Virtual Hacking Labs after OSCP
securityorc
Member Posts: 58 ■■■□□□□□□□
I've finished the year with a bang and got my OSCP. After thoroughly enjoying the labs, I've been wondering if I could gain more by continuing with https://www.virtualhackinglabs.com/ - all the reviews are positive, but people have mostly used it as preparation for OSCP. I'm not sure where it ranks in terms of difficulty and variety, I'm looking for some added value out of it, so wouldn't want it to be easier compared with the PWK labs. Anyone that has experience with it and can shed some light if it's suitable for after OSCP?
Comments
-
N7Valiant Member Posts: 363 ■■■■□□□□□□Meh, hard to say unless you've done both labs and OSCP to rate relative difficulty. I just did 20 boxes on VHL and got their basic certificate, which I doubt is recognized by anyone in the world. If I had to guess based on what's been recommended, Beginner box = 10 point machine, Advanced = 20 point machine, and Advanced+ = 25 point machine.
Wouldn't know how that translates across the PWK lab since I don't start until next week.
I don't know if there's a point to it after OSCP though. I'd rather just continue with active HTB boxes.OSCP
MCSE: Core Infrastructure
MCSA: Windows Server 2016
CompTIA A+ | Network+ | Security+ CE -
bigdogz Member Posts: 881 ■■■■■■■■□□@securityorc Thanks. I have used this and it is nice to know others have stated the same thing. I think I will hit this cert soon.
-
LonerVamp Member Posts: 518 ■■■■■■■■□□Grats on the OSCP! I have not yet used VHL, but it's on my extended to-do list.If it helps at all, I'd suggest a more cost-efficient approach and hitting up HTB for a while. There's lots of retired boxes to learn from.
Security Engineer/Analyst/Geek, Red & Blue Teams
OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs? -
bigdogz Member Posts: 881 ■■■■■■■■□□..yeah... sorry @securityorc ... Congratulations on the pass!!!!I will be taking this cert this year.
-
securityorc Member Posts: 58 ■■■□□□□□□□I've decided to start building my AD attack skills instead and will go for https://www.zeropointsecurity.co.uk/red-team-ops in February
-
chrisone Member Posts: 2,278 ■■■■■■■■■□securityorc said:I've decided to start building my AD attack skills instead and will go for https://www.zeropointsecurity.co.uk/red-team-ops in FebruaryCerts: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX -
securityorc Member Posts: 58 ■■■□□□□□□□chrisone said:securityorc said:I've decided to start building my AD attack skills instead and will go for https://www.zeropointsecurity.co.uk/red-team-ops in FebruaryIt's worse...in pounds xP But I'm hyped for it, Rasta knows his tradecraft. I am not a big fan of PentesterAcademy, their teaching approach just doesn't resonate well with me, though I have not tried the red team labs. I was planning a progression of Rasta's Red Team Ops -> Offshore -> Rastalabs -> Pentester's Academy intermediate and advanced red team labs (skipping the 1st tier one).As for certificates..none of them have any real value in my opinion. In fact, I'd feel bad claiming to be a "certified red team whatever". It's the practice and the knowledge acquired doing things that I'm after. Right now, I don't have the hardware capital to build my own labs, but that's a project I'll have to get going someday.I hope I'll get my company to pay for it but if not...I've spent my own money on worse things...IHRP *cough cough*
-
chrisone Member Posts: 2,278 ■■■■■■■■■□I wouldn't necessarily feel bad about having a red team cert, pentester academy's PACES and Advanced labs are very challenging and have impressed Rasta himself. Nikhil is a very good teacher, I took his Advanced Active Directory for Red and Blue team course at Blackhat last year, it was very well done. He has a new course and training for blackhat this year. The guy is a guru and always on top of AD/red team pentesting. I wouldn't mind having Rasta's certs as well since he is respected and known in the industry.
At the end of the day it truly is about the knowledge acquired and the proficiency to execute those skills in the real world.
Your progression path looks good. Look at it this way, all those courses are still cheaper than 1 SANS course and that is not even including your 6-7 day hotel fees lol
Did you already sign up for the Red Team Ops course?
Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX -
securityorc Member Posts: 58 ■■■□□□□□□□I want to start it mid-February, had an active PentesterLab subscription that I'll freeze while working on it. And the countdown starts from the moment of purchase, but all seats were filled to capacity at launch as well, so hopefully that will be enough time for some spots to free up.