8 min read

Launching HTB CPTS: Certified Penetration Testing Specialist by Hack The Box

HTB Certified Penetration Testing Specialist certification holders will possess technical competency in the penetration testing domain.

Dimitris avatar

Sep 15

Back in 2017, when Hack The Box was newly created as a community project, our mission was focused on offering a great environment for aspiring penetration testers looking for highly practical training content. Over the years, Hack The Box evolved and improved in all aspects: we have been diversifying our content to involve all individuals interested in learning cybersecurity, and we have created a space called HTB Academy where even learners with no previous experience in the industry can quickly get familiar with the fundamentals and upskill. 

Today, we are thrilled to announce what most of our community members have been waiting for a long time (and yes, we got tons of “when” about it). We are now ready to release our official HTB Academy penetration testing certification

"What is considered standard knowledge for penetration testers is not dictated and influenced by any IT security training vendor. It is dictated and influenced by the current threat landscape. Hack The Box addresses the need for a highly-practical and threat landscape-connected curriculum via the Penetration Tester job-role path and the HTB Certified Penetration Testing Specialist certification.”


Dimitrios Bougioukas - Training Director @ Hack The Box

Hack The Box Academy - Certified Penetration Testing Specialist

More about HTB CPTS

The current threat landscape and the level of sophistication of modern attacks dictated the creation of a new-generation pentesting certification targeted towards aspiring penetration testers that covers web, internal, external, and Active Directory attacks via a highly-practical curriculum that provides actionable knowledge.

The HTB Certified Penetration Testing Specialist (aka HTB CPTS) is a highly hands-on certification that assesses the candidates’ penetration testing skills. HTB Certified Penetration Testing Specialist certification holders will possess technical competency in the ethical hacking and penetration testing domains at an intermediate level. They will be able to spot security issues and identify avenues of exploitation that may not be immediately apparent from searching for CVEs or known exploit PoCs.

We aim to create outstanding penetration testing professionals that are not just skilled but are also able to assess the risk to which the infrastructure is exposed and compose a commercial-grade and actionable report. Of course, it is not dedicated to aspiring penetration testers only: the learning journey is highly recommended for Security Analysts, Vulnerability Analysts, Incident Handlers, and anyone with a cybersecurity-related duty.

Students will be able to access the Certified Penetration Testing Specialist exam upon the completion of the Penetration Tester job-role path on HTB Academy, which covers core security assessment concepts and provides a deep understanding of the specialized tools, attack tactics, and methodology used during penetration testing. 

Developed by worldwide subject matter experts, the job role path consists of 28 different modules in scalable difficulty and logical order to enable a great learning experience: each module is accompanied by practical lab exercises and skills assessment exercises. By the end of the path, students will have the opportunity to conduct nine simulated (yet realistic) penetration tests and attack 270+ targets.


  • Penetration Testing Process

  • Getting Started

Enumeration & Attack Planning

  • Network Enumeration with Nmap

  • Footprinting

  • Information Gathering - Web Edition

  • Vulnerability Assessment

  • File Transfers

  • Shells & Payloads

  • Using Metasploit Framework


  • Password Attacks

  • Attacking Common Services

  • Pivoting, Tunneling, and Port Forwarding

  • Active Directory Enumeration & Attacks

Web Exploitation

  • Using Web Proxies

  • Attacking Web Applications with Ffuf

  • Login Brute Forcing

  • SQL Injection Fundamentals

  • SQLMap Essentials

  • Cross-Site Scripting (XSS)

  • File Inclusion

  • File Upload Attacks

  • Web Attacks

  • Attacking Common Applications


  • Linux Privilege Escalation

  • Windows Privilege Escalation

  • Reporting & Capstone

  • Documentation & Reporting

  • Attacking Enterprise Networks

"When I was working as a professional penetration tester, I often found myself on assessments where the prior year assessor had few to no findings, but I would end up with 5, 10, 15, or more high-impact ones. I think because my natural curiosity and desire to figure out how things work usually brought me far deeper than looking for common CVEs and network and Active Directory attacks. When I had the chance to help create HTB Academy, I wanted to bring this mentality to each of our modules, teaching people the how and why wherever possible so they could start developing their own risk-based methodology. Fast forward to today and our Penetration Tester job-role path has 28 excellent modules that can help juniors dive into the industry or experienced folks to hone their craft."


Ben Rollin, aka mrb3n - Head of Training Development @ Hack The Box

The Penetration Tester path is designed to take you from a beginner level all the way to an intermediate level in ethical hacking and penetration testing via a guided, content-rich, and highly practical curriculum.

