Offensive Security: OSCP & OSCE — TechExams Community https://community.infosecinstitute.com/ Thu, 21 Mar 2019 07:26:29 +0000 en Offensive Security: OSCP & OSCE — TechExams Community OSCP Prep 2019 and CISSP - Advice https://community.infosecinstitute.com/discussion/135018/oscp-prep-2019-and-cissp-advice Mon, 04 Mar 2019 17:56:05 +0000 Offensive Security: OSCP & OSCE ger_saf 135018@/discussions
I need your advice and recommendation btw OSCP and CISSP.   
I am certified already on CISA and CISM in 2018 and  I am looking for another security professional certificate to do this year.   
Also, in Sept 2017, I tried CISSP after 3 months of preparation and failed. 

Brief, since I have CISA and CISM certificates, do I still need to try again CISSP or I can do OSCP?
I am an InfoSec guy ( 5 Years) in my company and with Network and System IT experiences (5 Years). 

Any advice?
]]>
OSCP questions for starter https://community.infosecinstitute.com/discussion/133230/oscp-questions-for-starter Sun, 05 Aug 2018 22:30:40 +0000 Offensive Security: OSCP & OSCE mirror51 133230@/discussions
I have few questions for OSCP exam

1. Does all machines for OSCP (like windows , linux )are 32bit or 64bit. I mean do i need to do SLAE32 and SLAE64 as well.
2. For OSCP , do i need to know Assembly Language , GDB in depth ? i mean something like writing from scratch
3. How much C programming i need to know for OSCP ?

The reason i am asking is My Next target after OSCP is OSCE , so am collecting materials from every where.
I started with Assembly langage , GDB , C programming etc and look like i am down the rabbit hole so i was thinking may be first get OSCP and then concentrate on low level stuff

Any ideas ?]]>
Discord OSCP Channel https://community.infosecinstitute.com/discussion/127097/discord-oscp-channel Sat, 20 May 2017 23:17:28 +0000 Offensive Security: OSCP & OSCE rex0r 127097@/discussions
I am still managing the Discord channel for OSCP (along with some other fine admins) and we are still very active. If you would like to join the channel here is a link: *deleted*

I will be taking this link offline in a few days.

When you join please take a look at the welcome channel and the bulletin channel, and then introduce yourself in the general channel. Stay active while you're in it!

Thanks everyone and TRY HARDER!]]>
OSCP Preparation 2018 https://community.infosecinstitute.com/discussion/133748/oscp-preparation-2018 Thu, 27 Sep 2018 08:37:02 +0000 Offensive Security: OSCP & OSCE JPCISSP2012 133748@/discussions
I've been prepraring myself for the PWK course and OSCP exam eventually. If you want to check out my progress, please access my website https://www.jpsecnetworks.com/week-1-oscp-preparation-lab-setup/ .

Regards,

JP]]>
OSCP Prep - Virtual Hacking Lab https://community.infosecinstitute.com/discussion/128779/oscp-prep-virtual-hacking-lab Wed, 23 Aug 2017 23:16:01 +0000 Offensive Security: OSCP & OSCE asurania 128779@/discussions Has anyone taken a look at this

https://www.virtualhackinglabs.com/

Seems like it covers most of the OSCP material with 30 labs.

I think with

Penetration Testing by Georgia Weidman and codeacadamy python course is perfect]]>
OSCE and SANS GXPN https://community.infosecinstitute.com/discussion/134695/osce-and-sans-gxpn Sat, 19 Jan 2019 21:12:25 +0000 Offensive Security: OSCP & OSCE Higgsx 134695@/discussions

I passed OSCP exam last year, I had topic opened here, if you're interested you can reach that topic and read my road :)

Recently I have opportunity to obtain GXPN and OSCE training budget. What will be the most correct way of taking them?

GXPN -> OSCE
or
OSCE -> GXPN

Please express you opinions :)]]>
Interesting article - It’s Time to Move on from Offensive Security Certifications https://community.infosecinstitute.com/discussion/134006/interesting-article-it-s-time-to-move-on-from-offensive-security-certifications Tue, 30 Oct 2018 08:13:14 +0000 Offensive Security: OSCP & OSCE cyberguypr 134006@/discussions
https://veteransec.com/2018/10/30/opinion-its-time-to-move-on-from-offensive-security-certifications/

Excerpt:
"Having an OffSec certification meant you had a good baseline of hacking knowledge and were well-prepared to handle a real-world job. However, in my opinion (and having two OffSec certifications), the certifications just aren’t worth the money any more."]]>
OSCP - VM Update Question https://community.infosecinstitute.com/discussion/134453/oscp-vm-update-question Mon, 17 Dec 2018 21:55:07 +0000 Offensive Security: OSCP & OSCE gphilips 134453@/discussions I've read both arguments for using the OS-provided Kali VM specifically made for the PWK coursework, as well as using the most current and patchex Kali builds.

