Cracking the Perimeter: Journey to the OSCE

MooseboostMooseboost Member Posts: 778 ■■■■□□□□□□
Finishing up my OSCP left me wondering what my next step should be. My initial thoughts were to focus on web applications and get into bug bounties. The more I thought about it, the more I kept circling back to what I wanted for the longest time: Reversing applications and finding vulnerabilities, then building custom exploits. That was one of the primary reasons being a software engineer was my dream as a kid. I wanted to learn about things worked at the base level and figure out how to break them. Writing the buffer overflow in the OSCP reminded me of the dream.

The OSCE seems to be a mountain of a challenge. I have minimal coding experience and no dev experience. I don't know C code and I don't know ASM. I messed with Java and C++ many moons ago. I haven't touched either since I was 14 and a curious lad in my AP Programming class. Looking back I regret not going down the path I wanted so bad. Life happened and now I am ready to grab that passion again and drive on. I've developed a rough plan that I think will help me prepare for the course. There isn't really a set timeline like there was with the OSCP. I'm looking to take my time and really understand things. There are a lot of gaps that will need to be filled. I don't want to *just* pass the course. I want to fully understand what it is that I am doing.

The outline:

- SLAE course, 32bit and 64bit. The OSCE is 64bit, but again my goal isn't to just do what I need to pass.
- Corelan, Securityshift, and FuzzySecurity exploit writing tutorials.
- Reverse Engineering / Exploit challenges.
- Finding vulnerabilities on Exploit-DB and trying to recreate them on my own.
- Finding older software and trying to find 0day / new vulnerabilities.

I've already purchased the SLAE courses. Tulpa Securitys OSCE review had a discount link that netted me both versions of the course for $199. That was too good of a deal to pass up! I won't be diving hard-core into the course every day all day like I was with the OSCP. The OSCP was for my career and had a hard-set timer on it. The OSCE is for me, so I want to take my time and enjoy the process of getting to where I need to be. If it takes me a year, then it takes me a year.

Here we go!


  • Options
    ottucsakottucsak Member Posts: 146 ■■■■□□□□□□
    Awesome, keep us updated. Would love to hear more about how it is compared to the OSCP.
  • Options
    meni0nmeni0n Member Posts: 68 ■■■□□□□□□□
    I was looking into OSCE as well and like you have very limited programming experience. Is the SLAE you got the same course as pentester academy? My main goal right now is do a few courses off that site especially the SLAE and then try the CTP course.
  • Options
    JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    Awesome Mooseboost! Sub’d and will be following your progress. It is much more enjoyable when you can take your time rather than having to stay on a strict timeline.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • Options
    gespensterngespenstern Member Posts: 1,243 ■■■■■■■■□□
    Check out a free popular course called "modern binary exploitation":

    Modern Binary Exploitation - Spring 2015

    They teach the basics on various hacker conferences, but of course it's just too much material for a single conference session.

    PS Also SANS FOR610/GREM exam is an obvious suggestion if your employer is willing to pay. Awesome course.
  • Options
    securitychopssecuritychops Member Posts: 52 ■■■□□□□□□□
    After finishing the OSCP I also found myself eyeing the OSCE. I also ran across a handful of blog posts pointing me to the SLAE and am just finishing it up and only have positive things to say about it.

    I learned a ton and I really enjoyed the self paced format as well as the final exams format of requiring blog/github posting.

    I found by forcing a written explanation it caused me to end up spending a lot more time doing the needed research to have a much better understanding as to why something was happening and not just that something happened!

    Scheduling is my biggest issue right now for starting the OSCE, but I can definitely say that after completing the SLAE coursework and final exam I was able to get through the two step challenge for registration for the OSCE in about five minutes, so for me it was time well spent as I will be ready to register in a month or so one I get some free time!

    Have fun and enjoy the course, it was super fun! :)
    Current Certs   : OSCE, OSCP, CISSP, Pentest+, Security+, SLAE, SLAE64
    Goals for 2019 : OSEE
    Goals for 2020 : OSWE
  • Options
    chrisonechrisone Member Posts: 2,278 ■■■■■■■■■□
    Excellent choice! I am right behind you bud! Looking to do the CTP OSCE journey sometime in october. I figured, jumping straight into OSCE is the best thing to do. If its a goal and a dream why wait?

    I have the same resources as you, but I am also going to go over the Practical Malware Analysis book and the unicorn tutorials.

    - SLAE course, 32bit and 64bit.
    - Corelan, Securityshift, and FuzzySecurity exploit writing tutorials.
    - Unicorn Malware 101 and 102 courses
    - Practical Malware Analysis
    - IDA Pro 2nd Edition. (Not sure if needed though)
    - Practical Reverse Engineering (Perhaps not needed but its extra material/resource)

    Very exciting to start a new journey! Goodluck!
    Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
    2023 Cert Goals: SC-100, eCPTX
  • Options
    MooseboostMooseboost Member Posts: 778 ■■■■□□□□□□
    Yeah, the same SLAE course as the one from Pentester Academy. I wanted to do the course instead of just the videos because I wanted the exercises / exam. JollyFrog gave it a high recommendation and we all know JollyFrog was a beast on both the OSCP and OSCE so I take his advice to heart.

    Thanks for the link to the course! I'll definitely check it out. Always up for new / additional material!

    @ Chris - I'll actually be reading Practical Malware Analysis, for a different reason though. Malware analysis is a component of my new job - so it will come in handy. I haven't seen Practical Reverse Engineering but I will be grabbing a copy of that! I think malware analysis / reversing goes hand-in-hand with appsec. At the end of the day its taking something apart and figuring out how it ticks.
  • Options
    ottucsakottucsak Member Posts: 146 ■■■■□□□□□□
    Any updates on your progress? icon_thumright.gif
  • Options
    MooseboostMooseboost Member Posts: 778 ■■■■□□□□□□
    Not too much to update currently. Was in FL for a week training for work and have been spending most of my time adjusting to working from home/new job. I started the SLAE course but have not gone too far. Spending a little bit of time learning some German - new company seems to appreciate bilingual and they mentioned German was one of the ones they were looking for most.

    Hoping to pick it up more next week and really start focusing on the 32-bit SLAE course.
Sign In or Register to comment.