also believe that John would say the same based off of this video. I plan on taking both this year, so I will see first-hand soon
I haven't taken the "new" OSCP that includes Active Directory but I do live with and work with people who have taken the new one -- CPTS is certainly harder than the OSCP that I took in 2018, and I would have a hunch that is still more difficult than the "new" OSCP.
You did great John to make it that far, I know you are going to pass one-day, I want to learn more before I go and take the exam - I at the moment am way under-skilled I am just one of those kids who looks through the school computer for vulnerabilities (So that when I leave the school I can tell them things that they might be able to fix to make them more secure haha.) But You did well anyway John - Maybe next time don't move during it haha.
I'm a third of the way through the course and I'm hoping to take the exam by the end of May. I'm working full time as Service Desk Level 2 tech, so there's not much time for studying. From what I've seen so far in the material, it's definitely intermediate level. I went through Try Hack Me's ethical hacking course and it's not even close. This is far more thorough than anything else I've seen. I went through the free version of INE's penetration testing course and it didn't prepare me for that exam at all and I failed it twice. I don't think I'll take it again until I pass Hack the Box' penetration testing exam. I'm sure I'll find it to be much easier once I do take it again. Hack the Box really is the best way in my view to get hands on with learning this material.
Wow, if it's hard for you, with all the certs that you got, including the triple offsec, I can't even imagine what kind of hell this is. I wish so hard to get it some day, I'm trying so hard, but time is my biggest enemy..
Having CPTS to a beginner is such a blessing! People have to understand just how amazing opportunity this is for newcommers to learn and get certified in a non-predatory (offensive...*cough*) way
Well, I'm hooked! Complete noob so gonna have to study a lot of basic stuff before I try this out, but super motivated! Do HTB offer any similar certs or was this the first?
Why do they say certified Pentester if you’re not certified ? But you received a certificate ? Bc it’s only their certificate right it’s not and industry cert?
I'm 50% through the pentest path on academy and am aiming to do the CPTS within the next month or two. I'm glad you made this cause now I know I need to concentrate a little more on learning proper report writing techniques. Have you done Dante or any other prolabs? How does the CPTS environment compare?
Yes, thats what i've heard from people that have taken both on youtube reviews and the hackthebox discord. CPTS is harder and covers everything from OSCP and more except for the buffer overflow. However buffer overflow is just an optional attack vector on one of the OSCP machines nowadays, and there is a binary exploitation skill path on hackthebox academy although it is not part of the CPTS learning path.
I just did one of the starting point aws boxes and wanted to die so it's good to know that feeling never goes away lmao. I will be working hard towards this cert in the coming years.
Thanks John, appreciate the honesty... Its still outa my reach to do this at the monent.. I need to work more thru HTB alot before I even delve into thinking abotu the exam.
@@cyberneurovirus2500 Completely different? Maybe I'm missing something, but both PNPT and CPTS exams give you multiple days to crack the perimeter and gain an initial foothold, then pivot through multiple machines on the network evading AV and other security mechanisms, and finally compromise the DC and achieve persistence. Both also require you to write a report and do a live debrief where you have to explain your findings. To me it sounds they are pretty comparable. Maybe CPTS covers a bit more, but I'm not sure how much more.
@@RandomlyDrumming when I speak about CPTS being similar or not to PNPT I mean everything. From modules and subjects quality to exam report. I tried both and I can say CPTS is worthy than PNPT if you want to learn more and better. Just my opinion. You can have infinite ways to break in an internal network from external, but it does not mean that one cert is comparable to the other.
I am a total noob, but all my life I have written reports. In my opinion, it’s less about the actual format, and more about the things it must include. The report is the culmination of the pentesting process. Why does a cyber specialist even do this test? Ultimately, it’s for the respective organisation to become aware of their systems’ vulnerabilities and to address them. Therefore, I believe that the report must contain: - The explicit purpose of the test (the *what for*) - The explicit remit of the tester and limits of what is tested (the *what*) - The method(s) of testing (the *how*) - The findings (what are the *vulnerabilities* and what are the *foreseeable consequences of leaving the risks not mitigated* to the maximum possible extent, from economic- financial, legal, and reputation perspectives) - The recommendations for remedial actions. Write the report as you would explain to your former self before learning anything about cyber thingies. Include links to trusted sources (Mitre Att&ck, legislation, publicly available reports of lessons more or less learnt following breaches, models of good practice) to support your analysis and help them learn more (which is both highly preventative and respectful to them). As you can tell, I already know everything (my modesty is proverbial amongst those who know me 🧐) but yeah, ok, any thoughts would be greatly appreciated (seriously).