Not sure there is a consensus, as OS says to use the specially built one, and some reviewers have claimed to have issues performing some tasks due to deprecation and what not.

However, for anyone who has recently gone through PWK, which did you use? Any advice? Did you apt update the PWK VM at all, or just add in specific tools you found you needed?
]]>
ECPPT comparing with OSCP https://community.infosecinstitute.com/discussion/118971/ecppt-comparing-with-oscp Fri, 15 Apr 2016 09:20:29 +0000 Offensive Security: OSCP & OSCE Matx91 118971@/discussions
which os ecppt ? i heard that they use old method and they didn't update them

is that right?]]>
Cracking the OSCE https://community.infosecinstitute.com/discussion/133633/cracking-the-osce Thu, 13 Sep 2018 21:01:04 +0000 Offensive Security: OSCP & OSCE ottucsak 133633@/discussions

This will probably be longer as my only experience with low level stuff is from OSCP and CTFs, so my first step is to get familiar with Assembly. To tackle this, I'm taking SLAE and SGDE (GNU Debugger) first, with plans to pay for OSCE in October and start November-ish.

I have a mixed goal here. First I want to be better at binary/low level exploitation, plus I want to challenge myself and tackle OSCE. I mean it looks good on the CV, doesn't it? :)]]>
eLearn Security vs Offensive Security https://community.infosecinstitute.com/discussion/98588/elearn-security-vs-offensive-security Mon, 10 Mar 2014 23:22:55 +0000 Offensive Security: OSCP & OSCE NovaHax 98588@/discussions

COURSE MATERIAL:

- Offensive Security's course material consists of a large PDF document and a series of videos

- eLearn Security's course material consists of a series of slide shows and a series of videos

WINNER??? - eLearn Security
I think that eLearn's course material was better presented and easier to digest. The slideshow approach was more straight to the point without the extra fluff.


LABS:

- Offensive Security offers a massive playground with 50+ systems of all different configurations. Don't expect any guidance here...TRY HARDER.

- eLearn's labs are very focused. Launch a single system sandbox and perform a very focused task. You know what you are going to be doing going into it, and you just have to master that one thing. You need guidance...just keep "asking Cicero" for tips and he will eventually tell you exactly what you need to do to complete the challenge. Don't worry about trying harder...instead, TRY ASKING FOR HELP...

WINNER??? - Offensive Security
Personally, I think that OffSec, though more frustrating...does do a better job of preparing you for the challenge. Its tempting to click for help when you are frustrated...and the fact that its there, will probably hurt you more than help you.


CHALLENGE EXAM:

- OSCP is a 24 hour challenge with an additional 24 hours allowed for reporting. In the end...the OSCP challenge is NOT NEARLY as difficult as some of the boxes in the OffSec PWB/PWK lab environment.

- eWPT is a 7 day challenge with an additional 7 days available for reporting. In the end...the eWPT challenge is SIGNIFICANTLY harder than anything you did in the lab environment. Though you have covered everything needed to pass the exam, the only time you will string the exploits together (instead of working with them in an isolated sandbox) is during the challenge. If you mastered each of the objectives, you can probably pull it off...but it will be difficult. The 7 day reporting period is overkill...I had my report turned in after 2 days.

WINNER??? - ITS A TIE
The eWPT exam is (at least in my opinion) significantly harder than the OSCP exam was. But then again, you also have a lot longer to do it. I think they were probably equally difficult given the amount of time you are provided. I passed both on my first attempt, but both were down to the wire (only had 3 hours left when I completed OSCP, and down to the last day on eWPT).

