OSCE - My journey to fight a dragon
BuzzSaw
Member Posts: 259 ■■■□□□□□□□
I have started my journey towards OSCE! Apparently one round of torture wasn't enough, so I'm back for round two.
OSCP was such an incredible journey. I have grown quite fond of Offensive Security Training!
This thread will serve as a way for me to keep track of my progress, and perhaps help some others that may be looking to follow this path as well.
Some background:
I am a systems engineer with 15+ plus years of technical experience.
I do some level of security in my day job, but I am not a red teamer by trade. I have a pretty solid grasp on techniques and methods. However, my exploit development game is basically non existent aside from what I had to do for my OSCP.
As for other certifications, I currently hold the OSCP, CEH, SSCP. I also just recently hacked my way to domain admin in the Pro lab offering from Hack the Box.
I feel like I have a pretty good working knowledge in this realm now. But one of by big glaring weaknesses is be ability to develop my own exploit code rather than work with pre-made exploit code.
Therefore -- Enter the OSCE
For those that don't know, the OSCE registration process is "safe guarded" by a hacking challenge. This challenge must be solved before you can even register for the course. I looked at this challenge during my OSCP studies, and I think I have a solution. However, the nature of this challenge is to ensure that people are not getting in over their heads. As such, I want to ensure I am not getting in over my head
So, my journey is starting with preparations. Today I have started by brushing up on my register knowledge, and have begun brushing up on my assembly knowledge.
Below are some great resources on the topic:
https://www.securitysift.com/windows-exploit-development-part-1-basics/
https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/
Next up: SLAE
OSCP was such an incredible journey. I have grown quite fond of Offensive Security Training!
This thread will serve as a way for me to keep track of my progress, and perhaps help some others that may be looking to follow this path as well.
Some background:
I am a systems engineer with 15+ plus years of technical experience.
I do some level of security in my day job, but I am not a red teamer by trade. I have a pretty solid grasp on techniques and methods. However, my exploit development game is basically non existent aside from what I had to do for my OSCP.
As for other certifications, I currently hold the OSCP, CEH, SSCP. I also just recently hacked my way to domain admin in the Pro lab offering from Hack the Box.
I feel like I have a pretty good working knowledge in this realm now. But one of by big glaring weaknesses is be ability to develop my own exploit code rather than work with pre-made exploit code.
Therefore -- Enter the OSCE
For those that don't know, the OSCE registration process is "safe guarded" by a hacking challenge. This challenge must be solved before you can even register for the course. I looked at this challenge during my OSCP studies, and I think I have a solution. However, the nature of this challenge is to ensure that people are not getting in over their heads. As such, I want to ensure I am not getting in over my head
So, my journey is starting with preparations. Today I have started by brushing up on my register knowledge, and have begun brushing up on my assembly knowledge.
Below are some great resources on the topic:
https://www.securitysift.com/windows-exploit-development-part-1-basics/
https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/
Next up: SLAE
Comments
-
datakan
Member Posts: 17 ■■□□□□□□□□
-
BuzzSaw
Member Posts: 259 ■■■□□□□□□□
I've actually had that bookmarked for some time. I have consulted his list quite a bit.
It's a great resource no doubt!
My update:
I have put the order in for SLAE and am waiting on materials to be delivered.
Over the last couple days, I have been going through this video series. If you follow it through from video 1, things do start to click!
https://www.youtube.com/watch?v=VQAKkuLL31g&list=PLetF-YjXm-sCH6FrTz4AQhfH6INDQvQSn -
BuzzSaw
Member Posts: 259 ■■■□□□□□□□
Update
I took the weekend off - I needed a break for a few reasons. But I am back at it today.
I'm through the first 7 lessons from Vivek. About to Go through all of the GDB course ware tonight \ tomorrow.
It's starting to click! -
TeKniques
Member Posts: 1,262 ■■■■□□□□□□
Good luck to you! The SLAE will prepare you well for the course.