Can I start this certification as my first pentest certification? I have definitely studied some courses such as security+ and eJPT but didn’t take any exam yet. Now I am studying hack the box pentesting path but now you made me rethink about it.
Hi @fahdalawsi2172, I'm starting right now, I'm very interested in knowing how it went, I don't have experience in pentesting either but I really want to achieve it
Hi, I'm asking for advice here. I'm following this course in hope to move from appsec Engineer to junior pentester. Do you think this course is appropriate ? And why? I'd love feedback from experienced pentester who have done this cert and know what is required for a junior pentester (in Europe).
Super interesting. This seems like a serious step up from OSCP. I'm pretty much halfway through the modules and it's a big brick to go through, text-wise
Effective angle they took eluding to the intensity of the exam through public figures; I'm compelled to do this and my career has nothing to do with cyber security.
John's skillset is both broad and deep. There is nothing to be afraid of regarding the exam. It simulates real-world situations and some critical thinking is, of course, required. Just don't try it while moving places/driving across the country, like John did etc. 😋
I failed my first attempt with 20 points. Passed second with 100 points.
I made the same mistake of taking time for granted and thinking it was going to be a walk in the park in my first attempt.
The second attempt I pretty much took a week off of work and dedicated the entire time to the exam. And even then I submitted the report with 4 hours to spare.
The exam is hard. The report is EXTRA hard. But at the end of the day it’s been the best exam I’ve ever taken. I truly felt accomplished passing the CPTS.
Could this be done not having to take any time off of work? I'm sure that's why they are giving 10 days.
@@peternavarroiii3944 Yeah if you don’t have kids it might be doable. After work if you dedicate about 6 hours to the exam every day. Or if you’re like bmdyy and are already an expert in the field you might not need to take time off. But I’m a SysAd, so it was a bit harder for me.
You could attempt the exam on a Friday. That way you have 4 full days (Saturday and Sunday) of test time
@@rodnet2703 Oh I see, yea I'm an IT systems analyst so this be pretty difficult for me as well. Now that you mention it I am expecting my first newborn in the next two months lol so maybe I should take the course but hold off on the exam for a few months and just study and wait when it's the right time.
@@peternavarroiii3944 Newborns are really hard. It’s time consuming work. You won’t have a lot of sleep for the first 6 months. Maybe more. I’m not sure I would recommend the exam during that time.
The exam is really stressful. You could be stuck for days in the exam trying to figure out the next step. It’s not like OSCP where if you’re stuck you can rotate to another machine. In CPTS if you’re stuck you figure it out or fail.
@@rodnet2703 thanks for the advice. This is my first newborn so I don’t know what to expect.
10:57 Of course their certificates never expire. For two reasons:
1. The training paths are continuously assessing attitudes.
2. The knowledge foundation is solid.
Man, I absolutely LOVE things well made! 🤓🥰
You've taught me more about pentesting and programming in a short amount of time than I've learned ever before, mainly just by making it interesting. So, regardless of the experience you have, the way you present your content makes it enjoyable to learn things that otherwise can be hard to focus on.
I appreciate so much the honestity on stating that this is a promotional video. And I'm happy you are back on youtube, doing what we love to see :)
Took me 2 attempts before I passed on my third. It was a great experience and really enjoyed how the exam was set up. Having taken OSCP previously and passed that exam, I felt personally this was a step up in both contents and in the report writing elements. Would love to see more exams of this calibre.
Is it even tougher than OSCP?
Wow this is wild a step up from OSCP?