FINAL VERDICT:
Despite what I have commonly heard...eLearn's training is definitely not inferior to OffSec's. Its a different approach to learning, but all-in-all, each provides you with enough to get you going. And you aren't going to pass either without some serious persistence. Both are awesome courses. Also, they are very different courses. eWPT is only on Web-Apps and OSCP is almost exclusively on service testing (a very small intro to web-apps). There is no appropriate order here. One is not harder than the other. So take what interests you more...or take them both icon_thumright.gif

Hope this helps...]]>
eCPPT or Go Straight to OSCP? https://community.infosecinstitute.com/discussion/129419/ecppt-or-go-straight-to-oscp Wed, 04 Oct 2017 15:50:44 +0000 Offensive Security: OSCP & OSCE ZzBloopzZ 129419@/discussions
I am torn between which certification to go for next: eCPPT or OSCP?

I took the eJPT beginning of this year and absolutely LOVED the content and structure of the exam. The way they designed the course I truly learned. In fact to really internalize something you need to go through it 3-4 times. eJPT you read the slides first, then watch the videos then do the lab. 3x by default if you do everything. Then you use some of the previous skills you picked up to do more advanced things through the course. It is my understanding the eCPPT is eLearnSecurity's main course where they spent the most effort on.

For next 6 weeks, I am going to be learning Python and Bash. Then spend a solid week on Linux fundamentals as i am rusty. I have been in IT for over 10 years and really done almost everything outside of programming/development. I am currently a pen tester at work but main focus on web apps. I use Kali almost daily.

Think I should do the eCPPT or jump straight to the OSCP? My main hesitations with eCPPT is do I really want to spend $1099 then have to pay $1100 weeks after passing for OSCP. I am in DC area and hardly anyone has heard of eCPPT but OSCP does have that killer reputation so I do need/want OSCP for sure.

I am excited no matter which cert I decide on first as these are something I want to do and not necessarily need to do.

Appreciate any feedback!

P.S. I know eLearn does black friday sales. Searching around I did not see the eCPPT course itself being on discount last few years. I know there is the full bundle but that is not worth it to me as not too interested in the other courses per reviews.]]>
Passed Offensive Security Certified Expert (OSCE) https://community.infosecinstitute.com/discussion/133900/passed-offensive-security-certified-expert-osce Tue, 16 Oct 2018 09:01:11 +0000 Offensive Security: OSCP & OSCE securitychops 133900@/discussions
The Course
Some might argue that the course material is getting a bit dated, as a lot of the techniques are a bit older. I would still disagree with that after having taken the course. While it is true that a lot of the techniques learned/explored in the course are not cutting edge I was blown away at how relevant they still are. For example, I supplemented additional exercises in the course with attempting to locate zero days in "current" software and was amazed at just how many applications are still built for x86 without SafeSEH, DEP or ASLR being enabled on the libraries, etc. So while the course is a bit older I still found it very useful! Plus, I was actually able to find a few zero days in some older software that I am in the process of responsible disclosure on right now!


How I Prepared
OSCP: While this is not strictly required in order to pass the OSCE, I would still highly encourage going through it first. It absolutely gave me a leg up on several of the areas in the CTP.


SLAE: I absolutely can not stress enough how much this course helped me in preparing for the OSCE. If you are not already completely comfortable slinging custom shell code then truthfully, this is going to be the best money you can spend in preparing for this. I absolutely think taking this course is directly related to me passing on my first try. See my previous post about taking the SLAE here: http://fresh-time.co.uk/?exam=forums/security-certifications/132948-passed-securitytube-linux-assembly-expert-slae.html


VulnServer: I fuzzed and broke vulnserver in every single way that I could think of, and the time that I spent on it was absolutely paid back to me ten fold, I highly recommend it. Here is a link to my GitHub for the vulnserver exercises/exploits if you would like additional information on it: https://github.com/securitychops/exploits/tree/master/vulnserver/windows/x86


Zero Days: I spent more hours than I care to tell you just sitting at my computer in a Windows XP SP3 Virtual Machine fuzzing older applications that I found on places like Tucows and MajorGeeks. In the end it was time well spent again, as each of those exploits/zero days taught me a world of information I otherwise would not have known!


Conclusion
Again, I am super excited to have passed this and would recommend it to anyone who has any interest in exploring more about exploit development!


