4 min read

New training pathways for Crest's Certified Web Application Tester exam

The new Hack The Box (HTB) training pathways are a new addition to HTB’s CREST certification-aligned labs that provide study support for CREST’s penetration testing exams.

Ophie avatar

Apr 28

New training pathways aligned with Crest's Certified Web Application Tester exam (CCT APP) are now available on Hack The Box (HTB)  

A few months ago, Hack The Box introduced a full suite of labs and boxes available on the HTB platform, with the view to provide highly hands-on training support to cybersecurity professionals studying CREST penetration testing and Offensive teaming exams.

Committed to continuously providing the cybersecurity community with access to an innovative and interactive approach to skills and competency development, Hack The Box is now introducing new training pathways designed for anyone getting prepared for the CREST Certified Web Application Tester exam (CCT APP)

The training pathways offered by HTB align with CREST certification standards, which highlights HTB's strategic partnership with CREST. The international not-for-profit cybersecurity accreditation and certification body is working with Hack The Box to provide CREST members and the wider community with experiential, fully hands-on training toward CREST certifications, thus improving learning outcomes. 

In the HTB Academy, the new CREST’s CCT APP skill path covers the following CCT APP syllabus areas (IDs): A1, A2, A3, A4, A5, B1, B4, B5, B6, B8, B9, B13, B14, C1, C2, C3, C4, D1, D2, E1, E2, E3, E4, E5, E9, F1, F2, F3, F4, F5, F6, F7, F8, F9, G1, G2, G4, G5, G6, G7, G8, G9, H1, H2, H3, H4, H5, H6, H7, H8, H9, H10, H11, H12, H13, I1, I2, I3, I4, I5, I6, I7, I8, I9, I10, I11, I12, J1, J2, J3. 

Start the path


In the respective track on the HTB Labs, security professionals can master the following syllabus areas (IDs): B4, B11, C3, E4, E5, G2, G4, G7, G8, G9, H3, H4, H5, H6, H7, H8, H9, H10, H11, H12, H13, I1, I2, I3, I4, I5, I6, I7, I8, I9, I10, I11, I12, J1, J2, J3.    


Crest Web App tester

Hack The Box experts have designed a complete set of penetration testing training labs that align with CREST certification standards. These labs are exclusively offered through Hack The Box's gamified and user-friendly platform and are fully aligned with CREST's globally recognized exam framework. The labs provide comprehensive coverage of the syllabus areas for each exam, and training covers every skill level, from entry to advanced.

This partnership means that CREST-accredited member companies get free access to entry-level labs and can access a wider set of labs at a reduced cost. The Hack The Box platform can help individuals better prepare for CREST exams and assess their readiness to pass them.

CREST worked with Hack The Box to map its content against CREST exams and create fully bespoke CREST labs. At the moment, the following pathways are available in the Hack The Box platform:

  • CREST Practitioner Security Analyst (CPSA)

  • CREST Registered Penetration Tester (CRT) 

  • CREST Certified Web Application Tester (CCT APP) 

As part of our long-term partnership, additional pathways will be offered by Hack The Box, including those for CREST Certified Infrastructure Tester (CCT INF) and CREST Certified Simulated Attack Specialist (CCSAS). Stay tuned!


CREST is a not-for-profit accreditation and certification body representing the technical information security industry. CREST provides internationally recognized accreditations for organizations providing technical security services and professional level certifications for individuals providing vulnerability assessment, penetration testing, cyber incident response, threat intelligence, and security operations center (SOC) services.

CREST Member companies undergo regular and stringent assessment, whilst CREST certified individuals undertake rigorous examinations to demonstrate the highest levels of knowledge, skill, and competence. To ensure currency of knowledge in fast changing technical security environments, the certification process is repeated every three years. 

For more information on CREST:

About Hack The Box

Hack The Box is a leading gamified cybersecurity upskilling, certification, and talent assessment platform enabling individuals, businesses, government institutions, and universities to sharpen their offensive and defensive security expertise. Launched in 2017, Hack The Box brings together the largest global cybersecurity community of more than 1.7m platform members and is on a mission to create and connect cyber-ready humans and organizations through highly engaging hacking experiences that cultivate out-of-the-box thinking.

Offering a fully guided and exploratory skills development environment, Hack The Box is the ideal solution for cybersecurity professionals and organizations to continuously enhance their cyber-attack readiness by improving their red, blue, and purple team capabilities. Rapidly growing its international footprint and reach, Hack The Box is headquartered in the UK, with additional offices in Greece and the US.

For more information on Hack The Box:  


Hack The Blog

The latest news and updates, direct from Hack The Box