Calling all Penetration Testing with BackTrack (PWB)/OSCP students!

12357

Comments

  • dbrinkdbrink Member Posts: 180
    I believe I have decided that the OSCP is next on my radar. I was thinking of going with the CEH next but I need to utilize my money as well as I can so I think the OSCP is a better choice. I'm going to have to set aside some money over the next few months for this so I believe in the mean time I'm going to brush up on some of the topics mentioned in this thread.....TCP/IP, Linux, Bash, Python mainly.
    Currently Reading: Learn Python The Hard Way
    http://defendyoursystems.blogspot.com/
  • the_hutchthe_hutch Banned Posts: 827
    Tax return in a couple weeks :D. Then, it begins. I am REALLY excited. I know my personal lab inside and out. Ready for something new. And the thought of being dropped into a hacking play ground of approximately 50 machines makes me twitchy with anticipation icon_thumright.gif
  • dt3kdt3k Member Posts: 64 ■■□□□□□□□□
    REMOVED UNNECESSARY QUOTED REPLY FROM PREVIOUS POST

    Can you tell me about your home lab/setup/what you are using?
  • the_hutchthe_hutch Banned Posts: 827
    Pretty much everything is on VMware Workstation (would work just as well on the free VMware Player option, I just prefer to access my VMs remotely). All of my windows stuff is fully licensed with my TechNet subscription.
    1. Backtrack 5 R3
    2. NodeZero - Another pentesting distro similar to backtrack (NodeZero Linux)
    3. NST - Yet another pen-testing / security auditing distro (Network Security Toolkit (NST v2.16.0))
    4. Metasploitable 2 (Metasploitable | Free Security & Utilities software downloads at SourceForge.net)
    5. Fedora
    6. Ubuntu
    7. Win7 SP1
    8. Win8
    9. Win XP SP2
    10. Ubuntu Server
    11. MS Server 03
    12. MS Server 08
    13. MS Server 12
  • technosecuritytechnosecurity Member Posts: 6 ■□□□□□□□□□
    Hi All,


    i am glad to tell u all that infosec bug has bitten me (LOL) thats why i have decided to go for OSCP.i am a network security engineer who usually use to work on router,switches,firewalls. as a security person i was always thinking how corporate network servers (asterisk,exchange,database etc) got attacked or sniffed.and we use to get to know only when password gets changed or impt directory gets deleted or copied.than i realized that we are good enough to understand our firewall from inside interface but what about outside interface,how a hacker finds vulnerability and what mechanism they uses to attack the servers.when i started my journey than came to know about some terminology like metasploit,payload,etc.


    i have never done programming in my life but after doing research i came to know that yes one should know programming for going deep in securty.so these days i am doing python n became member of spse (vivke ramchandran).it is helping me a lot.now i can understand why python is used for (network.tcp/udp port scanner, how to know subnet mask through python,arp reply,buffer overflow etc). all these topics are covered in his study material.


    today is 10/feb/13 ill spend this month on studying python. and than in march 1st week ill get registered with PWB/OSCP and ill go for 90 days.friends plz gude me am i in right directon.


    Thx
  • the_hutchthe_hutch Banned Posts: 827
    today is 10/feb/13 ill spend this month on studying python. and than in march 1st week ill get registered with PWB/OSCP and ill go for 90 days.friends plz gude me am i in right directon.

    Sounds like you'll be hitting it about the same time as me. I'm starting in March as well, and going the 90 days. I'm SO excited about this course. I've been wanting to take it for four years now. But I kept telling myself...if I get this cert and study this material...then I'll be ready. To be honest, I still don't know if I'm fully "ready," but I'm done doubting myself. We are doing this!!! Even if it means replacing four or five keyboards that I end up bashing my head against from frustration. I've got about a month and a half of leave time saved up. Feel free to hit me up at any time, justinhutchens@gmail.com, and hopefully I'll see you around the IRC channel.
  • technosecuritytechnosecurity Member Posts: 6 ■□□□□□□□□□
    hey friend,

    thx for the reply.i am having some doubts,ill be soon asking u about those doubts.

    thx
  • impelseimpelse Member Posts: 1,237 ■■■■□□□□□□
    You guys are doing good studying python before the OSCP, I lost hours trying to modify exploits and really I did not know what to do with the exploit to modify it, I read a lot and run out 3 times my lab time.
    Stop RDP Brute Force Attack with our RDP Firewall : http://www.thehost1.com
    It is your personal IPS to stop the attack.

  • the_hutchthe_hutch Banned Posts: 827
    Impelse do you plan to have an active subscription during March, April and May?
  • impelseimpelse Member Posts: 1,237 ■■■■□□□□□□
    I am not sure yet, I failed one cisco exam and I need to renew the certification, after that I will take Python from Securitytube and go back to OSCP, maybe April
    Stop RDP Brute Force Attack with our RDP Firewall : http://www.thehost1.com
    It is your personal IPS to stop the attack.