My plan at the moment is to take a few weeks off and then roll directly into the x64 version of the SLAE: x86/64 Assembly and Shellcoding on Linux « SecurityTube Training


After the SLAE64 I can only hope to be lucky enough to figure out a way to go for the OSEE ... but that is a problem for another day!]]>
Best training / cert in prep for OSCP https://community.infosecinstitute.com/discussion/133792/best-training-cert-in-prep-for-oscp Tue, 02 Oct 2018 13:16:37 +0000 Offensive Security: OSCP & OSCE th3bl00dyn1n3 133792@/discussions
I have an end goal in that I'm looking to study for and pass the OSCP.

A few blogs and guides have suggested cracking on with 'Hack the Box' first, and after signing up for the VIP package and watching a load of IPSSEC videos, I've realised I'm a fair way off being in a position to start with the OSCP training. Whilst I've been working in the world of cyber security for a few years now, the intricacies of a buffer overflow or XXS escape me.

I'm looking into online training and certifications that should provide the required background learning needed before OSCP, and I'm currently leaning towards eLearnSecurity's pen tester courses.

Would others agree that maybe their PTS / PTP courses are a good place to start? Or can anyone suggest alternative courses offering a decent level of background training which would act as a good stepping stone to OSCP.

Also, is the junior PTS course really required if your thinking of doing the advanced PTP course?

Really appreciate any opinions put forward. Many thanks.]]>
Not Another OSCP Blog https://community.infosecinstitute.com/discussion/132807/not-another-oscp-blog Sat, 30 Jun 2018 23:27:45 +0000 Offensive Security: OSCP & OSCE ottucsak 132807@/discussions

My preparation for the OSCP was completing the eLearnSecurity PTP course, which refreshed my pentesting skills and showed me that I can do offensive stuff if I want to. As I said earlier, I failed because I was lazy, so I will try to go all in this time. Read all the chapters, complete all the exercises, root as many machines as I can and try harder. I have no lab time currently, I'm writing the scripts for the exercises 'offline', so I will just need to run them once I renewed and anything that I can do without the labs (DNS or the bash scripting) I do it now.

Currently I finished 50% of the book including both stack overflows and plan to renew my lab right after I finished all the videos. Right now, I have no problems with the materials or the exercises, either I got much more experienced or I'm actually investing time into studying instead of blindly pwning the lab machines. Either way, I'm eager to get back into the labs and gain more experience. icon_thumright.gif]]>
OSCP materials question https://community.infosecinstitute.com/discussion/133364/oscp-materials-question Sat, 18 Aug 2018 08:32:28 +0000 Offensive Security: OSCP & OSCE josephandre 133364@/discussions
I have 72 videos, with the last being how to use searchsploit. Nothing covering RFI, LFI, SQL injection, Password attacks or proxy chains. Can someone else registered for the course verify the total amount of videos? Going to have to repurchase, but just want to make sure first.

Thanks]]>
OSCP Review https://community.infosecinstitute.com/discussion/132306/oscp-review Mon, 14 May 2018 13:25:44 +0000 Offensive Security: OSCP & OSCE Techand$$ 132306@/discussions
I just passed my OSCP exam and I'm currently on cloud nine:)! Since I got a lot of information from this forum I would like to give some feedback regarding my journey towards the OSCP exam. My background: Network security and auditing with almost nonexistent knowledge in: scripting/programming, SQL, Buffer Overflow and Linux.

So the first stage of my preparation started off with Georgia Weidman's book. I would highly recommend (for anyone like me starting off in pen-testing) to read this book from end to end and complete all the tasks as you go along. This book will help you decide whether you would like to continue your journey towards OSCP or pen-testing in general.

Next up, HacktheBox. This website will give you an almost similar feel to the OSCP lab environment. In my opinion, this website by itself wouldn't have added much value to my learning experience if it wasn't for the well articulated easy to understand IppSec's write-up video's on youtube. At the end of it, I had rooted around 40 machines, also I tried to avoid newly released hard boxes and mostly targeted easy to medium boxes and all the retired boxes.

Next I downloaded and solved all the VM's suggested by Abatchy's blog which had around 15 VM's listed. Also note that till now I had never managed to compromise a box single-handedly, I always had to rely on hints or write-ups.

After being convinced I had all the basics in place I went on to sign up for the 90 days OSCP lab, within 40 days I had solved around 45 machines which included all the hard boxes, again I must have solved maybe 2-3 machines all by myself, for the rest I had to rely on hints from the OSCP forums.

