I feel there’s some missing pieces to HTB CBBH training. Don’t get me wrong the modules are good but in my opinion doesnt prepare you fully for the exam. I had to found out there’s some golden nugget modules available that will be an advantage to complete.

Take a look at the learning process module:

https://sleeperhacks.gitbook.io/htb-academy-walkthroughs/other-modules/learning-process

The other module that was also mentioned by someone else, unfortunately I couldn’t recall but seems to be also valuable for learning black box testing.

External testing section of the Attacking Enterprise Networks.

The other one is the Documentation and Reporting module. ( not part of the CBBH path currently )

CBBH covers a broad range of web vulns but mastering the most commonly exploited attacks vectors are crucial.

Critical to understand how to exploit black box vulnerabilities.

Black box = PortSwigger Academy

And note all injections could be blind. I will add htb module links soon.

https://academy.hackthebox.com/course/preview/documentation--reporting