OSCP Graduate.

Well, I have been on Cloud 9 all day. This morning, I woke up to THE email

Its been a long road. Although I had already done the CREST CRT (so had some good base knowledge anyway), I started reading up properly for OSCP around this time last yr. I would have liked to keep a regular blog of my journey on here/elsewhere, but with work, etc, I knew I wouldnt be able to keep it up...sooooo here is my all-in-one entry.

As mentioned, I started reading up for OSCP this time last yr. As most know, the OSCP is unlike any other certification, in that they dont provide any public syllabus before you start the course. With this in mind, I just started reading up on all the books I could find. These would include:

- Penetration Testing by Georgia Weidman (recommended!!)
- The Web Application Hackers Handbook
- The Hacker Playbook
- Hacking Exposed Windows
- Red Team Field Manual (great for quickly putting your hands on for a command)
- Learn Powershell in a Month of Lunches (not a great, but gives you exposure to PS)
- I also tried picking up alittle Python just before I started the course, but I found myself bouncing between various books, and this didnt go too well. On the good side, although Python would serve you well on the course, its not a necessity.

I signed up for the three months option, and officially started the course at the end of Apr.

As most will know, they supply you with a large PDF containing course notes/exercises. I would love to say I went the proper route, and worked through the exercises first, before attempting the labs. I didnt. As soon as my VPN came on, I was nmap-ing away (and not very well, might I add). For anyone considering the OSCP, take my word for it - do the exercises first!

Month 1 went so fast. Full steam ahead, I was able to get most of the low-hanging fruit quite quickly. I kept notes/screenshots of the boxes I was scanning/hacking in OneNote (there may be better solutions, but this worked for me). However, I wasnt really taking in what I was doing. It was just Bang, Box down, onto the next one. Hard to put into words, but I wasnt really working on technique or procedures - I was just doing it off the top of my head.
Then Offsec went and re-did the IP addressing scheme, which set back my progress in that I had to re-do all the previous machines. I hated this (although later realised it was a good learning opportunity!).

About 6 weeks or so into the course, I started hitting brick walls. Be aware if you do the course, this will happen to you. The number of times I thought to myself "Maybe I've taken on too much, maybe I dont have enough knowledge/experience, maybe I dont have the right mindset for this after all, etc etc". Its unreal how you can go from that, to "Whooooooo I can do it!!!!!" in 2 secs, with simply gaining a low-privileged shell on a Linux box.

Month 2 flew by. It was all ups and down - hitting walls, then smashing through. I was eventually. able to get access to some of the other networks.
Towards the end of Month 2, I realised I had barely touched the exercises, and had to start on them. Off Sec made it public that students will gain 5 points for the lab report, 5 points for the exercises, for a total 10 points before starting the exam - I didnt want to tempt fate by not doing them, so I hit the PDF for a few weeks.

By the end of Month 3, I was burning out. I had gone at the course hard since Day 1. Getting into work an hour and a half early to read up/practice, at it every evening til late, and every weekend til late hours. I was able to hack most of the public network, and get into 2 other networks (although the Admin network eluded me). Then came exam time. I received the connection details, got myself online, ran various scans, etc. And then I hit another brick wall - and couldnt get through it. I ended the exam with 0 points. I was absolutely gutted, but I knew. I knew it was my own fault - I had gone at it hard, with no breaks. I had plenty of notes and screenshots of the hosts - but no proper procedures. Annoyingly, like most people, I had read tons of blogs/postings about the course, and seen people say so many times, "take breaks", but I thought I knew better.

I was down, but not defeated. An hour after my failure, I was downloading Vulnhubs, and started writing out proper procedures, and continued this until half way into Aug, where I went on holiday for two weeks. Looking back, I think this break helped me more than I realised at the time. 2 weeks without even touching a computer - a nice break (although I was missing my laptop by the end of it!).

Beginning of Sep, I signed up for another 30 days of lab access, and got back into it. I made the decision that this lab access was all about technique. I made fresh tabs on OneNote (to start fresh), and decided it didnt matter if I hacked 10 boxes or 50 - I had to work slowly, really examine what I was doing (rather than gung ho'ing it), and take time out regularly. This technique worked much better. I was half as stressed, even when I hit the occasional wall.

