OSWP - the wee journey
_nessie_
Member Posts: 39 ■■■□□□□□□□
Hello all,
(no, I'm not Vivek
)
Attempted the OSWP exam yesterday and got the "you passed" message today.
As I did with previous certs and since I really appreciate the information that's around in this site, I feel like I should contribute (albeit not with self-written
)
Anyway,
after passing the eJPT a couple of months ago, I was looking into the wireless field of things.
Merely because I wanted to set up some demonstrations in one of the areas I'm responsible for at work: general cyber awareness. And on the other hand, I felt I was thrown back in time to the early 2000's, when I, together with a fellow student, tried to prove wireless networks were unsafe, following proofs of concepts and scare documentation. If I recall correctly, things didn't turn out the way we hoped it did. I know fully understand why
. Patching wireless drivers in order to get things to work .. pfiew, we did suffer ...
I looked up quite some information about the OSWP (Offensive Security) and the SWSE (SecurityTube) before diving into things.
People have to make choices and I eventually went for OSWP.
However, I need to admit that I first crunched through the freely available SWSE Megaprimer. That took quite some time, but then again, I'm commuting by train and thus could spend some time reading/viewing/listening (if I didn't fall asleep).
The reason for going the OSWP route, was merely the structure of the course.
Although I feel both cover equal material at an equal level of quality, the setup of the Wi-Fu fits more my liking: structure, structure, structure
But hey, that's my opinion.
That said, I took the road the first videos of Wi-Fu laid out for you: go through the theory in the book first and then come back.
I actually forgot that there were video's after a while and got through all the attack methods before I realised: hey, there are still some videos.
As such, I actually went another time through the course material, by following the videos and working in the labs a second time.
This actually was another plus IMVHO compared to Vivek's course: the way the labs were approached, were more natural .. probably because of the forementioned structure.
Either way, I had both references running at the same time, getting through the labs until I found myself confident enough, grabbing the most important key points in a mindmap and added more information as I felt the need to.
Found in the meanwhile another easy to follow reference Wi-Fu - Home and had the wikipages of the aircrack suite at hand.
There's more information available nowadays than back in 2002/2003, that's for sure.
After going through all the labs and tried all the setups I could think off (oh, and making quite some mistakes along the way), I felt I was ready and decided to go for the exam .. the day after
The funny thing is, I then started to go over the possible scenarios that would render the task difficult. That was probably due to the uncertainty of the layout of the exam/challenge itself.
Either way, I still had the time to test out one or two things I hadn't so far, and actually spend a bit more time on setting up rogue APs as I felt I didn't spend that much time on them.
I was eager to start the challenge and hoped I'd have enough time going through all of it.
I frequently made copies of what I was doing and had particular directories set up to store all of it.
Needless to say I was a bit, well, um .. really? after about an hour .. have I really finished it?
Proved I had and that I'd been well prepared.
Took the time for a run and started working on the report, which I finished after about 2-3 hours, haven't timed actually.
Still nervous to get the result and happy it turned out positive today .. yay
(no, I'm not Vivek
)Attempted the OSWP exam yesterday and got the "you passed" message today.
As I did with previous certs and since I really appreciate the information that's around in this site, I feel like I should contribute (albeit not with self-written
)Anyway,
after passing the eJPT a couple of months ago, I was looking into the wireless field of things.
Merely because I wanted to set up some demonstrations in one of the areas I'm responsible for at work: general cyber awareness. And on the other hand, I felt I was thrown back in time to the early 2000's, when I, together with a fellow student, tried to prove wireless networks were unsafe, following proofs of concepts and scare documentation. If I recall correctly, things didn't turn out the way we hoped it did. I know fully understand why
. Patching wireless drivers in order to get things to work .. pfiew, we did suffer ...I looked up quite some information about the OSWP (Offensive Security) and the SWSE (SecurityTube) before diving into things.
People have to make choices and I eventually went for OSWP.
However, I need to admit that I first crunched through the freely available SWSE Megaprimer. That took quite some time, but then again, I'm commuting by train and thus could spend some time reading/viewing/listening (if I didn't fall asleep).
The reason for going the OSWP route, was merely the structure of the course.
Although I feel both cover equal material at an equal level of quality, the setup of the Wi-Fu fits more my liking: structure, structure, structure
But hey, that's my opinion.That said, I took the road the first videos of Wi-Fu laid out for you: go through the theory in the book first and then come back.
I actually forgot that there were video's after a while and got through all the attack methods before I realised: hey, there are still some videos.
As such, I actually went another time through the course material, by following the videos and working in the labs a second time.
This actually was another plus IMVHO compared to Vivek's course: the way the labs were approached, were more natural .. probably because of the forementioned structure.
Either way, I had both references running at the same time, getting through the labs until I found myself confident enough, grabbing the most important key points in a mindmap and added more information as I felt the need to.
Found in the meanwhile another easy to follow reference Wi-Fu - Home and had the wikipages of the aircrack suite at hand.
There's more information available nowadays than back in 2002/2003, that's for sure.
After going through all the labs and tried all the setups I could think off (oh, and making quite some mistakes along the way), I felt I was ready and decided to go for the exam .. the day after
The funny thing is, I then started to go over the possible scenarios that would render the task difficult. That was probably due to the uncertainty of the layout of the exam/challenge itself.
Either way, I still had the time to test out one or two things I hadn't so far, and actually spend a bit more time on setting up rogue APs as I felt I didn't spend that much time on them.
I was eager to start the challenge and hoped I'd have enough time going through all of it.
I frequently made copies of what I was doing and had particular directories set up to store all of it.
Needless to say I was a bit, well, um .. really? after about an hour .. have I really finished it?
Proved I had and that I'd been well prepared.
Took the time for a run and started working on the report, which I finished after about 2-3 hours, haven't timed actually.
Still nervous to get the result and happy it turned out positive today .. yay