OSCP 06-02-2018 Accountability Thread

TL;DR: I signed up for 60 days (projected to go 90) of lab for the OSCP starting June 2nd. This will be my journal/thread from that day forward.

I was a little reluctant to record this, because whether one or several hold me accountable; someone is. This is to get me to put the games down for a few months, and put the Friday work week finale's on hold. This is what I feel is necessary.

Background: I'm a skiddie at best. I do not have any professional experience in Penetration Testing/Red Team. I've read many books, from Georgia's Penetration Testing book. David Kennedy's Metasploit book. Parts of Gray Hat Hacking, Art of Exploitation, Violent Python, and I've done a few udemy courses for fun. I just received the new Hacker's Playbook.

Strengths: I enjoy this. I spend nights playing with vulnhub for fun. Most of the vulnhubs I've done, I used metasploit and msfvenom. (Mind you this was just because I was trying to learn metasploit). I completed eJPT relatively quickly (I know not even comparable). I understand networking and is my full time job.
I have an entire workspace (converted the dining room) in my home with two 32-inch monitors with dry erase board. May go 3 monitors. Depends. This will be command and control. Lots of desk space.

Dev skills are mediocre at best. I can read and understand and modify programs and scripts, but writing it from scratch is a whole different ball game. Python and Bash are the only two that I am relatively competent in comparison to the others. I could never get a job as dev.

Opportunities: None. This is just for fun. I'm Pvt. Joker in the rear with the gear in FMJ wanting to experience "the suck" that everyone talks about. I want that "stare." There is no financial gain or bragging rights because nobody in my workspace or friends circle know wtf offensive sec is.

Threats: Time. External Influences. Friends and coworkers won't understand the purpose and I don't have the patience or time to explain. They will attempt to drag me out of my cave. They will bother me for the next 90 days to go out to eat. Drinks. Play some PUBG or State of Decay 2. GF will do the same, but I told her to put her feelings in autonomous mode because she will become irrelevant most of the week. ( relax, i'm being facetious).

Sat June 2nd is D-DAY. Just as it's been said many times before. Print and read the PDF > Complete the exercises > Hit the labs>Test.

Work M-F 630-3pm: (I can make time to read). Problem with my work environment is it goes 0-100 real quick so it can be difficult to get some time to read. This is time I wont be able to do any labbing or exercising. Just reading. I may bring a laptop on the days I decide to stay after work and sneak a few labs in, but I can't count on it because despite my private network, it doesn't look good to have Kali Linux with text streaming down the screen in a secured environment. Then again, I doubt anyone would know what I'm doing and I could just say i'm "programming" before the curious scurry's off.

Off-time M-F 4pm-9pm: This is when I can complete exercises and labs. I will sneak my daily 12-15 minute catnap to stay refreshed. I imagine my coffee maker will go kaput sometime around here in this window.

Sat - Sun: These will be my sprint periods. 9am - 9pm. With 1-hour lunches and maybe a 15min snooze somewhere in there. Saturday's can go into over-time beyond 9pm. Crash modes incase I fall behind. (I will.)

Month 1: I want to be completely done with the PDF and Exercises. I will cross out the syllabus as I go. I want to make sure I have a solid understanding of this "method" everyone speaks of.

Month 2: Labs Labs Labs! July 31st, I want to be complete with the Labs!

Month 3.
Overtime. I know the Threats are stronger than I make them out to be. I know I will get burned out and will need a day break or so. Going to the bar and gassing up with the friends maybe. Hell, I may even cut those evening breaks short just to come back home and attempt the impasses in a more relaxed state.
I want to complete all the labs. I already have a large white sheet of paper pulled out where I will mark everything based on what I believe the difficulty is. HVT's will be the hardest ones. They will be the Aces. That way, if they turn out to be easy, it will surprise me. I will put them in order based on names and enumeration.
If I feel comfortable by day 90, based on what I have read, I will schedule the exam. I don't see this being the case, but I don't really know what I am in for either. I am open to a Month 4.

Who Should Follow:
n00bs, nubs, noobs, newbies, newbs, skiddies. In regards to pentesting, I'm a noob.

I will try to update daily. No promises. But I want to so I can stay accountable and of course use it to reread one day. I may look at official updates weekly with the occasional daily vents.

Footnotes: Maybe I'm overthinking this. I don't know. I'm not an optimistic person so this could just be my natural thinking habits. My chances of success, I believe, without knowing anything is 80%. This is an optimistic outlook, but I believe I should say 100%, but I can't. There is a chance I will fail, and when I say fail, I mean quit. Why? No idea. I'm just being pessimistic.

See you June 2nd!
Current: OSCP

Next: CCNP (R&S and Sec)

Follow my OSCP Thread!


Sign In or Register to comment.