My 30 days ended 2 weeks before my 2nd exam date. The time between was filled with more Vulnhubs, and days off.

By the time, this weekend came. I felt calm, and completely ready for my second exam. I received the connection details Fri evening (around 8pm), connected up and started scanning. Within 3 hours, I had my first box down, and had some good idea which headway to go for with other boxes. By Saturday evening, I had 3 roots and a low priv. I submitted the report of these on Sun evening, with my lab report and exercises completed.

Yesterday was a long day!!!!!!

Woke up this morning, 45 mins early, thought "I'll just check my phone" and there she was... "We are happy to inform you ..."
Needless to say, I didnt get back to sleep!

Overall, I enjoyed the experience of OSCP. So many ups and downs. But I tried harder (sorry, had to be done!), and I got what I wanted from the course - I learned so much. And thanks to this knowledge and other my other certs/experience, I start working for a security company next month, in the Pentesting Dept

Needless to say, I would recommend the course to anyone that has a genuine interest in security/pentesting. The course is fun (the first time you get a shell....ahhhh!), and makes you really think. Be aware though, its not easy. The motto isnt "Try Harder" for nothing. (I actually saw someone complaining in the IRC, about how they didnt realise it was going to take up so much of their time).
But it is an achievable goal - it just needs real effort and real hard work!

Find more posts tagged with

Comments

[Deleted User]

Congrats!!

Glad to hear you passed! I'm currently studying for OSCP now. Almost done with the video lectures/course manual just 3 more chapters to go! What would you recommend after doing the videos/course manual? Is the content in there enough to tackle on the rest of the labs? I also have all the same books you do for reference material but also some books from Packt publishing on Kali Network Scanning and tons of other Pen testing books and video courses?!

Any pointers you can give for the actual exam without violating anything?! Also, happy holidays!

RichAsskikr

Oh cool, hope you're enjoying it pal. How long you been on the course now?

The course content is really designed to get you started. It certainly doesnt cover everything you need, and thats a good thing. Learning how to go out and find the solution (or to even create a solution yourself!) is the best way to learn, and is more reflective of being a real pentester, than sitting reading it all up in a All-In-One book.

Oh yeah, absolutely. My list of books isnt comprehensive. I also worked through a number of Packt books, and video courses. Vivek's courses are awesome!

Haha sorry, cant say a word about the exam

Happy holidays to you too though!

sesha437

Congrats buddy

enjoy..
Really you spent great efforts.

JasminLandry

Congrats on the pass! I know that feeling of getting that email

gespenstern

Congratz! Did you have to pay the full 30 days access price your 2nd time?

RichAsskikr

Thanks all

Yeah, had to pay extra for the 30 days. Cost $250 for the extension. Not sure how this compares to normal price though (same?).

gespenstern

No, not the same. Full price is $800. I wonder for how long are you eligible for extension after your initial term expires, cause it sounds from your report that you didn't buy your extension right away.

Mike7

Congrats! You mentioned Crest CRT. How does CRT compares to OSCP?

bluesquirrel

Lots of congratulations RichAsskikr! And many thanks for sharing your adventure with us!

JoJoCal19

Congrats on the pass! Must be an amazing feeling to conquer that beast. I wish I had the time to go for it. So what are your plans for next? Looking at the OSCE?

bigdogz

Congrats on the pass!!! I will be working on this shortly.

RichAsskikr

gespenstern - No, didnt buy the extension straight away. I think they're pretty good in that you can buy the extension whenever you want, once you have done the course.

Mike7 - Personally, I found the CRT harder in some ways. Your range of knowledge needs to be more wide-ranging, than just using Kali.
Although you seem to have quite a bit of time in the exam (not 24 hours!), it goes by so quick. Still, I would recommend to anyone - do CRT, then go for OSCP. CRT is a great prepper for OSCP.

BlueSquirrel - Thanks alot

JoJoCal19 - Feels amazing man! I really want to increase my knowledge on Web App testing. Would love to say the OSCP made me an expert on hacking websites, but thats not quite the case. I still have alot to learn. Luckily, when I went for the interview for my new job, I explained I was going to go in for eLearnSecurity's eWAPT course - they said, dont bother, we have inhouse courses which are much better!! But I absolutely want to go for OSCE next year. Although I struggled with the BOF stuff at first, I enjoy and find it interesting now - really want to increase my knowledge in that area too!

