Which exam before oscp to help getting into flow

mirror51mirror51 Member Posts: 84 ■■■□□□□□□□
Is there any exam which is  similar to oscp but very easier so that i can first give that exam to get an idea about pentensting and all stages.
I am very new to pentesting and first want to get understanding by preparing for  easy exam. Exam hs to have labs  etc not just theory and report writing as well to pass

Any idea ?

Comments

  • tedjamestedjames Member Posts: 1,182 ■■■■■■■■□□
    eLearnSecurity Junior Penetration Tester. If you're new to penetration testing, I'd recommend not going straight into OSCP.
  • Info_Sec_WannabeInfo_Sec_Wannabe Member Posts: 428 ■■■■□□□□□□
    It is not an exam, but I suggest you look at TryHackMe or HTB so you can get some hands-on experience first and better appreciate the theory that comes with those exams.
    X year plan: (20XX) OSCP [ ], CCSP [ ]
  • JDMurrayJDMurray Admin Posts: 13,099 Admin
    In addition to practicing on HackTheBox, ,TryHackMe, and VulnHub, look into bug bounty programs, such as HackerOne, to find real-world targets for practice. Find blog reviews of pentesting exams and Google pentesting framework and start reading.
  • shochanshochan Member Posts: 1,014 ■■■■■■■■□□

    mirror51 said:
    Is there any exam which is  similar to oscp but very easier so that i can first give that exam to get an idea about pentensting and all stages.
    I am very new to pentesting and first want to get understanding by preparing for  easy exam. Exam hs to have labs  etc not just theory and report writing as well to pass

    Any idea ?
    I'm in the same the boat...though, I've passed the CySA+ it doesn't give you enough red team practical experience.  I've dug into the free rooms of THM and have enjoyed it so far, been stumped a few times...That's when you do reconn/footprinting to help figure out your answers.  I plan on paying the monthly $10 after I finish up the free stuff.  I also have the goal to sit for the OSCP this time next year, after I get more comfortable with these lab exercises.
    CompTIA A+, Network+, i-Net+, MCP 70-210, CNA v5, Server+, Security+, Cloud+, CySA+, ISC² CC, ISC² SSCP
  • chrisonechrisone Member Posts: 2,278 ■■■■■■■■■□
    JDMurray said:
    In addition to practicing on HackTheBox, ,TryHackMe, and VulnHub, look into bug bounty programs, such as HackerOne, to find real-world targets for practice. Find blog reviews of pentesting exams and Google pentesting framework and start reading.
    In addition to this list, I would add Virtual Hacking Labs. $250 for 3 months lab access to 40 OSCP/PWK like hosts and course pdf. Only caveat is there is no buffer overflow practice.

    However you can easily practice BOF using other resources mentioned above. 

    By the time you have completed these you will be more than ready for PWK course and lab. 

    Good luck! 
    Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
    2023 Cert Goals: SC-100, eCPTX
  • mirror51mirror51 Member Posts: 84 ■■■□□□□□□□
    chrisone said:
    In addition to this list, I would add Virtual Hacking Labs. $250 for 3 months lab access to 40 OSCP/PWK like hosts and course pdf. Only caveat is there is no buffer overflow practice.


    provided i haven't done any pentest and if i read its pdf,  will i be able to do all  those 40 labs successfuly ? or i need some pre knowledge as well. I have 10 years  software/cloud/networking/linux/python experience but i am very new to security
  • chrisonechrisone Member Posts: 2,278 ■■■■■■■■■□
    The course is for entry level to advanced.

    The course does a good job of introducing the topics and getting you up to speed. There is a discord channel I can get you invite to. The channel has a sub channels for each lab host where you can ask for tips/help. You can read previous students questions and answers as well. 

    Since TryHackMe is kind of free and they have awesome tutorials for beginners, I would try them first for 2 months then move on to VHL. 
    Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
    2023 Cert Goals: SC-100, eCPTX
Sign In or Register to comment.