I had booked the exam for June end, but the excitement about giving the exam (or sizing it up :)) forced me to jump the gun and book it this month. The exam was a different experience altogether, so without saying much and repeating what is already mentioned, in short: exploiting around 100 machines gave me a 75% chance of clearing the exam. I was borderline close,also I'm sure it was the reporting that helped push me towards the 70 point mark, but in the end I was really glad that the effort paid off.

Overall I'm sure given time and practice anyone can pass the OSCP exam (or any exam, or anything icon_wink.gif). So for those attempting to get this certification I wish you guys best of luck! Cheers :)]]>
Finally an OSCP - Here's my Update! - Lewisecurity https://community.infosecinstitute.com/discussion/133574/finally-an-oscp-heres-my-update-lewisecurity Fri, 07 Sep 2018 02:36:13 +0000 Offensive Security: OSCP & OSCE Lewisecurity 133574@/discussions
I know it has been a long time. But it is finally here! My OSCP Review:

https://www.lewisecurity.com/i-am-finally-an-oscp/

Check it out!]]>
My OSCP Epic Journey https://community.infosecinstitute.com/discussion/129755/my-oscp-epic-journey Thu, 26 Oct 2017 12:02:04 +0000 Offensive Security: OSCP & OSCE clarkincnet 129755@/discussions
This was not a decision I made lightly and it only came after a few months of consideration and pondering during my wife’s imposed "summer vacation of NO STUDYING". Because I am goal driven, I tend to need a “big goal” to work towards in order to move forward. Without an overall goal or purpose, I tend to start lots of projects and then move on to something else without ever completing anything.

My overall plan is this:
1 – general focused study on “the basics” for 2017 Q4
2 – focused study on eCCPT during 2018 Q1
3 – focused study on OSCP during 2018 Q2

I’ve combed the forums and read the majority of OSCP threads for help in developing a plan. I’ve also read many blogs and articles from people who passed the exam (as well as those who have unsuccessfully attempted it and stopped). Below are the steps and progress I have made since October 1 (almost one month in). I’m not publishing the resources I have not started yet because that list is quite long…

Courses
Cybrary.it Course: Penetration Testing and Ethical Hacking by Leo Dregier
Source: https://www.cybrary.it/course/ethical-hacking/
Status: COMPLETED

Cybrary.it Course: Advanced Penetration Testing by Georgia Weidman
Source: https://www.cybrary.it/course/advanced-penetration-testing/
Status: COMPLETED

Zercool Wireless Penetration Series
Source: https://www.youtube.com/channel/UCX-K9aANFs6FLNNFP176nCg
Status: COMPLETED

LearnPython.org
Source: https://www.learnpython.org/
Status: COMPLETED

CodeAcademy Course: Learn Python
Source: https://www.codecademy.com/learn/learn-python
Status: COMPLETED

PentesterAcademy: Network Pentesting
Source: Network Pentesting
Status: IN-PROGRESS, currently on video 13/83

Udemy Course: The Complete Ethical Hacking Course: Beginner to Advanced
Source: https://www.udemy.com/penetration-testing/
Status: IN-PROGRESS, currently on video 14/113

Books
Nmap: Network Exploration and Security Auditing by Paulino Calderon
Status: COMPLETED (read)

Nmap Network Scanning by Gordon “Fyodor” Lyon
Status: IN-PROGRESS, currently on page 59

Penetration Testing: A Hands-on Introduction to Hacking by Georgia Weidman
Status: IN-PROGRESS, currently on page 180

Lab/Vulnerable VMs
Kali
Metasploitable2 – learning platform for the tools.
Windows XP, Windows 7, Ubuntu – loaded with various vulnerable software from exploit-db as I’ve followed along in courses and books.
VyOS virtual router – test nmap scans behind router configurations]]>
OSCP - Perseverance Journey https://community.infosecinstitute.com/discussion/132789/oscp-perseverance-journey Thu, 28 Jun 2018 22:26:26 +0000 Offensive Security: OSCP & OSCE Perseverance 132789@/discussions
Quick background:
Master degree student with 3 years of IT professional experiences on ERP, programming and data management stuff.
Zero experiences on pen-testing and newbie on info-sec field.