Bigdogz - Go for it, you'll love it!

Mike7

RichAsskikr - thanks for the advice. We do not have any CRT reviews here at TE, so I was hesitant about doing it.

. Was hoping you can share some tips and perhaps do a mini review of CRT.

RichAsskikr

Also, when you pass the OSCP, you get access to additional areas in the forums.
The OSCP continues to teach....

Mike7 - Sure. Was last yr when I did the exam, but I still have my notes, so I'm sure I can put something together. If you're interested in getting into security or pentesting specifically, I would recommend it!

mindcrank

Congrats bro! I will be hopefully following your footsteps and starting the course in the next few months or less. Thanks for the great write-up!

jtnrdagl

Congrats! Getting that mail is indeed an awesome feeling!

I am on to CRT/CPSA exam now. It would be pretty useful to hear your recomm. on study material & preparation on CPSA as well.

Cheers!!

BuzzSaw

I love the OSCP pass threads.

I'll just say this to you: "Like a Boss"

unkn0wnsh3ll

Welldone RichAsskikr , Congrats

logikil

First off, mad props and congratulations!

I am trying to figure out the next steps for me with respect to certification and path forward. Over the last 2 years I have completed my Sec+, CEH, and CISSP. I am working on a masters with a focus in offensive cyber security. That said I need to get an idea of what comes next. OSCP sounds like it would be an amazing cert to achieve, but I am not necessarily confident to attack it without having some practical pen testing experience. The CEH I was able to book learn my way to passing since I have 17 years of IT experience so that wasn't tough, but actual application of that knowledge is something else entirely. So just looking for some thoughts. Thanks and again congratulations!

BlackBeret

logikil wrote: »

First off, mad props and congratulations! I am trying to figure out the next steps for me with respect to certification and path forward. Over the last 2 years I have completed my Sec+, CEH, and CISSP. I am working on a masters with a focus in offensive cyber security. That said I need to get an idea of what comes next. OSCP sounds like it would be an amazing cert to achieve, but I am not necessarily confident to attack it without having some practical pen testing experience. The CEH I was able to book learn my way to passing since I have 17 years of IT experience so that wasn't tough, but actual application of that knowledge is something else entirely. So just looking for some thoughts. Thanks and again congratulations!

My question is, what masters program has a focus in offensive cyber security?

logikil

Regis University has a Masters Degree in Systems Engineering. They have recently revamped it to be more focused on classical engineering (requirements gathering, engineering design principals, enterprise architecture etc.) but previously they were much more centered on Systems Engineering from a decidedly IT focus. As a result they had a lot of courses on networking, data center design, storage, etc. As a part of the degree you also have the opportunity to specialize, in other words grabbing some of your courses from one of the other degree programs. The MSIA track covers a lot with regards to security from IA policy creation, risk assessment, etc. to more active areas of cyber security. This focus, with respect to my degree, includes courses on offensive cyber security (essentially a pen testing course using kali), computer forensics (using encase), and network forensics. There is an optional advanced forensics course if you are actually working the actual MSIA degree, so I wont have that one. It should have just been a focus in cyber though since only one of the classes is offensive, something I wouldn't consider forensics to be.

RichAsskikr

Thanks logikil

Honestly pal, I have very little practical pen-testing experience, other than inside practice labs. The OSCP is absolutely achievable, nonetheless.
As you may know, the OSCP is a different beast to CEH. You wont find a single book anywhere that will prepare you for it.

Sounds like you'll have a good grounding for it though, with your other certs and masters

snowchick7669

RichAsskikr wrote: »

Also, when you pass the OSCP, you get access to additional areas in the forums.
The OSCP continues to teach....

Mike7 - Sure. Was last yr when I did the exam, but I still have my notes, so I'm sure I can put something together. If you're interested in getting into security or pentesting specifically, I would recommend it!

This would be amazing! I've been looking into it, but haven't seen a whole lot of reviews on the CRT.

CertBling

Congrats! I'm waiting for exam date now