How was to take the CBBH as a newbie?

Hack The Box’s Certified Bug Bounty Hunter was my first hands-on certification.

Is it difficult?

I wouldn’t say the exam is difficult, but it does require some kill chains that may be challenging for beginners.

Some tips.

Besides the obvious—book some good time during the 7 days you have to complete the test and take notes (which are good tips), I would like to appoint some tips I would like I had before doing the test.

1. Chill, sit down. Don’t get overwhelmed about the time or the attack surface you have. You have enough time to do the exam in 7 days. Getting stressed may lead you to lose the brought perspective and will not be helpful.
2. Follow the pentesting methodology. Gather information, scan, enumerate…
3. If you did some HTB labs, or Academy modules (which you sure did), you will already know that things are there for a reason. Nonetheless, be sure not to push toward dead-ends for too long.
4. Somehow linked to the 1st one: read the webpage’s content, treat it as a real webpage.
5. There is no need to do the exam in the order the flags are listed. If you get stuck in one flag, you can just walk about to another one and come back later (Even though I would recommend gathering information from all portals before attempting any exploitation).