Hey everyone! As of last night I have completed my registration and payment for the OSCP. I signed up for up the 90 day lab package to make sure that I get the most out of the labs before I sign up for the exam. In the following paragraph I wil give you guys a bit of background information about myself so that those of you thinking about signing up can get an idea of what my experience is and hopefully it gives you the confidence to sign up as well!
I have a bachelors of science in Information Technology, I learned a little bit in college but not as much as I could have because at the time I was in a pretty active band and we were playing shows all the time and that was my main focus. When I graduated I found it very hard for me to find a job (probably because I didnt take my college seriously until the end) in the area where I live. Luckily, one of my best friends(who is much older than me) is the CIO of a company in a town near where I live. He was kind enough to allow me to come and sit in his office and give me tasks to do and watch him do some things so that I could get some experience(an unpaid internship). Fast forward 8 months and I finally landed a job for a company working at the local hospital as a tier 2 service tech and rollout technician. Basically me and one other guy where responsible for the hardware on every single machine the hospital owned(the number was over 2000). We also ended up doing software and application support eventually due to our company willing to do anything and everything the hospital asked of them. Fast forward 8 more months, after talking to a contracting company I was told that if I could obtain my Security+, that I would have a job. I spent the next month studying my ass off, because at this point I hated my current job and wanted to leave as soon as I could(I can provide more details on this if you wish to know). After a month of studying I went and took my test and passed. I landed a job as a Remediation Analyst for a DoD/Navy contracting company. I knew basically nothing about what I would be doing when I started, I was told that I would be provided training on my first day of work. The training never happened, half way through my first day I was thrown to the wolves. I was assigned to work on a huge project that needed to be completed ASAP but yet I knew nothing about what I was supposed to be doing and I started to panic. To my relief upon expressing my concern to my team lead I was told not to worry and that I would sit with 2 other analysts and watch them perform the scanning, patching and STIGing of a machine and then I would get the chance to work on my own. This turned out to be one of the best experiences of my life because this trial by fire helped me become one of the best Remediation Analysts here. If you needed help with anything, problems with scans, patches not applying, STIGS or troubleshooting, I was your guy. A few months after the project was over things kinda went into auto-pilot mode and time was flying by and I became bored. So I decided it was time for me to move up. I talked to upper management and I was told there were positions but the one I wanted required the CASP. So I proceeded to spend the next 3 months studying my ass off abnd passed the CASP. I went back to management and after a few months of waiting I was finally given an Authorization and Acreditation Analayst job and that is still my current job.
Now that you guys know my work background I'll list a little bit of my skills and proficiency level:
Linux: Basic - intermediate
Windows: Advanced
Networking: Intermediate
Python: Basic
Bash: Basic
Assembly: Barely even basic
Shellcode: Almost none
Web Hacking: Basic
Wi-Fi Hacking: Intermediate
My goal is to root ALL lab machines before siging up for the exam. If I am unable to root all of the lab machines before my time runs out, I will purchase additional lab time.
My start date is Decemeber 25th(Merry Christmas to me!
).
While I am waiting for my course to start I am trying to pick up as much knowledge as I can through reading and crawling through forums.
List of current studies:
Learn Ethical Hacking from Scratch (Udemy course)
Advanced Penetration Testing and the accompanying book (Cybrary course)
Hacking: The Art Of Exploitation 2nd edition
I will do my best to fully document my journey into the depths of the offsec labs. Not gona lie, I am getting a bit nervous about the course but I keep telling myself that I can and will do this(just like I did when I was studying for the CASP).
I hope that was enough info for you guys for now!
