OSCP--Jumping in the ocean without knowing how to swim (#Ain't_Never_Scared)

Blucodex

Can we get an update from the OP?

PC509

How much Linux knowledge is needed? A decent foundation, or expert level? I'm far from an expert, but I have probably Linux+ knowledge (foundation level knowledge).

Update, OP! Sounds like you're kicking ass!

JasminLandry

PC509 wrote: »

How much Linux knowledge is needed? A decent foundation, or expert level? I'm far from an expert, but I have probably Linux+ knowledge (foundation level knowledge).

Thats should be enough. You don't need to be an expert to do the OSCP.

22306

you dont have to be an expert on using linux at all. i have been hacking away for about 30 days and everything is going as expected. learned couple new tricks and whats helping the must are the people from the discord chat.

Shane2

Is the discord chat private?

I don't plan on taking the OSCP until way later this year, but I would love to lurk a bit.

jtoca

Nice! Keep up the good work OP, this is motivation.

CJWelch89

22306 can I ask what professional experience you had prior to starting this course and also what certifications you possessed?

I only have the A+, N+ & S+ with about a year exp in each 1st line (pw resets, installs, basic troubleshooting), 2nd line (tech support, patching, desk-side, more complex installs) and 3rd line (app support/sys admin/edi) so would like to gauge how ready I am if I were to jump into this. I'm also about to enrol on the eJPT of which I am led to believe will help should I wish to start the PWK course and challenge the OSCP...

Many thanks,

TreySong

tcundiff wrote: »

Hey 22306,

I just enrolled in PWK myself 90 days will be starting 4 Mar, the book by Georgia Weidman is a very good resource for preparation I am using it, I don't have any experience in Pen-testing but I figured I could at least "Try Harder" and get the PWK course and OSCP Cert done. I am also in the NOVA area 22314 if you wanted to collaborate on getting it done let me know. Good luck

Thanks for this. I am starting OSCP next weekend and I have just ordered the Georgia Weidman book. Let's hope it will be useful.

TreySong

Ignacio2019 wrote: »

I like this thread, 22306, and your posts so far. Please keep it up. I am starting PWK this Saturday April 1 and hopefully I'll have the last laugh.

How are you getting on? I am starting next weekend.

Ignacio2019

Hi TreySong,

On the 1st, I made a schedule that would take me through the course material and exercises - plus doing some Vulnhub walkthroughs - and finish today. I am about 3 days behind schedule, but I completed 11 Vulnhub walkthroughs in that time and hope that will come in handy.

I am itching to get to the machines in the lab - I will start in 2 days no matter what - but I am not a pentester by trade, and I am a methodical type of learner, so I wanted to go through all of the course materials and do the lab exercises. Plus, I have some security certifications to maintain for year 2017, and completing the lab stuff will get me a chunk of CPEs (e.g. 40 for my CISSP).

So far, it's been amazing. I haven't used the term "drinking from a fire hose" in a long time, and it reminds me of diving into infosec back in 2004 when I moved from software development, got my CISSP, and immediately landed in a 40 hr per week infosec gig.

I am averaging 6 hrs per day since April 1. For new areas for me like using exploits and modifying them, I am taking the time to explore it fairly deep and not blow by it, and I have external references that I am also using.

TreySong

Ignacio2019 wrote: »

Hi TreySong,

On the 1st, I made a schedule that would take me through the course material and exercises - plus doing some Vulnhub walkthroughs - and finish today. I am about 3 days behind schedule, but I completed 11 Vulnhub walkthroughs in that time and hope that will come in handy.

I am itching to get to the machines in the lab - I will start in 2 days no matter what - but I am not a pentester by trade, and I am a methodical type of learner, so I wanted to go through all of the course materials and do the lab exercises. Plus, I have some security certifications to maintain for year 2017, and completing the lab stuff will get me a chunk of CPEs (e.g. 40 for my CISSP).

So far, it's been amazing. I haven't used the term "drinking from a fire hose" in a long time, and it reminds me of diving into infosec back in 2004 when I moved from software development, got my CISSP, and immediately landed in a 40 hr per week infosec gig.