Become a Certified Penetration Tester with HTB Academy - CPTS

The Exam

But what are the necessary skills to pass the exam successfully? As mentioned above, to be an eligible HTB Certified Penetration Testing Specialist (HTB CPTS) candidate, you must have fully completed the Penetration Tester job-role path first, since its mix of theory and interactive exercises will prepare you for the exam.

Overall the prerequisites for you to successfully complete the exam are:

  • Interpreting a letter of engagement.

  • Intermediate knowledge of web and infrastructure penetration testing concepts.

  • Knowledge of web applications, operating systems, and networking basics.

  • Comfortably profiling and navigating a target network.

  • Conducting manual and automated exploitation of various vulnerability classes.

  • Professionally communicating and reporting vulnerabilities.

How can you take the exam?


1. Buy a voucher

After an Academy user has successfully completed the job-role path, they will be able to become a candidate for the certification. Keep in mind that each exam voucher includes two (2) exam attempts. If you fail your first time, no worries. We will send you detailed feedback and some tips to improve your skills before your second try. 

2. Enter the exam and start the pentest

Once you have completed the Penetration Tester job-role path and you have also obtained an exam voucher, you can start the examination process by clicking "Exams" then "EXAM INFORMATION" and finally "ENTER EXAM."

The lab and report submission deadlines will always be visible on the exam lab page. Reminder emails will be sent to ensure that you deliver everything on time and that your voucher does not expire (1 year).

Upon clicking the "ENTER EXAM" button and accepting the terms and conditions of the exam, a letter of engagement will be provided that will clearly state all engagement details, requirements, and objectives, as well as the scope. A report template will also be provided to you. The exam lab will be accessible for ten (10) days without restrictions.

To ensure that you have fully exploited the included vulnerabilities, you will also be asked to submit several flags on the exam lab’s page.

Each candidate will be provided with a dedicated instance of the exam lab. This means that you can perform your penetration testing activities without interruptions caused by others and reset the lab at any time.

Tip: A good strategy is to keep detailed notes and start drafting your report right away.

3. Upload your report

You must professionally document the identified vulnerabilities and remediation advice based on the provided template report. You will have ten (10) days to upload your report on the exam lab page from the time you enter the exam. We recommend following a note-taking and reporting structure similar to that taught in the Documentation & Reporting module, taking detailed notes and drafting your “attack chain” as you go. 

4. Obtain your results

An HTB Academy instructor will first check if you gathered the minimum amount of points and then evaluate your submitted report meticulously. Should the report meet specific quality requirements, you will be awarded the HTB Certified Penetration Testing Specialist (HTB CPTS) certification. The results will be presented to you within 20 business days.

By the time you successfully pass the exam, you can claim the digital certificate and download it. We are also working on a physical certification package, always following HTB coolness that will be delivered at your doorstep. And the best part? HTB Academy certifications have no expiration date!

HTB CPTS - How to take the exam

You can submit the ID of an HTB Certified Penetration Testing Specialist (HTB CPTS) on the Certificate Validation page to verify its validity. In addition, all successfully certified students will be able to claim the HTB CPTS digital badge on Credly, and it will arrive directly in your email. Accept it and share it on your social media so that third parties can verify your obtained skills!

Become an HTB Certified Penetration Tester!

In the era of more than enough certificates circling the internet and more yet to come, it is more than reasonable to want to choose the one that will provide you with a top-quality experience, prepare you for real-world scenarios, and of course, make you stand out. 

Here’s what makes HTB CPTS different from the typical certifications currently in the market:

  1. Continuous Evaluation - To be eligible to start the examination process, one should have completed all modules of the Penetration Tester Job-Role Path 100% first. Evaluation takes place throughout the journey, not only during the examination!

  2. Hands-On & Real-World Exam Environment - Candidates will be required to perform actual web, external, and internal penetration testing activities against a real-world Active Directory network. HTB certifications are not based on and do not include multiple-choice questions!

  3. Outside-The-Box Thinking & Vulnerability Chaining - Candidates will be required to think outside the box and chain multiple vulnerabilities to achieve the exam's objectives, like in real engagements.

  4. Commercial-Grade Report Requirement - Successfully completing all penetration testing activities is not enough to obtain the HTB CPTS certification. Candidates will also be required to compose a commercial-grade report as part of their evaluation.

  5. Seamless Experience Powered By Pwnbox – The entire exam and certification process can be conducted through the candidates’ browser, from start to finish.

HTB CTPS - the best pentesting certification

Are you ready to become a certified penetration tester?

Happy Hacking,

The HTB Team

Hack The Blog

The latest news and updates, direct from Hack The Box