OSCP Experience Thread - MSP-IT

MSP-IT

As I did with my SCPD certificate, this thread will outline my experience while I go through the certification program.

In my mind, I've made leaps and bounds in the security industry with very little experience. Having only been in IT less than 2 years, and information security even less than 1, I've completed my CCNA: Security, SSCP, and the CISSP exam to this point. Despite the fact that I have indeed worked pretty hard to complete the prior mentioned certifications, they haven't present THAT much of a challenge. This is why I'm turning to the OSCP. I'm ready to try harder.

Despite its recognition and its ability to cushion a resume well, I'm primarily taking the OSCP in order to give me the pen-testing deep dive I'm been preparing myself for through theory training. Starting with the OSCP, my rough plan is to work towards more of an exploitation role through the eCRE with eLearnSecurity and finally to the OSCE with Offensive Security. I believe this will give me the best "bang for the buck" when it comes to certifications. This is also the closest path to my current experience in security working in DevOps and automation.

For me, the challenge starts Aug. 16th and extends until my 90-day lab access ends.

Stay tuned.

Master Of Puppets

I'm definitely going to keep a close eye on this one. Best of luck throughout this, I'm sure you're going to have a great time and learn a lot.

MSP-IT

I honestly can't explain how excited I am. I was hoping to start today, but you have to schedule it at least 6 days in advance.

JoJoCal19

Good luck with your endeavor! Definitely keep this thread updated. I have this on my radar for next year.

zxbane

Best of luck man, your determination is motivating! I'll be following to see how you handle it, I'm sure you'll learn a ton too.

SephStorm

I'm interested to hear about your research process for filling in the training gaps.

MSP-IT

SephStorm wrote: »

I'm interested to hear about your research process for filling in the training gaps.

If you haven't read it before, take a look at g0tmi1k's OSCE review here, or OSCP here. At the bottom of the review, he has a reading list in preparation for the course; OSCE in this case.

Out of the books he recommended, I purchased:
Hacking: The Art of Exploitation - John Erickson
The Shellcoders Handbook - Jack Koziol
Assembly Language Step-by-Step: Programming with Linux - Jeff Duntemann

And out of my own interest and what I believe I needed the most preparation on:
The Hacker Playbook: Practical Guide to Penetration Testing - Peter Kim
The Linux Bible - Christopher Negus

I was planning on taking the Linux+/LPIC before the OSCP, but decided I'd rather learn as I go. I've gotten a little bit of Linux hands-on through work over the past 3 months. Hopefully it will be enough to start the course. If not, I'd like to think I pick up things quickly.

the_Grinch

I often thought about taking a linux cert prior to the OSCP and honestly it seemed like it wouldn't make to huge of a difference. Good luck and look forward to see your review!

Killj0y

Good luck on the offsec courses. I recently got the Hacker Playbook and I am enjoying it. Nice read. Another good one would be the Red Team Field Manual. I just wish it came in a Kindle version.

Danielm7

Good luck! I've been emailing the people at OS myself about taking the course. I've been trying to get into infosec, have a few certs but not nearly enough hands on, it seems like this one would make a world of difference.

MSP-IT

Waiting patiently for my lab activation.

MrAgent

I think I am going to make the plunge and fork over the money for this soon. I'm going on vacation next week, so I'll probably start it after that. Although grad school starts up next week again too. Decisions...

Good luck on this. I will be following this thread.

NovaHax

Nah man...get started while you're on vacation. If you're taking OSCP...its time to start getting used to ignoring the family

YFZblu

On that path right now, good luck!

MSP-IT

So it turns out I selected the wrong timezone and it came 2 hours late right when I was getting to bed.

I am having a bit of trouble this morning though. I'm working through the exercises and supposed to be using my supplied Windows machine on their network, but their revert/reset commands aren't working so I can't hit my machine. I was hoping to get some work done today, but the Admins in the IRC channel said it may take a while. It's a bit disappointing that I can't do much on my first day.

YFZblu

I'm a little confused - The Windows 7 client you should be using is Offsec's Windows 7 lab machine. Not your own local Windows box. Am I misunderstanding your post? Using the world 'local' makes me think you're attempting to utilize your own Windows machine in their environment.

NovaHax

Yeah...sounds that way to me too. They should have given you an IP to a dedicated Windows box in their lab

ramrunner800

I'm in the labs for it right now too, after taking some time out for CEH. Good luck, have fun, and be prepared for the challenge. If you wanna talk about the course, don't be afraid to give a shout in a PM.

MSP-IT

YFZblu wrote: »

I'm a little confused - The Windows 7 client you should be using is Offsec's Windows 7 lab machine. Not your own local Windows box. Am I misunderstanding your post? Using the world 'local' makes me think you're attempting to utilize your own Windows machine in their environment.

Yeah my phrasing on that is off. When I said local, I meant local to their network, not mine. Either way, the issue was ironed out late last night and I got through about an hour of videos.

The first few sections are pretty interesting, although a little dry. I was a tad surprised at OffSec when I hit a little bump in the introductory lessons though. You can definitely tell they're wanting to prepare you to start thinking for yourself early on.

I think the biggest issue I'm going to have is memorizing switch values. I'd like to think I'm good at understanding theory, which makes a lot IT work easier, but I doubt my ability when it comes to remembering specific values. I've never been good with wrote memory.

JoJoCal19

MSP-IT wrote: »

I think the biggest issue I'm going to have is memorizing switch values. I'd like to think I'm good at understanding theory, which makes a lot IT work easier, but I doubt my ability when it comes to remembering specific values. I've never been good with wrote memory.

That's my weakness as well, and what I've had difficulty with when looking at and studying technical security topics. That's why I've done so well in the GRC side of things. However OSCP is a practical cert and you can certainly make notes of things like that to have handy when doing the exam. I have always wondered in the real world just how much stuff pentesters know off the top of their head (100s of tools and many switches and functions per tool!) and how much they need to look things up or reference a **** sheet.

MSP-IT

JoJoCal19 wrote: »

That's my weakness as well, and what I've had difficulty with when looking at and studying technical security topics. That's why I've done so well in the GRC side of things. However OSCP is a practical cert and you can certainly make notes of things like that to have handy when doing the exam. I have always wondered in the real world just how much stuff pentesters know off the top of their head (100s of tools and many switches and functions per tool!) and how much they need to look things up or reference a **** sheet.

I've heard that the RTFM is supposed to help with that. I'm expecting it in the mail later today.

Meanand

All the best. And your postings will motivate and help others like me also.

YFZblu

Meh I wouldn't worry too much. The stuff you use the most will be committed to memory naturally - For the rest, we have the pages

MrAgent

Some recommended reading... The Hacker Playbook. I just got my copy today, and read the section on using powershell. I would not have even thought of using it during an attack. So yeah... worth reading and may help you during your OSCP studies.

Ill be signing up for the OSCP next weekend and I think this book will certainly help.

NovaHax

Saw somebody reading that book on the way back from DEFCON. I was wondering about it, but decided not to ask the guy about it...as I was totally burned out on being sociable with strangers (certainly not my natural state) after a whole week of doing it.

@Jojo and MSP-IT:
Like YFZblu said...the memorization of the tools you use consistently will come naturally. But any time you have a question, during the course or test...nearly all of your major tools will have a help switch. Usually -h or --help. If that lacks the details you need...roll through the man page. Or pull up google. The OSCP challenge is just as much about being resourceful and being able to find answer as it is about knowledge you already have.

MSP-IT

I went through the majority of The Hacker Playbook last week, prior to starting the OSCP. It was great reference and well written. So far, there is almost no overlap in tool recommendations between OSCP and THP. THP has gone over some tools that I'll most likely add to my arsenal alongside those covered in the OSCP material.

As far as the course goes, the amount of material is quite surprising. I didn't realize that there was that much to work with. I'd say I'm relatively 20-35% of the way through the videos, and 20% of the way through the PDF (printed/bound a copy). As Kim mentioned a quote that I believe will be valuable in approached the exam.

Give me six hours to chop down a tree and I will spend the first four sharpening the axe.
- Abraham Lincoln

I plan on working through both the PDF and videos a few times before I even start attempting the machines in the lab. I'd like to become pretty comfortable at the command line before I get my hands dirty.

YFZblu

MSP-IT wrote: »

As far as the course goes, the amount of material is quite surprising. I didn't realize that there was that much to work with.

Agreed. There is a lot to cover, the course is quite broad for only 360 pages. During some down time at work the other day, I took a peek at the two-page OSCE course syllabus and thought it hadn't downloaded fully. Turns out, OSCE covers far fewer topics, just at a much deeper level.

philz1982

I'm gonna be taking my OSCP at the end of next summer after I finish my Adv Network/Web hacking classes at DSU. Let me know how the OSCP compares to the graduate classes your taking/taken.

-Phil

MSP-IT

Just got back from a vacation in the Caribbean. I was hoping to get a bit done there, but the ocean and sun took hold and wouldn't let go. Hoping to get quite a bit done this week.

MSP-IT

I'm not but 2 and a half weeks in and I'm already a bit discouraged. The material isn't overly hard, but it is rough to digest. With the SSCP, CISSP and even the Stanford cert, I felt as though I had enough mental capacity to dive in when I returned home from work every day, but that's not the case with PWK. The depth of the material and the curveballs that are thrown, you really need to be attentive and at the peak of your day's mental capacity to feel comfortable enough to absorb most of the information, and that's almost never the case for me after noon.

I was also able to study while at work during the other certificates, but my work environment keeps me from being comfortable from even attempting to SSH out of the network to my lab machine, as this course doesn't fall under my line of work. That being said, I'll have to dedicate my weekends and days that I work from home to the course labs, thus keeping my pace quite a bit slower.

NovaHax

philz1982 wrote: »

I'm gonna be taking my OSCP at the end of next summer after I finish my Adv Network/Web hacking classes at DSU. Let me know how the OSCP compares to the graduate classes your taking/taken.

-Phil

No comparison man. I'm currently doing my Masters in InfoSec at Strayer University, and while there are lab activities in most of my PenTesting courses, they mostly consist of following very explicit instructions (type this, click that, etc...). OffSec is gonna make you figure it out yourself. Some university programs may be different...and your mileage may vary, but I have yet to take a course at any university that even comes close to the difficulty of or quality of knowledge acquired by the PWB/PWK course.