@@NahImPro haha I mean the oscp is 24 hours and this is 10 days so that makes sense. It'd be wild if this was easier AND they gave you 10x the time to do it
@@thehundaltech OSCP feels tough because of the added time pressure (24 hours), in my experience. It's also a different exam experience, the exam machines are all independent with the exception of the AD set.
With CPTS, it does simulate a real-world network and does a really good job of testing you on the course modules. I think the 10 days is a good time period for this, emulates what you would expect in a real-world pen test (I'm not a pen tester - so correct me if I'm wrong!), and gives you downtime to recharge your brain and plan your next move.
I follow John and Ippsec and from their channels, I've learnt a lot from them and this is what pushed me towards this exam, and no one should be disheartened from attempting it. Outside circumstances can factor in (my 2nd attempt was foolishly taken over Christmas week) but the hard work will pay off.
Thanks John for the great review, and for the great video as always 😄
I would add that it is important to remember that even though the exam is very challenging, the path absolutely prepares you for it and is the only resource needed to pass the exam.
Many also don't know about the "Information Security Foundations" path, which contains 12 introductory modules completely free of charge.
This path is meant for absolute beginners in the InfoSec field, such that anyone can start pursuing CPTS regardless of their current level, and can complete many modules without paying a penny 🔥
Good luck everyone!
thank you I didnt know about the free version 🙂
Damn, this video got me pumped to do CPTS... and I've already done it 😂
As you said it's a great course + exam but not easy. Then again, anybody familiar with HTB probably doesn't associate it with the word "easy".
Hopefully you do the exam again and if so, good luck! 🤞
I can 100% relate, easy in HTB does not mean easy (required to be seasoned as a beginner)
How much do you need to know about pen testing to attempt the CPTS. I'm pretty much a complete beginner and am just doing the basic HTB boxes. I'm obviously not thinking about it yet, but wonder how good do you need to be to even sort of understand whats going on. Thanks to anyone that replies lol
@@scoopethey bro. How is your HTB journey going?
This is a great review. I'm glad I saw this. I currently just started the academy since its really the cheaper version of the modified OSCP course. So far they've really been hard on on two things and thats documentation and information gathering not only externally but internally as well. It seems as if they want to train students to really have that attention to detail when searching for vulnerabilities inside the network. Its everything you've been saying, its a lot of reading so anyone thinking about doing it - take good notes.
This made me confident. I'm currently a beginner practically but theory wise I'm okay. So after watching John's review about CPTS I'm definitely gonna practice harder to take this medal.
Even tho I haven't took this cert yet but still I want to point that whatever the case maybe, whether it's CPTS, OSCP, eCPPT, PNPT or any other cert, they are not just HARD. They just want you to try your best on fundamentals because every advance thing is just basically the mixture of different fundamentals.
Thanks for sharing your experience. Seeing the people we look up to fail occasionally makes us feel much better about our own setbacks. I'm surprised that the first OSCE3 holder doesn't consider themselves a pentester though.
Wait, John's the first OSCE3 holder? How do you know that?
@@AUBCodeII was here to ask the same question?
That's a hell of achievement if it's true
Pick better people to look up too
Jk🤣🤣🤣 I have some issue where the most dickish thing to say is the first thing that comes to mind. I do agree with you and have struggled with imposter syndrome for years...but I really am kinda faking it 😂
@@AUBCodeII he has a video where he got an email from the CEO of offensive security stating that he was the first
I’m about 15% done with the CPTS course content and this motivates me to keep going! Not looking forward to the report writing at all though lol
From the time you buy the course did they force an exam date on you or was it for whenever you done with all the material?
@@tinoparsons3391 The exam window does not begin until you redeem the exam voucher. So you are free to complete the course at your own pace essentially.
@@tinoparsons3391 there is no time limit to take the exam. you can learn as long as you want :)
Hope you got it
Lots of respect for you man! Keep it up!
I just got started with the HTB Academy and must say that when it comes to Penetration Testing, I'm still at the beginning. Yet, my goal is to take the exam in one year. I know its gonna be quite a hard road, but I think if you really want it, its possible!
Thanks John for another awesome video - I already learned alot from your THM walkthroughs!
Can I add you on HTB? ( if yes my name is already on my profile)
Did you take the exam?