More detail about my background and preparation can be found here:
https://arvandy.com/oscp-preparation

Week 1: https://arvandy.com/oscp-first-week
Week 2: https://arvandy.com/oscp-second-week
Week 3: https://arvandy.com/oscp-third-week]]>
OSCP (starting 13/12/2015) https://community.infosecinstitute.com/discussion/116262/oscp-starting-13-12-2015 Wed, 23 Dec 2015 04:15:20 +0000 Offensive Security: OSCP & OSCE Sheiko37 116262@/discussions
My background:
  • 5 years as a Security Analyst (policy, compliance)
  • <6 months as a Vulnerability Analyst
  • SSCP, CISSP
Coming into the course my TCP/IP and networking knowledge is good but non-technical, or hands on. Linux command skills are minimal. Bash scripting, Perl, Python, C, etc. is almost zero.


I'm honestly in over my head and one week in already disappointed with the lack of actual education in the videos and manual. The majority of the exercises for the first half of the book are effectively repeating the example they just demonstrated, i.e. "if we do ABC we'll get XYZ - now you try ABC and see if you get XYZ", so you're on your own educating yourself further about most topics. I'm very lucky I have a friend and colleague who've both passed the OSCP, and a penetration tester as my manager.

I'm very interested in getting involved in a study group with anyone doing the OSCP starting now for the next 3 months, an IRC channel, Skype, whatever, the knowledge acquisition would be exponential with a team based approach to this material.]]>
OSCP will now be proctored. https://community.infosecinstitute.com/discussion/133107/oscp-will-now-be-proctored Wed, 25 Jul 2018 22:24:06 +0000 Offensive Security: OSCP & OSCE JoJoCal19 133107@/discussions
At work our pentesting Manager posted in a Slack thread that when they were looking for a pentester in APAC, he must have interviewed 100 OSCPs that couldn’t explain how to conduct an actual pentest. I’m for proctoring but I have reservations as I want to make sure if I have to give up my privacy that it’s a reputable proctor.]]>
Pentesting - worthwhile to pursue MCSA? https://community.infosecinstitute.com/discussion/133152/pentesting-worthwhile-to-pursue-mcsa Sun, 29 Jul 2018 14:55:51 +0000 Offensive Security: OSCP & OSCE yoba222 133152@/discussions
I wonder if there's much ROI in studying for an MCSA -- something like server 2016 or even Windows 10.
I'm glad I took the time to study for and obtain the LFCS last year. In retrospection, it felt like maybe not the most efficient way to boost my pentest skills on the Linux side.

So MCSA. I don't really need this cert from a resume perspective. Waste of time spent learning something else more relevant? The goal really is better pentester and I have a lot to learn.]]>
Cracking the Perimeter: Journey to the OSCE https://community.infosecinstitute.com/discussion/132885/cracking-the-perimeter-journey-to-the-osce Sun, 08 Jul 2018 19:59:55 +0000 Offensive Security: OSCP & OSCE Mooseboost 132885@/discussions
The OSCE seems to be a mountain of a challenge. I have minimal coding experience and no dev experience. I don't know C code and I don't know ASM. I messed with Java and C++ many moons ago. I haven't touched either since I was 14 and a curious lad in my AP Programming class. Looking back I regret not going down the path I wanted so bad. Life happened and now I am ready to grab that passion again and drive on. I've developed a rough plan that I think will help me prepare for the course. There isn't really a set timeline like there was with the OSCP. I'm looking to take my time and really understand things. There are a lot of gaps that will need to be filled. I don't want to *just* pass the course. I want to fully understand what it is that I am doing.

The outline:

- SLAE course, 32bit and 64bit. The OSCE is 64bit, but again my goal isn't to just do what I need to pass.
- Corelan, Securityshift, and FuzzySecurity exploit writing tutorials.
- Reverse Engineering / Exploit challenges.
- Finding vulnerabilities on Exploit-DB and trying to recreate them on my own.
- Finding older software and trying to find 0day / new vulnerabilities.

I've already purchased the SLAE courses. Tulpa Securitys OSCE review had a discount link that netted me both versions of the course for $199. That was too good of a deal to pass up! I won't be diving hard-core into the course every day all day like I was with the OSCP. The OSCP was for my career and had a hard-set timer on it. The OSCE is for me, so I want to take my time and enjoy the process of getting to where I need to be. If it takes me a year, then it takes me a year.

Here we go!]]>
OSCP - Try harder... again. https://community.infosecinstitute.com/discussion/132310/oscp-try-harder-again Mon, 14 May 2018 15:53:54 +0000 Offensive Security: OSCP & OSCE Mooseboost 132310@/discussions
I signed up for another 90 days. The lab doesn't feel any different than it did before, so I don't think any of the machines have really changed. On the plus side, I have some real world pentesting experience under my belt now, so hopefully, I can apply what I have learned.