I am averaging 6 hrs per day since April 1. For new areas for me like using exploits and modifying them, I am taking the time to explore it fairly deep and not blow by it, and I have external references that I am also using.

Wow! Both of us have the same learning and study pattern. I started last Sunday but I only just got fully set up about an hour ago. I will do a schedule and follow through accordingly. I've always believed that if you take time and understand the principles and how something work, you will be successful eventually. I'll provide an update whenever I feel it worthwhile.
I am simply looking forward to enjoying this.
Thanks for sharing.

Moldygr33nb3an

I subbed for future updates from OP.

22306

recently compromised "PAIN" and it wasnt that hard at all. i know i am not the best at this and just started learning it but pain wasn't that hard. i think the reason why some people find pain semi hard is because some changes that you have to do. (don't want to say more..Avoiding spoilers)

BuzzSaw

22306 wrote: »

recently compromised "PAIN" and it wasnt that hard at all. i know i am not the best at this and just started learning it but pain wasn't that hard. i think the reason why some people find pain semi hard is because some changes that you have to do. (don't want to say more..Avoiding spoilers)

Boss mode boss

Dr. Fluxx

Trey,

Is the CISSP much less difficult than the OSCP from your perspective?
Im going for the OSPC first, but for strictly CISSP stuff, its all about HR requirements to get noticed on my resume. I really dont want it but it seems like alot of (DoD) entities require it.

And as of note, in my pre studies for the exam, i am also very methodical when it comes to this so im pretty hyped about seeing others that are the same.

scasc

Its all about what you want to get out of your career - where you want to head. You can debate that CISSP/OSCP are polar opposites and one does not necessarily impact the other. For example I have CISSP and I work as a Senior Manager/VP in Cyber but have never needed OSCP (though have CEH for understanding the concepts). In regard to studying for CISSP - its theory based so a lot of reading and understanding concepts across the security domains whereas the OSCP (from what I have heard) is hardcore practical playing and manipulation of tools/exploits/gaining root to servers/further research to understand target etc. From my perspective the former is most likely easier. All depends on your strengths/career aspirations . Best of luck going forward.

Another thing you may notice is that jobs that ask for CISSP do not necessarily ask for OSCP and vice versa. This should tell you something.

LonerVamp

The above post is pretty much the answer. As to which is harder, that's going to be depend, since they're very different courses. CISSP covers a broad range of security concepts, but still manages to get into the weeds pretty deep at times (it often feels like security trivia). But OSCP puts your finders on the keyboard and you manually attack Windows and Linux systems. I think most would tend to find CISSP easier.

Dr. Fluxx

Thanks for the responses!

Blucodex

Dr. Fluxx wrote: »

Trey,

Is the CISSP much less difficult than the OSCP from your perspective?
Im going for the OSPC first, but for strictly CISSP stuff, its all about HR requirements to get noticed on my resume. I really dont want it but it seems like alot of (DoD) entities require it.

And as of note, in my pre studies for the exam, i am also very methodical when it comes to this so im pretty hyped about seeing others that are the same.

CISSP is a cakewalk. It's just common sense and memory. OSCP requires hands on which comes with experience.

fabostrong

OP, I hope the journey is going well. Give us an update when you can.

lynad

Hi OP, can you add me to the discord channel lynadadebayo on gmail, thanks

materwelon

in for updates

LonerVamp

Update! Update! Update!

JoJoCal19

Well, I guess jumping in the ocean without knowing how to swim must have got the best of him lol

OP, hope it's going well and definitely would love an update.

Dr. Fluxx

lol I know huh!
I thought he was insane for doing that...im SILL doing a bit of pre-study before I go to the torture chamber.

chrisone

JoJoCal19 wrote: »

Well, I guess jumping in the ocean without knowing how to swim must have got the best of him lol

Brutal man brutal!

teawreckz

In for updates...if you haven't drowned yet, OP. LOL.

Pretty gutsy move.

Dr. Fluxx

The Titanic....

palevelmode

its already August, guess OP already drowned.

ITSpectre

22306 wrote: »

What did i do for prep? NOTHING

Way to go in head first.... I want to see updates as I am studying for the OSCP as well....