Omg I’m going through the material now, about 1/3 through, and now I’m both motivated and nervous. Let’s gooo
hows u doin now?
How was your exam?
I know I’m no where near ready but you have me so excited 🙌🏾
As a beginner, I hope to one day watch this video and understand more than 10% of the words you said.
I was literally you 3 years ago.
@@romanxyz7248how are you now
@@0xhhhhff Sorry for late reply. I am currently a CRTO and eJPT v.1 holder. I am also currently studying everyday to improve me more and more.
@@romanxyz7248 epic. Got any CVEs? Or jobs? Where do you fall on the job market
The fact that you can estimate that you don’t know 90% of the information is an invaluable skill.
Hey, you are still leaps and bounds better than me and who knows whom else. So major props!
I saw an interview with Naham or Chuck or something years ago with John, and I remember thinking that John Hammond needed a bit of upgrading on his youtuber voice.... years later, this dude is killing it
When People Click Enter EXAM in CPTS
I love this comment
Hey John! Try to give it a try to the CBBH too. It will be amazing to have a review for that one. I guess both HTB certs have an amazing intermediate level. And I hope that the industry will give them the recognition they deserve as some other certs that are out there.
John! You were the chosen one!!! I failed the CBBH. I'm going to take it over. Good video!!!!
INTENSE! Never seen John this flustered.
Thanks for sharing your open and honest experience
Yes, you inspired me and gave a good ideas for my future path of learning... :) Thanks a lot, have a great day!
Excellent, positive attitude! I envy you the adventure upon which you’ve embarked! Continued success!
Can you please make a comparison video between it and the OSCP?
Would have been nice if you compared it to other entry/intermediate level certs in the same space like OSEP/OSCP/eJPT or others. Feels more like an ad read on a podcast personally.
Cryptocat did a pretty good review on this exam if you'd like to check it out. He compares it to other exams and goes into a bit more detail
@@moezrr8046 Thanks! I will check that out.
HTB always will be the medecine of our ego as hackers.
And here I am shitting myself for my CompTIA Security + exam on Friday! Pentesting is where I want to end up, one day..... Thanks for the run through! :)
I wanna take the security + too do you have any online sources to study from ?
@@tinoparsons3391 I some how managed to pass.... I used Prof Messer on here, Jason Dion test exams on Udemy and the r/compTIA reddit are all brilliant places to get started :) good luck with your adventure.
it feels illegal to be this early, you make great content btw
Friggin' AWESOME review!
I'm currently going through it and streaming my progress. I have taken the cheatsheet and made additions and notes to it for my personal use. But the course is great.
Can I get your contact?
@@syntaxastral you can reach me through dms
@@jolt06 you have discord?
@@syntaxastral I don't
Every now and then I go to listen to other channels but maaan they don’t explain shit like u do
So thanks!! 🖖🏾
I like the honesty!!
not sure if im glad i watched this or not, i just started the training for CPTS yesterday but knowing you failed when i also know you are way better at hacking than me isnt great for the confidence :p, there are some good sounding tips in there and the main thing is i need to make sure i have absolutely nothing else to do in those 10 days when i get up to trying the exam
Keep the faith 🦾
Its next on my exam list...Got my CCNA first tho.. just gives the cert more credibility I think retake next john?
Thanks for the honest review appreciate your great content \o/
Mission failed, we'll get em next time
You can do it . Go for it again with more preparation
How would you compare this to the OSCP?
I don’t know how he would compare it, but I have heard many say in TH-cam reviews, and on the hackthebox discord that they consider the CPTS significantly harder than the OSCP. I also believe that John would say the same based off of this video. I plan on taking both this year, so I will see first-hand soon
I haven't taken the "new" OSCP that includes Active Directory but I do live with and work with people who have taken the new one -- CPTS is certainly harder than the OSCP that I took in 2018, and I would have a hunch that is still more difficult than the "new" OSCP.
You did great John to make it that far, I know you are going to pass one-day, I want to learn more before I go and take the exam - I at the moment am way under-skilled I am just one of those kids who looks through the school computer for vulnerabilities (So that when I leave the school I can tell them things that they might be able to fix to make them more secure haha.)
