The Academy role paths come with vouchers for one or more of our Four Certification Exams:
HTB Certified Penetration Testing Specialist (HTB CPTS)
A highly hands-on certification that assesses the candidates’ penetration testing skills. HTB CPTS certification holders will possess technical competency in the ethical hacking and penetration testing domains at an intermediate level. They will also be able to assess the risk at which an infrastructure is exposed and compose a commercial-grade as well as actionable report.
HTB Certified Bug Bounty Hunter(HTB CBBH)
The HTB CBBH certification evaluates individuals' proficiency in bug bounty hunting and web application penetration testing. Those holding this certification will demonstrate intermediate-level technical competence in these domains. Additionally, they will have the ability to evaluate the risk exposure of web applications, services, or APIs and generate both commercial-grade and actionable reports.
HTB Certified Defensive Security Analyst (HTB CDSA)
Professionals with HTB CDSA certification demonstrate proficiency in security analysis, SOC operations, and incident handling. At an intermediate level, they exhibit technical competence in these domains, enabling them to identify security incidents and recognize detection opportunities that may not be readily evident in the available data. These individuals excel in thinking creatively, connecting diverse data points, persistently exploring different angles to assess the full impact of an incident, and producing effective security incident reports.
The HTB Certified Web Exploitation Expert (HTB CWEE) focuses on building a mindset around risk mitigation and vulnerability identification, using various advanced and modern vulnerabilities as demos. This approach not only helps in identifying all of the covered vulnerabilities in the path but also others that are based on the same concepts or attack principles.
HTB Certified Active Directory Pentesting Expert (HTB CAPE) is a highly hands-on certification assessing candidates' skills in identifying and exploiting advanced Active Directory (AD) vulnerabilities. HTB CAPE certification holders will possess technical competency in both internal and external AD and Windows penetration testing, understanding complex attack paths, and employing advanced techniques to exploit them. HTB CAPE certification holders will demonstrate proficiency in executing sophisticated attacks abusing different authentication protocols such as Kerberos and NTLM and abusing misconfigurations within AD components such as ADCS, WSUS, Exchange, and Domain Trusts. Furthermore, they will be adept at leveraging specialized tools to exploit AD from Linux and Windows and utilizing Command and Control (C2) frameworks for post-exploitation operations.
Managing Exams for Enterprise Admins
As an Administrator, you can allocate vouchers to users who have successfully finished the path for the exam. These users must have achieved 100% completion in their respective Role Paths. To assign a voucher, follow these steps: go to an Academy Lab Space, click on the "EXAMS" tab, select the desired exam from the drop-down menu, and allocate a voucher to a user by clicking on "ASSIGN."
You can also configure the auto-assign feature, which will automatically assign users a voucher when they complete a Role path.
After assigning an exam voucher to a user, you can see their attempt number, tries, and their report submission date and status.
If you wish to disassociate a voucher from a user, you can do so by selecting the three dots in the last field and removing it. Please be aware that this action will erase any ongoing exam attempts, retakes, and any pending reports awaiting grading.
Please don't remove users from the lab until their attempt is reviewed and graded. Removing them before that will automatically delete their attempt.
Users have an unlimited number of attempts to pass the exam successfully. However, it's important to note that there are two (2) available tries provided for each user. This is because each attempt comprises an initial take and a subsequent retake (following examiner feedback). In the event that a user doesn't pass during the retake, they can start the exam again using the same exam voucher.
You get as many vouchers as your Academy seats, and you can also purchase more vouchers. Each voucher comes with unlimited tries to take the exam. Once the exam is passed, the voucher is considered used.
Exam Expired/Failed
A report must be uploaded in every exam take within the deadline. Failing to do so will cause the exam voucher to expire, and users will not be able to attempt the exam going forward. In this case, exam attempts can be re-enabled as follows.
Navigate to an Academy Lab Space and click on the "EXAMS" tab.
Identify the user whose exam expired.
Click on the three dots next to the user's expired exam and choose "Remove".
Re-assign a voucher for the user to retry the exam.
The same steps above also apply to a failed exam attempt. Remove it and assign a voucher again. Importantly, there will be no loss of vouchers for re-attempts.
Exams for Users
As a user, once your admin has allocated a voucher or you've been automatically assigned one through the Auto-assign upon completion feature, you'll be able to locate the exam upon entering the lab. You can view details such as the number of attempts available, the trial count, and a button to Start the exam.
Only one examination process can be active at a time. Concurrently, going through two examination processes is not supported to preserve the integrity of the exams.
During the final 14 days of your organization's subscription, you won't have the ability to initiate an exam. This is because the grading period and any potential retake would extend beyond the subscription period.
Go through the relevant exam details, and when ready, press the "ENTER EXAM" button to start the actual examination process.
A report must be uploaded in every exam take within the deadline. Failing to do so will cause the exam voucher to expire, and you will not be able to attempt the exam going forward.
If you fail the first take, an HTB Academy instructor will identify areas where you are lacking and provide constructive feedback for improvement. The instructor’s feedback will be available on your Academy Lab Space, "VIEW RESULT". The results will be presented to you within twenty (20) business days (usually sooner).
You have 14 days to take the second attempt after you got your feedback, failure to do so will result in an expired voucher and a new voucher must be assigned to you.
In the event of a failure on the second try, a mandatory 14-day cool-off period must elapse before attempting the exam again.
View Certifications
After successfully acquiring your certificate, you can access the 'My Profile' page and navigate to the 'Certificates' tab. In this section, you can view your Academy certificate, as well as any Prolab/Cloud lab certificates.
Exam Deadlines
HTB Certified Defensive Security Analyst (HTB CDSA) | 7 Days |
HTB Certified Penetration Testing Specialist (HTB CPTS) | 10 Days |
HTB Certified Bug Bounty Hunter (HTB CBBH) | 7 Days |
HTB Certified Web Exploitation Expert (HTB CWEE) | 10 Days |
HTB Certified Active Directory Pentesting Expert (HTB CAPE) | 10 Days |
For more information on the Enterprise Platform, visit our Enterprise Help Center: