OSCP - My Journey - si20 (Starts 22nd Sept)
Comments
-
MSP-IT Member Posts: 752 ■■■□□□□□□□Thanks for the updates.
Although it's not super encouraging to hear, it's nice seeing that I'm not the only one struggling with the material. -
KR34 Member Posts: 7 ■□□□□□□□□□si20 , the exam machines are easier then some machines in the lab , in 60 days i pop only around 15 box , i set for the exam and i was able to root 3 machines but i failed " 50 points only " ;( Then for 3 months i was focusing on my weakens " Exp Dev + Web App " online for free .. then i took 15 days believe me it was different i reached to Dev network only , and that 15 days was including one exam attempt again i failed because in the first 5 hours i root 2 machines then i took long rest like a **** " i hated my self that time" and i got 1 limited shell and my VM crashed . After 1 week again i took 15 days and i passed the exam i root 3 machines and 1 limited shell . after 6 month i took 15 days to sharp my rusty skills - am not enjoying the vulnhub.com or the boot 2 root cds ... the THINC.local is a real network , because am a system admin and till this time did not find any pen-test job ;( so this course is not only about get another certificate to add to your CV .
The exam machines are easy believe me just focus on privilege escalation exploits for both ( Windows & Linux ) . Improve you reporting skills also . Failing the exam is not the end of the world . Currently i am doing " WAPTx " from els , wish you all the best & if you need any help just PM me -
si20 Member Posts: 543 ■■■■■□□□□□That's quite encouraging to hear KR34. I'll certainly keep this thread updated right until the very end!
-
si20 Member Posts: 543 ■■■■■□□□□□Ok, so here's the latest. It's pretty much 4am at the time of writing. Been on the OSCP for around 12 hours today. Not popped anything but i've learned some stuff that ISN'T included with the course and it's those little things that make it worth it. I've set myself a target of popping 1 machine per day for the final 14 days of the course. If I could manage this, I think i'll feel much more ready for the exam at the end.
I'm going to be learning more in the coming days, so realistically I may not end up popping 14, but I should have some good knowledge even if I don't pop a machine. -
impelse Member Posts: 1,237 ■■■■□□□□□□Those machines that are coming will really make you a good pentest, they are the real ones.Stop RDP Brute Force Attack with our RDP Firewall : http://www.thehost1.com
It is your personal IPS to stop the attack. -
si20 Member Posts: 543 ■■■■■□□□□□Hey folks, just an update to say: I taken the OSCP exam two days ago. All I can say is that it was gruelling. I found it just as hard, if not harder than the labs. This may be due to the fact that you're given 5 machines to exploit within 24 hours. A long story short, I used 22 hours on the exam....yes, I was awake for around 25 hours overall. I managed to to root 3 boxes, get a limited shell on another and I didn't end up gaining any access to the last one - mainly due to lack of time left along with tiredness.
So with all that being said, i've submitted my report(s) and i'm waiting on a PASS/FAIL email. One thing I have noticed, is that my report, which I typed up yesterday - had a few typos in. This was due to me getting 40 minutes sleep in 36 hours. I really, really hope OffSec wont penalize me for them
Anyway, here's hoping it's a PASS. Then I can have a month or so out before I move onto a new course/cert. -
JoJoCal19 Mod Posts: 2,835 ModCongrats on finishing the exam si20. I hope you're able to get the pass! Would you mind doing a review, even if a mini one? I'm definitely doing the OSCP next year, I'm just trying to decide for sure if I want to pull the trigger on the PTPv3/eCPPT first or go straight to the OSCP.Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework -
impelse Member Posts: 1,237 ■■■■□□□□□□it is hard exam, I hope you get the pass, if not, you already know where to improve, you will nail it.Stop RDP Brute Force Attack with our RDP Firewall : http://www.thehost1.com
It is your personal IPS to stop the attack. -
si20 Member Posts: 543 ■■■■■□□□□□JoJoCal19 - I've just recieved an email to say I passed!! So yes, i'll definitely do a write-up on my blog tonight so you can get a feel for it. It might end up being quite a long review!
Thanks Impelse, your post of encouragement certainly helped big time in the last few weeks -
JoJoCal19 Mod Posts: 2,835 ModCongrats!!!! That's a huge accomplishment. Let us know how it affects your employment prospects. Does OffSec have the same recognition in the UK as it does over here in the US?Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework -
si20 Member Posts: 543 ■■■■■□□□□□Thanks guys I really appreciate it!
JoJo - I'm not 100% sure how the cert is recieved in the US, I'm guessing it's very well regarded?? In the UK, I definitely think it's becomming the one to have security-wise. I have met people with the CEH and they know alot of theory (which is great!) but they have no practical security skills. The OSCP combines a fair bit of theory with excessive amounts of practical work and i've seen quite a few IT Security jobs saying they prefer the candidate to have the OSCP.
I'm going to get to writing my review now, so i'll PM you the link to my blog so you can take a read once it's done -
[Deleted User] Senior Member Posts: 0 ■■■■□□□□□□Do you feel differently about the certification now that you've passed? I'd be interested in reading your review as well.
-
si20 Member Posts: 543 ■■■■■□□□□□Lmalachi, my blog can be found here. I feel like it was a great course. I think it covers a massive amount of material. I just wish I could have studied it over a 6 month period. Even though I passed, I feel like there is a ton of stuff I could still have learned if I could have more time in the labs. I also wish the study guide covered a few more things, but i'm going to put that in my feedback to OffSec. Hope the review is somewhat useful!
-
impelse Member Posts: 1,237 ■■■■□□□□□□CongratsStop RDP Brute Force Attack with our RDP Firewall : http://www.thehost1.com
It is your personal IPS to stop the attack. -
YFZblu Member Posts: 1,462 ■■■■■■■■□□Nice work!! I'm about to resurrect my OSCP thread, and get a 30-day extension.
-
JoJoCal19 Mod Posts: 2,835 ModLmalachi, my blog can be found here. I feel like it was a great course. I think it covers a massive amount of material. I just wish I could have studied it over a 6 month period. Even though I passed, I feel like there is a ton of stuff I could still have learned if I could have more time in the labs. I also wish the study guide covered a few more things, but i'm going to put that in my feedback to OffSec. Hope the review is somewhat useful!
The good thing is you have the course PDF so you can further study your weak areas and now with OffSec creating the new hacker playground, you can keep your skills sharp.Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework -
[Deleted User] Senior Member Posts: 0 ■■■■□□□□□□Thanks for the review! I'm not sure when/if this will ever make it to my radar. I don't know if I'll ever have the time to dedicate three or more hours a day on something like this. I would have to have a serious discussion with the wife before tackling this. I think I am a ways off from being prepared to even think about the exam though. The threads that have popped up in this forum have helped me greatly in determining where my skill level is and what I need to do in order to get to the next level.
-
H3||scr3am Member Posts: 564 ■■■■□□□□□□Congratulations on passing the OSCP I'm interested in it at some point, but not for a while yet I'm sure....
-
dookdook Member Posts: 17 ■□□□□□□□□□Si20...congrats on getting your OSCP!
I've been following a few peopls threads on here regarding the OSCP, and reading other peoples reviews. It's funny seeing how similar a lot of the advise people say on the reviews
I'm hoping to attempt the OSCP in 2015, and if i do, i'll start a similar thread on here.