OSCP - VM Update Question

gphilipsgphilips Posts: 22Member ■■■□□□□□□□
I've read both arguments for using the OS-provided Kali VM specifically made for the PWK coursework, as well as using the most current and patchex Kali builds.

Not sure there is a consensus, as OS says to use the specially built one, and some reviewers have claimed to have issues performing some tasks due to deprecation and what not.

However, for anyone who has recently gone through PWK, which did you use? Any advice? Did you apt update the PWK VM at all, or just add in specific tools you found you needed?

Comments

  • securitychopssecuritychops Hunter of Bugs Posts: 43Member ■■■□□□□□□□
    I used their provided VM (VMWare) and would only update individual things as absolutely required, taking a snapshot first.  I recall having one or two issues with out of date cryto for things nikto, but for me their VM worked well enough for the purposes of the course/exam.  I did keep an updated copy of Kali and Windows 10 on standby should they be needed, but that was rarely the case for me. (I used my windows 10 box for hashcat work as I had a good video card in there for example)
    Certs : OSCE, OSCP, CISSP, Pentest+, Security+, SLAE, SLAE64
    Goals: OSEE
  • Mike7Mike7 Posts: 1,061Member ■■■■□□□□□□
    OffSec recommends that you do not. If you do, create a snapshot. See https://support.offensive-security.com/#!pwk-kali-vm.md

    You can always keep a backup copy of original VM on disk. 
  • FluffyBunnyFluffyBunny Junior Member CISSP, OSCP, CEH, RHCE, GCCC, Pentest+, PSM-1, alphabet soupPosts: 53Member ■■■□□□□□□□
    I used their provided VM (VMWare) and would only update individual things as absolutely required, taking a snapshot first.  
    Ditto, but only for the courseware! I recall that I wasn't able to do the Linux buffer overflow on the up-to-date Kali and that it really needed the tweaked OffSec-provided VM.

    For the labs I switched to an up-to-date "real" Kali, which I'm still using to date. 
    CISSP, OSCP, CEH, GCCC, RHCE, Pentest+, PSM-1, alphabet soup...

    2019: Renew RHCE (with EX407) , SANS SEC566 (GCCC)
Sign In or Register to comment.