But You did well anyway John - Maybe next time don't move during it haha.
This sounds pretty cool. How does one practice on writing up a report if you have never done one before?
I'm a third of the way through the course and I'm hoping to take the exam by the end of May. I'm working full time as Service Desk Level 2 tech, so there's not much time for studying. From what I've seen so far in the material, it's definitely intermediate level. I went through Try Hack Me's ethical hacking course and it's not even close. This is far more thorough than anything else I've seen. I went through the free version of INE's penetration testing course and it didn't prepare me for that exam at all and I failed it twice. I don't think I'll take it again until I pass Hack the Box' penetration testing exam. I'm sure I'll find it to be much easier once I do take it again. Hack the Box really is the best way in my view to get hands on with learning this material.
Wow, if it's hard for you, with all the certs that you got, including the triple offsec, I can't even imagine what kind of hell this is.
I wish so hard to get it some day, I'm trying so hard, but time is my biggest enemy..
Having CPTS to a beginner is such a blessing! People have to understand just how amazing opportunity this is for newcommers to learn and get certified in a non-predatory (offensive...*cough*) way
Well, I'm hooked! Complete noob so gonna have to study a lot of basic stuff before I try this out, but super motivated! Do HTB offer any similar certs or was this the first?
It's time to go for the CPTS 🎉
Why do they say certified Pentester if you’re not certified ? But you received a certificate ? Bc it’s only their certificate right it’s not and industry cert?
I'm 50% through the pentest path on academy and am aiming to do the CPTS within the next month or two. I'm glad you made this cause now I know I need to concentrate a little more on learning proper report writing techniques.
Have you done Dante or any other prolabs? How does the CPTS environment compare?
Waaaaay ahead of where I currently am but sounds like something to aim for!
Awesome Video !!!
Alright, Time to try this exam, so I can make a click-bait video called "I'm a better hacker than John Hammond" :P
Is it even tougher than OSCP?
from what i've heard, yes.
In my opinion, yes
Please do review of the defence one from htb
Thank you!!
sounds like the OSEP for 10 days?
Let's get a full retry review when ur not driving X country lol . Kudos for stepping to the plate under the conditions you chose tho!! 👊👊
Would anyone say that passing the CPTS means passing the OSCP too?
Yes, thats what i've heard from people that have taken both on youtube reviews and the hackthebox discord. CPTS is harder and covers everything from OSCP and more except for the buffer overflow. However buffer overflow is just an optional attack vector on one of the OSCP machines nowadays, and there is a binary exploitation skill path on hackthebox academy although it is not part of the CPTS learning path.
I just did one of the starting point aws boxes and wanted to die so it's good to know that feeling never goes away lmao. I will be working hard towards this cert in the coming years.
What was the most hardest Certification?
Thanks for video. Do you recommend to do a prolabs like Dante before exam ?
Yes
After passing, what salary expectations and title equivalent?
When the sage tells you to "sit your a$$ down" to write the exam, you do just that
Thanks John, appreciate the honesty... Its still outa my reach to do this at the monent.. I need to work more thru HTB alot before I even delve into thinking abotu the exam.
Can I add you on HTB? ( if yes my name is already on my profile)
How well does the course prepare you for the actual test.
Hi John, I was wondering what is your opinion in regards to how comparable in terms of difficulty CPTS is to PNPT, since they are very similar?
They are completely different. PNPT is not bad but is not comparable. TCM Security is not HackTheBox, regardless of who it may concern.
@@cyberneurovirus2500 Completely different? Maybe I'm missing something, but both PNPT and CPTS exams give you multiple days to crack the perimeter and gain an initial foothold, then pivot through multiple machines on the network evading AV and other security mechanisms, and finally compromise the DC and achieve persistence. Both also require you to write a report and do a live debrief where you have to explain your findings. To me it sounds they are pretty comparable. Maybe CPTS covers a bit more, but I'm not sure how much more.
@@RandomlyDrumming when I speak about CPTS being similar or not to PNPT I mean everything. From modules and subjects quality to exam report. I tried both and I can say CPTS is worthy than PNPT if you want to learn more and better. Just my opinion. You can have infinite ways to break in an internal network from external, but it does not mean that one cert is comparable to the other.
