TIPS

Those are tips for preparing for the CPTS exam from Hack The Box (HTB), which I estimate to be at a difficulty level between OSCP and OSEP, but with more guidance. Those tips are also valid for CBBH, CDSA and CWEE, but more specific tips will come on time.

Master Port Forwarding and Pivoting

• Be proficient in navigating networks by establishing connections to and from other machines.

• Understand how to bypass outbound and inbound firewalls and access isolated networks, especially with chained and linked hosts.

Manage Multiple Sessions

• Get comfortable with handling multiple sessions simultaneously (e.g., one low-privileged user and one system-level session per machine).

• Practice switching contexts (whether it is Meterpreter, Sliver...)

Implement Persistence Mechanisms

• Establish persistence from both the victim to your Kali machine (e.g., via services or startup items) and from your Kali machine to the victim (e.g., using SSH keys, RDP, or local administrator access).

• Ensure your sessions stay stable, particularly if your VPN connection drops.

Maintain Payloads and Notes

• Keep a record of the payloads and notes that worked for giving you access

• Test your payloads (Mimikatz, Rubeus, PowerView...) in advance; do not discover the features of Meterpreter or pivoting techniques on the exam day.

• Create a personal cheatsheet for quick reference.

• Be cautious as some payloads found online may not work for plenty of possibilities. Ensure you have a local copy that worked correctly during your labs

Exam Requirements

• You must capture 12 out of 14 flags to pass the exam, so when you have them, make sure you have all proofs before going deeper

• The report is very long... up to two days to complete, make sure you have free time to do it!