I have been a huge fan of HackTheBox Academy for the last ≈75 weeks.

I prefer it over any other educational site because you cannot find walkthroughs providing answers for the modules simply because it is prohibited and will get you banned for providing them. What this means is that you will have to actually try hard to finish the exercises and every module has a final skills assessment that you will also have to clear which requires from you to think out of the box combining many of the things that you have learned.

Finishing a module will lean your progress towards a certain certificate, by the time i took the exam there were 5 certificates available:

CPTS (Certified Penetration Testing Specialist), CDSA (Certified Defensive Security Analyst), CWEE (Certified Web Exploitation Expert), CBBH (Certified Bug Bounty Hunter), CAPE (Certified Active Directory Pentesting Expert) and a 6th one which got released just moments before i upload this article called CJCA (Certified Junior Cybersecurity Associate).

Getting any of these certificates was not in my list, i would probably go for CPTS sometime in the future because it basically offers what OSCP does for a fraction of that price and have already cleared 60% of the required modules just because i enjoy pentesting domains. I have also cleared 50% of CBBH modules.

Ironically, i have suddenly decided to go for CDSA for which i have only cleared 20% of required modules because of 2 reasons:

1. I have passed BTL1 exams exactly 3 months ago (with a passing grade of 95% achieving the gold coin) and i was looking forward to challenge myself more. BTL1 was a bit disappointing tbh and CDSA is many times harder than BTL1 but more on that later.

2. Giving exams for a certificate that it is based on modules that you have finished many months ago might be challenging since many of these modules if you do not work in the field, will need to be revisited to refresh your memory. For CDSA i only needed to revisit that 20% and honestly i never did since i knew i remember them.

And so i started studying the remaining modules.

I had to clear 12 more modules before unlocking the exams ( i had already cleared 3 of them in the past, hence that 20%). Most people need at least a few months to finish a certificate path (Job Role path as HTB Academy calls them), it took me around 45 days for the remaining 12 modules studying around 3h per day. After finishing all 15 modules, you have the ability to buy an exam voucher which you will have to spend in 12 months and if you fail the exams, as long as you provide everything even if it was wrong, you will be able to use it for a free retake.

I didn’t want to do any further studying / repeat finished content because i think that revisitting what you have learned over and over again will just stress you and wont do any good, after buying the voucher i pressed the exams button just a day later.

STARTING THE EXAMS

CDSA exams are 7 days long and i had to take a week off from my work.

I do not want to give sensitive info about the content, you will basically have to find numerous flags from various indicators of compromise and write a commercial grade report about them, you will have to be able to understand how these attacks are connected. There’s also a second report that you will have to write but there are no flags there, you are completely on your own which makes it much harder to understand.

Insufficient to say that these exams are basically of intermediate level. What i did not like on BTL1 is the fact that it tells you where to find each infomartion, for example “open {insert name of application here} and find {insert type of info here}”. There is no guidance here, you will basically have to know how the operating system works and what each of the providing tools can do.

Another weird thing is that you will have to hash each answer before submitting it which only adds unnecessary complexity to the whole procedure. Maybe they want to slow you down when submitting answers so you wont be able to brute force whatever info you find that you may think its the right answer. That’s because you get unlimited tries for each question while on BTL1 you only have 1 try but do not let that fool you, finding the flags is the easiest part and that is why a huge portion of the participants fail the first time and some of them also fail a second time.

It took me 3 hours to find the first flag which was disappointing because you will have to find 20 flags with 17 of them (85%) being a requirement if you wanna pass the flags part and move on to the report writing. You will get used to revisit the same questions over and over again hoping that some new evidence that you just found will help you answer any of the remaining ones. I have found 15 more flags before the end of the second day, i just needed one more flag to reach 85%. Well, that flag took me 6-7 whole hours which discouraged me a lot and decided to skip the remaining 3 flags and just write the report.

After figuring out how these attacks are connected and writing the report which took me a day mostly because i wanna make the report polished enough, i spent 1 1/2 more day for the second incident for both the investigation and the report writing. I still had 2 1/2 days left, i could submit my answers and the reports or just keep looking for the remaining 3 flags. I’ve decided to keep looking after taking a nap and all 3 of them took me just 1-2 hours more, showing how important it is to rest every few hours. So now i had a 100% on flags, and 2 reports ready to be submitted (after editing the first incident with the new attack indicators).

GETTING THE RESULTS

Although you will know how many flags you got right, an examiner must grade your reports and this is where most people fail and since i do not work in cybersecurity, this was something new to me. If you’re like me where English is not your first language, this can get even harder.

I have submitted my answers and reports on 22/06/2025 (Sunday) and got the results on 05/07/2025 (Saturday) together with the examiners feedback. There are currently 535 people worldwide who have managed to pass these exams on a period of almost 20 months (CDSA came out on December 2023) and after posting the results on various social, i got flooded with messages from members who want help so they can pass it first try or failed to do so once or even twice.

You have been warned!

BUT THERE IS A “BUT”

And although the testing environment was great and i could stay connected for many days without disconnection problems, i cannot say the same about the results experience.

You are supposed to get an email confirming your success but i never got one. I actually was browsing HTB Academy and refreshed the page and saw 2 notifications, one on the badge option, and one on the Exams option, that’s how i knew that i passed it. There is also a Credly badge that i wasnt aware of and learned about it 2 weeks later and i’ve also never got an email to acquire it. Support said that they can see that i have turned off email notifications (keep in mind that theres no such option anywhere so i do not know what they are talking about plus i always get email notifications about my monthly HTB subscriptions) and after messaging them a few times, they have sent me the credly link but not the email for passing the exams which i wanted for archiving purposes. And the “i can see that you have turned off your email notifications” became a “i dont know why you didnt got one”. Sure, a minor inconvenience, but i would expect something better for such an effort.

The examiners feedback was also a bit disappointing because i saw the same feedback on multiple users on LinkedIn and other social platforms so it was basically a copy-paste case.

CONCLUSION

This was the hardest certificate (up until now) and i felt really great when i saw the positive results. There’s also a physical certificate and an exclusive t-shirt that you can receive, i got the t-shirt and waiting for the certificate. It’s also the first time in 3 years that i thought that i deserve a one month break from these cybersecurity sites which i used to visit daily. 😂

What’s next?

I thought i should go for CBBH but CJCA looks sweet and probably easy to obtain based on my current level. I’m also looking at CCD from Cyber Defenders which is probably the hardest blue team certificate and then i will be able to say that i have earned all 3 major defensive certificates.

Still deciding.