  • the_hutchthe_hutch Banned Posts: 827
    That may work out well. It'll give us time to catch up with you. We currently have 3 people wanting to collaborate throughout the course. Myself, YuckTheFankees and TechnoSecurity.
  • james17601james17601 Registered Users Posts: 3 ■□□□□□□□□□
    Stick me down on that list, I will be starting mine on 03/03

    I have been lurking on this thread for some time, I have done the CEH and been using BT as a hobby since BT4. Just brushing up on Python and maybe a bit on BASH although I have used it before. I am going for the 90 days and looking forward to it.
  • the_hutchthe_hutch Banned Posts: 827
    James, I'm going to need your personal email address to add you. But I don't know if you can do PMs as a brand new member.
  • james17601james17601 Registered Users Posts: 3 ■□□□□□□□□□
    Email on its way!
  • HypntickHypntick Member Posts: 1,451 ■■■■■■□□□□
    the_hutch wrote: »
    Pretty much everything is on VMware Workstation (would work just as well on the free VMware Player option, I just prefer to access my VMs remotely). All of my windows stuff is fully licensed with my TechNet subscription.
    1. Backtrack 5 R3
    2. NodeZero - Another pentesting distro similar to backtrack (NodeZero Linux)
    3. NST - Yet another pen-testing / security auditing distro (Network Security Toolkit (NST v2.16.0))
    4. Metasploitable 2 (Metasploitable | Free Security & Utilities software downloads at SourceForge.net)
    5. Fedora
    6. Ubuntu
    7. Win7 SP1
    8. Win8
    9. Win XP SP2
    10. Ubuntu Server
    11. MS Server 03
    12. MS Server 08
    13. MS Server 12

    Just out of curiosity what hardware are you running that on?
    WGU BS:IT Completed June 30th 2012.
    WGU MS:ISA Completed October 30th 2013.
  • JDMurrayJDMurray Admin Posts: 13,091 Admin
    If a TE member in good standing will vouch for a new member, I can brush that PM restriction aside.
  • XakEpXakEp Registered Users Posts: 2 ■□□□□□□□□□
    I just joined this forum because of this thread. I just signed up for the PWB class and start on the 23rd. I'm definitely open to collaboration, always better to have someone to chat with about it. I'll be posting my experiences as I go along.
  • the_hutchthe_hutch Banned Posts: 827
    Glad to have you onboard with the OSCP team. That aside, you should stick around TE and see how you like it. Its a good group of people. And judging by your credentials, you seem to be a cert junkie like the rest of us. So I'd say you should fit in nicely, lol
  • james17601james17601 Registered Users Posts: 3 ■□□□□□□□□□
    Hey Justin, did you get my email?
  • the_hutchthe_hutch Banned Posts: 827
    James, sorry I must have overlooked it. But I did track it down in my inbox. I will send you an invite as soon as I get home from work today. Thanks for following up.
  • Killj0yKillj0y Member Posts: 39 ■■□□□□□□□□
    I just wanted to wish everyone good luck on the course and the OSCP exam. Remember to have fun.
    Certifications: GPEN, SMFE, CISSP, OSCE, OSCP, OSWP, Security+, CEHv6, MCSE+Sec:2003
  • the_hutchthe_hutch Banned Posts: 827
    Thanks Killj0y. I assure you, fun will be had. I don't even see this as a troublesome training course. More like a hacking playground with some extra resources provided to point me in the right direction.
  • InfosecDudeInfosecDude Member Posts: 11 ■□□□□□□□□□
    I plan to enroll soon as well. The only negative feedback I've received from a friend is that the course material is not too helpful at all. He said their labs are awesome but course lacks depth. He seems to have used a lot of outside help from websites and other paid courses to suppliment their material.

    Is this true?
  • impelseimpelse Member Posts: 1,237 ■■■■□□□□□□
    The material is good, but yes, you need to dig more to completely understand the subject and begin to master it

    By the way that is the mentality of a hacker

    Also you suppose to have IT experience and knowledge and you know, you are always looking for more info
    Stop RDP Brute Force Attack with our RDP Firewall : http://www.thehost1.com
    It is your personal IPS to stop the attack.

  • the_hutchthe_hutch Banned Posts: 827
    Impelse beat me to it. Couldn't have said it better myself. Its not a challenge if they give you all the answers. They give you the framework, and you have to apply it to unique real world scenarios. In the real world, you are going to have to combine academic knowledge, with experience and a whole lot of google queries. I'm looking forward to this aspect of the course.
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Welp, my life is over! I signed up for March 16th!
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • the_hutchthe_hutch Banned Posts: 827
    Lol...yup. March 9th here. So I'll have a week head-start on you.
  • YuckTheFankeesYuckTheFankees Member Posts: 1,281 ■■■■■□□□□□
    Did both of you get the 90 day lab?
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    Yup 90 day lab. At what point do they ask for you to pay? I found it weird that I could sign up and not enter my payment info?
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • YuckTheFankeesYuckTheFankees Member Posts: 1,281 ■■■■■□□□□□
    I believe they will send you a link to pay, it may take a few days.
Sign In or Register to comment.