Here we go, round 2!]]>
OSCP journey starts 4/29/17, Lets go! https://community.infosecinstitute.com/discussion/126135/oscp-journey-starts-4-29-17-lets-go Mon, 03 Apr 2017 22:28:32 +0000 Offensive Security: OSCP & OSCE Blucodex 126135@/discussions
I've been reading the forums and think I have an idea as to how much time I will need to put in. I signed up for 90 days of lab access. This next month I'll be working on the boxes at vulnhub, reading, reading, and I'll be putting together a binder with commands, tips, and techniques that I learn this next 3.5 weeks.

Any advice or relevant chat group recommendations are welcomes and appreciated. In a perfect world I'll get this done right before I head to DefCon this summer.]]>
Is It OSCP Time? https://community.infosecinstitute.com/discussion/132864/is-it-oscp-time Fri, 06 Jul 2018 09:16:21 +0000 Offensive Security: OSCP & OSCE globalenjoi 132864@/discussions
I'm hoping to get some feedback for some OSCP decision making. I'm thinking about purchasing the PWK course with 60 days of lab time. I'm taking the GWAPT next week and once I'm done, my training schedule should be free for the next few months. At the GWAPT training, I was encouraged to go ahead and start the course...

I'm curious though... am I ready? Over the last year, I've completed the GPEN and GCIH. I've been working my way (slowly) through the eLearnSecurity PTP course material, and just started the System section with all the buffer overflow stuff. I feel pretty comfortable with the pentest stuff, but I know I still have a lot to learn. I've been doing web app pentesting as a job for about 6 months now. Am I at a point where I could realistically pay for the course and 60 days of lab access, and be ready for the exam at the end of the lab time?

Appreciate any input or feedback!]]>
Failed OSCP attempt #1 https://community.infosecinstitute.com/discussion/132668/failed-oscp-attempt-1 Tue, 19 Jun 2018 22:43:51 +0000 Offensive Security: OSCP & OSCE meni0n 132668@/discussions
My downfall was the buffer overflow box. For the life of me I couldn't get it to work and spent way too much time on it, around 15 hours. I was able to root the 10 point box and get low privilege shells on the 25 and the other two 20 point boxes. But the I kept going back to the buffer overflow just trying to make it work. It kind of stings going down just due to that box but it's probably my persistence that did me in. If I would have spent all that time in privilege escalation on the three other boxes I would have passed but I was so intent in getting those 25 points, I just let it eat up all of my time.

For the record, I must say that I expected it to behave just what was taught in the training material and went step by step but for some reason the program kept changing the last four EIP digits for the JMP which was landing me in area of memory that I didn't want to be in. I tried so many things to fix it but just couldn't do it. I even started to think there might have been an error in the code of the program. I just wish they would have tested based off what is actually in the material/curriculum. It is a certification exam after all.

I submitted the exam report anyway along with the lab report and just waiting now for confirmation and for them to let me book another attempt hopefully next month.

Let that be a lesson, don't get hung up on one box. I felt getting a foothold on the other four machines wasn't very hard, I spent maybe a maximum of two hours getting low privilege shells and rooting the 10 point box. I'll just work on my privesc more and do some more buffer overflow tutorials.]]>
OSCP 06-02-2018 Accountability Thread https://community.infosecinstitute.com/discussion/132468/oscp-06-02-2018-accountability-thread Tue, 29 May 2018 15:12:08 +0000 Offensive Security: OSCP & OSCE Moldygr33nb3an 132468@/discussions TL;DR: I signed up for 60 days (projected to go 90) of lab for the OSCP starting June 2nd. This will be my journal/thread from that day forward.

I was a little reluctant to record this, because whether one or several hold me accountable; someone is. This is to get me to put the games down for a few months, and put the Friday work week finale's on hold. This is what I feel is necessary.

Background: I'm a skiddie at best. I do not have any professional experience in Penetration Testing/Red Team. I've read many books, from Georgia's Penetration Testing book. David Kennedy's Metasploit book. Parts of Gray Hat Hacking, Art of Exploitation, Violent Python, and I've done a few udemy courses for fun. I just received the new Hacker's Playbook.

