Which exam before oscp to help getting into flow

mirror51

Is there any exam which is  similar to oscp but very easier so that i can first give that exam to get an idea about pentensting and all stages.
I am very new to pentesting and first want to get understanding by preparing for  easy exam. Exam hs to have labs  etc not just theory and report writing as well to pass

Any idea ?

tedjames

eLearnSecurity Junior Penetration Tester. If you're new to penetration testing, I'd recommend not going straight into OSCP.

Info_Sec_Wannabe

It is not an exam, but I suggest you look at TryHackMe or HTB so you can get some hands-on experience first and better appreciate the theory that comes with those exams.

JDMurray

In addition to practicing on HackTheBox, ,TryHackMe, and VulnHub, look into bug bounty programs, such as HackerOne, to find real-world targets for practice. Find blog reviews of pentesting exams and Google pentesting framework and start reading.

shochan

mirror51 said:

Is there any exam which is  similar to oscp but very easier so that i can first give that exam to get an idea about pentensting and all stages.
I am very new to pentesting and first want to get understanding by preparing for  easy exam. Exam hs to have labs  etc not just theory and report writing as well to pass

Any idea ?

I'm in the same the boat...though, I've passed the CySA+ it doesn't give you enough red team practical experience.  I've dug into the free rooms of THM and have enjoyed it so far, been stumped a few times...That's when you do reconn/footprinting to help figure out your answers.  I plan on paying the monthly $10 after I finish up the free stuff.  I also have the goal to sit for the OSCP this time next year, after I get more comfortable with these lab exercises.

chrisone

JDMurray said:

In addition to practicing on HackTheBox, ,TryHackMe, and VulnHub, look into bug bounty programs, such as HackerOne, to find real-world targets for practice. Find blog reviews of pentesting exams and Google pentesting framework and start reading.

In addition to this list, I would add Virtual Hacking Labs. $250 for 3 months lab access to 40 OSCP/PWK like hosts and course pdf. Only caveat is there is no buffer overflow practice.

However you can easily practice BOF using other resources mentioned above. 

By the time you have completed these you will be more than ready for PWK course and lab. 

Good luck! 

mirror51

chrisone said:
In addition to this list, I would add Virtual Hacking Labs. $250 for 3 months lab access to 40 OSCP/PWK like hosts and course pdf. Only caveat is there is no buffer overflow practice.

provided i haven't done any pentest and if i read its pdf,  will i be able to do all  those 40 labs successfuly ? or i need some pre knowledge as well. I have 10 years  software/cloud/networking/linux/python experience but i am very new to security

chrisone

The course is for entry level to advanced.

The course does a good job of introducing the topics and getting you up to speed. There is a discord channel I can get you invite to. The channel has a sub channels for each lab host where you can ask for tips/help. You can read previous students questions and answers as well. 

Since TryHackMe is kind of free and they have awesome tutorials for beginners, I would try them first for 2 months then move on to VHL.