Attention Pentesters - CompTIA & Immersive Labs
Go sign up to test your skills for free...you only have about 20 or so days to get through all the material & it is A LOT of labbin!
https://immersivelabs.com/comptia-competition
Go check it, cheers & Hi5!
https://immersivelabs.com/comptia-competition
Go check it, cheers & Hi5!
CompTIA A+, Network+, i-Net+, MCP 70-210, CNA v5, Server+, Security+, Cloud+, CySA+, ISC² CC
Tagged:
Comments
Security Engineer/Analyst/Geek, Red & Blue Teams
OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs?
Security+, eJPT, CySA+, PenTest+,
Cisco CyberOps, GCIH, VHL,
In progress: OSCP
- Changing focus before typing takes time. The labs have no problem reacting to mouse-clicks, but after changing focus to a Terminal it can take a few seconds before I can type.
- If you're wondering which IP is supposed to be your target: ImmersiveLabs provide that information through the menu-bar at the top. For example, for the DNS labs, hover the word "DNS".
As prep for CompTIA Pentest+ these labs are pretty darn good. When we discussed the cert a few months back I'd already concluded that you need some pentesting experience to answer the questions; these labs solidify that opinion.EDIT:
Gah, that DLL hijacking is doing me in! I just don't speak enough C# to quickly hack together what I need.
EDIT:
Guaaraghgh! That focus-not-typing issue with the labs is really, really ticking me off.
EDIT:
Security Engineer/Analyst/Geek, Red & Blue Teams
OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs?
ImmersiveLabs support suggested that I take the "Welcome to ImmersiveLabs" lab, which did in fact point out that the menubar will often include multiple VMs.
Security Engineer/Analyst/Geek, Red & Blue Teams
OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs?
Security Engineer/Analyst/Geek, Red & Blue Teams
OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs?
I'll take "Things that make me go NOPE" for $100, Alex.
I played around with the labs last night for a few hours. For some reason I couldn't stop playing around with the labs, I was learning alot.
--Alexander Graham Bell,
American inventor
In cases like these, consider:
* Would it be best to use a complex, or a simple payload?
* Which port on your Kali box should you be pointing the payload at?
* Should you choose a staged or an unstaged payload?
* When generating the payload, are there things you need to be wary of? (Hint: yes there are)
UPDATE: If anyone has completed the PHP: A1 injection or the CREST SNMP lab plz PM me so that I can figure out why these two labs will nto work for me.
EDIT:
HINT: If you do it right, you'll know before the Windows box logs in.
I might be too left brained to easily learn how to do pentesting.
'My dear you are ugly, but tomorrow I shall be sober and you will still be ugly' Winston Churchil
Just give it time and remember Google is always your friend in this stuff. Also, the INFO section and the questions are huge hints to the objectives and where to go. I'm by no means good at pen testing, but after staring and googling, I was able to figure most stuff out.
Security Engineer/Analyst/Geek, Red & Blue Teams
OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs?
'My dear you are ugly, but tomorrow I shall be sober and you will still be ugly' Winston Churchil
Funnily enough, I used Hydra for all four.