Strengths: I enjoy this. I spend nights playing with vulnhub for fun. Most of the vulnhubs I've done, I used metasploit and msfvenom. (Mind you this was just because I was trying to learn metasploit). I completed eJPT relatively quickly (I know not even comparable). I understand networking and is my full time job.
I have an entire workspace (converted the dining room) in my home with two 32-inch monitors with dry erase board. May go 3 monitors. Depends. This will be command and control. Lots of desk space.

Weaknesses:
Dev skills are mediocre at best. I can read and understand and modify programs and scripts, but writing it from scratch is a whole different ball game. Python and Bash are the only two that I am relatively competent in comparison to the others. I could never get a job as dev.

Opportunities: None. This is just for fun. I'm Pvt. Joker in the rear with the gear in FMJ wanting to experience "the suck" that everyone talks about. I want that "stare." There is no financial gain or bragging rights because nobody in my workspace or friends circle know wtf offensive sec is.

Threats: Time. External Influences. Friends and coworkers won't understand the purpose and I don't have the patience or time to explain. They will attempt to drag me out of my cave. They will bother me for the next 90 days to go out to eat. Drinks. Play some PUBG or State of Decay 2. GF will do the same, but I told her to put her feelings in autonomous mode because she will become irrelevant most of the week. ( relax, i'm being facetious).

Schedule:
Sat June 2nd is D-DAY. Just as it's been said many times before. Print and read the PDF > Complete the exercises > Hit the labs>Test.

Days:
Work M-F 630-3pm: (I can make time to read). Problem with my work environment is it goes 0-100 real quick so it can be difficult to get some time to read. This is time I wont be able to do any labbing or exercising. Just reading. I may bring a laptop on the days I decide to stay after work and sneak a few labs in, but I can't count on it because despite my private network, it doesn't look good to have Kali Linux with text streaming down the screen in a secured environment. Then again, I doubt anyone would know what I'm doing and I could just say i'm "programming" before the curious scurry's off.

Off-time M-F 4pm-9pm: This is when I can complete exercises and labs. I will sneak my daily 12-15 minute catnap to stay refreshed. I imagine my coffee maker will go kaput sometime around here in this window.

Sat - Sun: These will be my sprint periods. 9am - 9pm. With 1-hour lunches and maybe a 15min snooze somewhere in there. Saturday's can go into over-time beyond 9pm. Crash modes incase I fall behind. (I will.)

Month 1: I want to be completely done with the PDF and Exercises. I will cross out the syllabus as I go. I want to make sure I have a solid understanding of this "method" everyone speaks of.

Month 2: Labs Labs Labs! July 31st, I want to be complete with the Labs!

Month 3.
Overtime. I know the Threats are stronger than I make them out to be. I know I will get burned out and will need a day break or so. Going to the bar and gassing up with the friends maybe. Hell, I may even cut those evening breaks short just to come back home and attempt the impasses in a more relaxed state.
I want to complete all the labs. I already have a large white sheet of paper pulled out where I will mark everything based on what I believe the difficulty is. HVT's will be the hardest ones. They will be the Aces. That way, if they turn out to be easy, it will surprise me. I will put them in order based on names and enumeration.
If I feel comfortable by day 90, based on what I have read, I will schedule the exam. I don't see this being the case, but I don't really know what I am in for either. I am open to a Month 4.

Who Should Follow:
n00bs, nubs, noobs, newbies, newbs, skiddies. In regards to pentesting, I'm a noob.

I will try to update daily. No promises. But I want to so I can stay accountable and of course use it to reread one day. I may look at official updates weekly with the occasional daily vents.

Footnotes: Maybe I'm overthinking this. I don't know. I'm not an optimistic person so this could just be my natural thinking habits. My chances of success, I believe, without knowing anything is 80%. This is an optimistic outlook, but I believe I should say 100%, but I can't. There is a chance I will fail, and when I say fail, I mean quit. Why? No idea. I'm just being pessimistic.


See you June 2nd!]]>
Journey to OSCP - Update 4 - 30 Boxes Down! https://community.infosecinstitute.com/discussion/132709/journey-to-oscp-update-4-30-boxes-down Sat, 23 Jun 2018 13:12:38 +0000 Offensive Security: OSCP & OSCE Lewisecurity 132709@/discussions
Here is my latest post about the OSCP. Hope you enjoy!

https://www.lewisecurity.com/journey-to-oscp-update-4/]]>