Calling all Penetration Testing with BackTrack (PWB)/OSCP students!

smoofy

Hi all,
I would like to register for this course next week, but first of all I would like to ask few questions all off you experienced. How much time have you devoted to study troughout the course in average daily etc and how much was it aproximately altogether? I finish at my current job on next friday and would lake to take longer vacation about few months which I would like to spend with extending my knowledges between I will look for another job. Do you thing that is possible finish the course in lets say one month full-time?
I do use unix-like systems on regular basis and worked as an IT administrator for certain ISP in the past. Also have little bit of knowledge about programming and scripting in python, bash etc.

Thank you for your advices that comes on your mind and you would share with me

impelse

In my case I am still working with modifying exploits in the lab (I did not finish yet the lab) and it's been around 45 days, some of them nothing, others from 2 to 4 hours (I am working with Family), if you are single and have all the time and good knowledge like you said probably you will able to finish in one month, but remember you want to be GOOD in this feel, so take your time....

smoofy

Yes, I would like to dedicate most of the time, like 8 hours a day or more to it. This stuff is my hobby so not a big deal, but even though I think everybody needs a break even from things he likes . It might help me to get a better job or at least salary so why don't try it?

How would you describe your time occupation, meaning how much time you spend with studying and how much with actual "hand-on" job during the course? And do you think you would learn more if you have more time to spend in the labs even after you were done or you actually depleted course potential?

smoofy

Last question seems to by little bit out as I missed that part of your answer about being still working in the labs Sorry

impelse

It's ok.

When you are studying (lab/video) you need to do the exercises, in that moment you are practicing, for example they ask you to scan all the network and find which tcp/udp are open ( you learn to create your own scripts to save the info), in my case I did not have any knowledge of scripts or using grep but I learnt it and I begin to use it more often. Also in another lab they will ask you to enumerate if smtp is vulnerablele to verification, now you begin to look for smtp port open, step by step you begin to build up the skills, at the end you begin to have fun try to hack all the machines.....

You will not feel the time, you will drill it. Take it, I procrastinated too much time this training.

smoofy

Ok, so I go for my registration next week and see what is gonna happen. Hope it is at least as good as you guys declare it is cause it is quite expensive but I think it is worth the money. Will share my experiences with you.

the_hutch

smoofy wrote: »

cause it is quite expensive but I think it is worth the money.

Relatively speaking...it is not expensive at all. In fact, its one of the cheapest security certification training programs you can find. Plus reputation has it, the lab environment is exponentially better than most other training programs. I spent $1899 on a CEH certification training program and the labs were terrible. And I just spent $3899 on my CISSP bootcamp...for 4 days of content. I haven't taken OSCP (I plan to after CISSP in August) but I can already tell you that it is well worth the money.

j-cert-man

Hi all,
I decide to post this here rather than create a new thread. Let me know if you want me to move this to it's own thread!

I bought the PwB material and lab access in July 2011, but did not get started for work reasons. Work isn't a problem anymore and I've started again and I will keep working on this - I won't quit this time!!! SO far:
* I have watched all the videos once and realised how much there is to it! So changed my approoach
* I spent 2 weeks watching cbtnuggets (24hr access) on Linux to understand more about the file system, privileges and bash scripting
* This worked and I feel confident about the entry level modules 1 to 5
* I am trying to work through Module 6 - Buffer Overflows. Again I was in over my head, so I've spent a week on securitytube dot net watching Viveks ASM Primer and I feel better on this topic
* I think I'm going to have to keep doing this on lots of topics ... Python for example
* I plan on going through the lab workbook and videos in more detail before buying a chunk of lab time

I am an experienced Network Engineer 8 yrs - CCNP, CCSP and am trying to move into Cyber-Security, specifically pen-testing. I know Networks, Firewalls and VPN's. I also know IDS/IPS's. It feels a bit strange to be starting again ... here's my question:

Anyone want to study together - we can motivate and make sure our heads don't drop.

I know I have lots to learn. Cheers

J

smoofy

There is always lots to learn . I just made up my mind and registered for course today and should start on next sunday so we can exchange some ideas afterwards should you like.

impelse

I am stuck looking for exploit for the lab, modifying other people exploit.....

smoofy

Registration done, payment approved and can not wait till I start. If it is not as good as you said I gonna be haunting in your dreams you lot It is a pitty that I could not start this sunday!

ipchain

impelse wrote: »

I am stuck looking for exploit for the lab, modifying other people exploit.....

Sorry to hear that. What seems to be the problem? Feel free to PM me on IRC...my nick is same there.

ipchain

smoofy wrote: »

Registration done, payment approved and can not wait till I start. If it is not as good as you said I gonna be haunting in your dreams you lot It is a pitty that I could not start this sunday!

Awesome. Good luck with the course - I am sure you will have tons of fun!

YuckTheFankees

How's everyone doing with the course?

smoofy

I am going slowly but surely. Great course indeed I have learned so much stuff already a I still do not know nothing and what is the best the course makes you to step aside and study plenty of side topics pretty deep as well. I think that once one finishes the course he keeps continue to study as a great hobby and fun. I love it so far.

the_Grinch

Might definitely take this course after I finish Python...

YuckTheFankees

I've pretty much decided against pentesting as a career but my heart still wants to try this course.

impelse

My case is the same, I am moving very slow, I will add another 60 days

JDMurray

YuckTheFankees wrote: »

I've pretty much decided against pentesting as a career but my heart still wants to try this course.

It's one of many skills worth having experience with for most technical InfoSec professionals. You may not be doing pen testing for a living, but you may work with pen testers, and you will better understand how they do their job.

impelse

It is right, I got an interview and got a job offer, just to mention this training and how difficult is and some times I study very slow because we need to learns the details (they knew about this training) and how to apply it.

At the end I feel I am getting some experience with the same machines, lol

YuckTheFankees

Impelse, did you obtain a security position?

smoofy

I decided to provide little update on my progress. I have managed to get to Win and linux exploitation so far and right now I am studiing Art of Assembly Language. I am literally drowning in studiing materials and, as I call it, sidequests Have not seen the lab guide nor lab itself for while now even though I still study. I have 14 days left and I hope a manage to do all the lab exercises so I do not need to extend it but there is still too much to learn. But as somebody said before, it is definitely worth it!

ipchain

Anyone else in for PWB / OSCP? If so, what's your status? I am currently taking OSCE

the_hutch

i'm taking the_grinch's lead and going to take SPSE (SecurityTube Python Scripting Expert) first. Should be working on OSCP before the end of the year. How is OSCE going? Is it brutal? And is it just more advanced techniques or does it cover different topics?

YuckTheFankees

SPSE would be a good choice before the OSCP. I know one guy who has passed it and he said it was the most challenging test/cert/class he has ever done.

the_hutch

YuckTheFankees wrote: »

I know one guy who has passed it and he said it was the most challenging test/cert/class he has ever done.

Are you referring to OSCP or SPSE?

YuckTheFankees

Sorry about that, I was referring to the OSCE.

the_hutch

Oh yeah...I have no doubt that OSCE is a beast. I don't know anyone who has it.

nicklauscombs

i have once again picked up 30 days of lab time to hopefully finish out this exam. it's actually refreshing to spend 60 days in the lab and come back a few months later and jump in again.

YuckTheFankees

any updates?

I officially bought the OSCP course, starting the 12th. Do they grant access to the lab guide and video's before the start date (I know I can't use the actual lab until then)?

** I emailed them asking if I could start sooner and I just received an email stating I'm starting on the 5th