OSCE - My journey to fight a dragon

BuzzSawBuzzSaw Member Posts: 259 ■■■□□□□□□□
I have started my journey towards OSCE! Apparently one round of torture wasn't enough, so I'm back for round two.

OSCP was such an incredible journey. I have grown quite fond of Offensive Security Training!

This thread will serve as a way for me to keep track of my progress, and perhaps help some others that may be looking to follow this path as well.

Some background:
I am a systems engineer with 15+ plus years of technical experience.
I do some level of security in my day job, but I am not a red teamer by trade. I have a pretty solid grasp on techniques and methods. However, my exploit development game is basically non existent aside from what I had to do for my OSCP.

As for other certifications, I currently hold the OSCP, CEH, SSCP. I also just recently hacked my way to domain admin in the Pro lab offering from Hack the Box.

I feel like I have a pretty good working knowledge in this realm now. But one of by big glaring weaknesses is be ability to develop my own exploit code rather than work with pre-made exploit code.

Therefore -- Enter the OSCE

For those that don't know, the OSCE registration process is "safe guarded" by a hacking challenge. This challenge must be solved before you can even register for the course. I looked at this challenge during my OSCP studies, and I think I have a solution. However, the nature of this challenge is to ensure that people are not getting in over their heads. As such, I want to ensure I am not getting in over my head :)

So, my journey is starting with preparations. Today I have started by brushing up on my register knowledge, and have begun brushing up on my assembly knowledge.

Below are some great resources on the topic:

https://www.securitysift.com/windows-exploit-development-part-1-basics/

https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/

Next up: SLAE

Comments

Sign In or Register to comment.