Needless to say the size of the CPTS lab and the PNPT one
@@cyberneurovirus2500 OK, I understand now what you mean. Thanks.🍺
you are the best keep going
@_JohnHammond if you would have to compare it with let's say OSCP? Is the content similar? Does it have same 'credibility'? etc.
I also failed 💀
hey there, when did you take the exam?
❤️🦾
New goal!!!!
Is there a place to be able to freely read a professional report ?
Ask to a professional for an example
@@PenTest3r I wish...
But I don't know the place or the people..
So...
Back to the main question..
I am a total noob, but all my life I have written reports. In my opinion, it’s less about the actual format, and more about the things it must include.
The report is the culmination of the pentesting process. Why does a cyber specialist even do this test? Ultimately, it’s for the respective organisation to become aware of their systems’ vulnerabilities and to address them.
Therefore, I believe that the report must contain:
- The explicit purpose of the test (the *what for*)
- The explicit remit of the tester and limits of what is tested (the *what*)
- The method(s) of testing (the *how*)
- The findings (what are the *vulnerabilities* and what are the *foreseeable consequences of leaving the risks not mitigated* to the maximum possible extent, from economic- financial, legal, and reputation perspectives)
- The recommendations for remedial actions.
Write the report as you would explain to your former self before learning anything about cyber thingies.
Include links to trusted sources (Mitre Att&ck, legislation, publicly available reports of lessons more or less learnt following breaches, models of good practice) to support your analysis and help them learn more (which is both highly preventative and respectful to them).
As you can tell, I already know everything (my modesty is proverbial amongst those who know me 🧐) but yeah, ok, any thoughts would be greatly appreciated (seriously).
Can I start this certification as my first pentest certification?
I have definitely studied some courses such as security+ and eJPT but didn’t take any exam yet.
Now I am studying hack the box pentesting path but now you made me rethink about it.
Hi @fahdalawsi2172, I'm starting right now, I'm very interested in knowing how it went, I don't have experience in pentesting either but I really want to achieve it
Hi, I'm asking for advice here.
I'm following this course in hope to move from appsec Engineer to junior pentester.
Do you think this course is appropriate ? And why?
I'd love feedback from experienced pentester who have done this cert and know what is required for a junior pentester (in Europe).
Nice hoodie!
Great I was considering this and this is frankly worrisome 😐... @John Hammond failed?!
I failed, before knowing the full story. I was in utter shock.
Super interesting. This seems like a serious step up from OSCP. I'm pretty much halfway through the modules and it's a big brick to go through, text-wise
How much does the exam cost?
Price is on HTB
Price is on HTB
Jey, Lets Crack the hack.
This cert need to be rated higher on the certification table…
Next time you take it go through the entire Penetration Tester job role path first. The skills developed in those modules are important.
HTB pentester path in academy is not 40 hours of content. It takes 40 full time days to complete it. Not hours.
Depends on how much you already know honestly it's different for everyone
@@whitenoiseopera5749 on the htb academy website it says 40+ days
Okay if you failed then it must be a really good class.
which is the best resource to study penetration testing
HTB / TryHackMe
👏 Try harder 🏴☠️ John 🏴☠️
Can a newbie start with HTB ?
Just do it,you will learn everything
is this a course commercial???
On HTB
soory why parrot os don't have crackmapexec?
Effective angle they took eluding to the intensity of the exam through public figures; I'm compelled to do this and my career has nothing to do with cyber security.
You're leaving Maryland? I hope not for California.
No way!!
if john failed the exam then theres no hope for us
fax
You got 30%, how can I attend even knowing you failed : (
How can you review a product that's paying to sponsor your video? That's a huge conflict of interest.
dolla dolla bills yall
Bro doesn't have any patience. 😂
This exam is extremely appealing. I wonder if I could stream my whole learning process and exam taking live.
The only box I've been able to hack so far is my wife's, and now we have a baby. 😂
This is sick
Bro even he didn't passed how I would even vision to pass it😅😅