relegated wrote: » I have been preparing for my CISSP and hope to take it early 2018. I already have my SSCP, Security+, A+, MCSA, SonicWall certs and have been working in IT since like 2004. That being said I am awful at programming of any kind, I always have been and likely always will be. In order to get your OSCP it looks like you need to take the Penetration Testing with Kali Linux course that costs $800 and includes 30 days of labs? I have spent a fair amount of time in the security side of things and have messed around with Kali on various occasions but I am no pen tester. I have read it is a pretty brutal path to getting the OSCP and given my poor coding skills I'm wondering if I would be able to do it.
N7Valiant wrote: » O_O Isn't it $600 for another 90 days? I just think it might have been cheaper to retake it another 10 times for the same price.
CyberCop123 wrote: » I'm deep into my OSCP Studies and just about to finish 90 days worth of labs... 30 days of that was spent solely on reading the PDF they provide which is 375 pages and also watching the videos - of which there's about 170. I have strong Linux Skills, OK Python Skills but my hacking knowledge and experience wasn't strong other than hacking into about 4 VulnHub machines. I think signing up for 30 days is insane in my own opinion as it's a lot of work and some of the machines you can be stuck on for days at at time. I've got a blog on here where I've been documenting my journey into OSCP and it's intense, hard, fun but has been very impactive. It's all worth it though. One thing i said on my blog was I just don't see why some people are in such a rush. E.g. I've signed up for 90 days, but I'm going to sign up for another 90 as I want to hack into as many machines as I can and come away confident and hopefully with the OSCP certification. Some weeks I can get TONS of work done, sometimes not if work gets in the way, general life or I'm just feeling tired and not as productive as normal. I think you're a good candidate to take the OSCP as you have some good background in IT. The OSCP does not involve programming. There is a tiny bit of scripting in the exercises but that is not programming, and it's not essential. The exploits used in the labs themselves rarely need much editing if any. Plus reading code is different to writing it. I signed up for OSCP and it's the best thing I've done in a long time, it's my first ceritification and I'm glad I chose it. Good Luck with whatever you decide.
N7Valiant wrote: » I don't know... Is it an open Google exam, or do they include all the scripts you might need to execute in the Kali image? I'm speaking only as a petty dabbler who followed a walkthrough to penetrate a VulnHub VM. But one of the commands they had me execute to exploit a shellshock vulnerability looked pretty complicated and would not be something I could come up with on the spot. It's hard to imagine pulling that off without some programming knowledge, particularly with bash.
IaHawk wrote: » Suggest you take advantage of this free course at udemy "Automate the Boring Stuff with Python". This course is normally $50, but free for one more day.https://www.udemy.com/automate/?couponCode=PY_ALL_THE_THINGS2
CyberCop123 wrote: » One thing i said on my blog was I just don't see why some people are in such a rush. E.g. I've signed up for 90 days, but I'm going to sign up for another 90 as I want to hack into as many machines as I can and come away confident and hopefully with the OSCP certification. Some weeks I can get TONS of work done, sometimes not if work gets in the way, general life or I'm just feeling tired and not as productive as normal.
relegated wrote: » Would you guys say that after passing the OSCP you will have enough knowledge to actually be able to use most of the tools in Kali in order to say fully test a .NET web application? In other words what kind of real world skills do you walk away with vs what I would say are very little to none with a lot of other certifications.