Tony's Cybersecurity Blog

Hack The Box Certified Bug Bounty Hunter (HTB CBBH)

Posted on Aug 22, 2023

Certified Bug Bounty Hunter by Hack The Box

​I am a HTB CBBH!

Review: Hack The Box Certified Bug Bounty Hunter (CBBH) Certification

The CBBH certification is a challenging yet rewarding experience. It offers significant value for those looking to enhance their skills in application security. I would highly recommend both the training and the exam for those serious about advancing in this area.

The Training

The training for the CBBH certification was exceptional in many aspects. The content provided a deep understanding of application security and gave me a significant advantage in identifying vulnerabilities. However, not all modules were equally relevant—some felt confusing or disconnected from the core objectives of the exam. Thankfully, these instances were rare, and the overall quality of the training was excellent.

The Exam

The CBBH exam is no walk in the park. Many members of the HTB Discord community have compared its difficulty to the OSWE, with some even suggesting that the OSWA pales in comparison. This exam demands critical thinking, persistence, and a trained eye for vulnerabilities.

While the HTB community generally agrees that the training alone is sufficient to prepare for the exam, I believe success requires more than just completing the coursework. It takes experience and a nuanced understanding to identify and exploit certain vulnerabilities effectively.

Overall

The CBBH certification is not without its challenges. There were moments of frustration during the exam, which mostly stemmed from my own lack of understanding at the time. I failed on my first attempt, which was a humbling experience.

However, that failure became an opportunity for growth. I revisited my strategy, studied the feedback I received, and allowed myself time to step back and reset. After a week of focused preparation, I took advantage of the free retake and managed to pass within the first 12 hours of the exam retake.

This certification pushed me to think critically, adapt under pressure, and strengthen my skills in application security. While it’s not an easy path, it’s a highly rewarding one, and I would recommend the CBBH to anyone looking to elevate their expertise in bug bounty hunting and web application penetration testing.