Options
Signing up for OSCP in the next month or two - have some questions
tommylist
Member Posts: 10 ■□□□□□□□□□
Hey,I am signing up for the OSCP very soon but have a few questions for anyone who's already got their OSCP cert:In the course and the labs, how much focus is there on client side attacks? Would someone who has never worked in the industry be fine with the materials and course assuming they are self taught and already know quite a lot about networking/security?Jobs wise - I am not silly enough to assume I'll get a job right away with just this cert, but what would be your advice on getting a job as a pen tester for someone in my situation? I am sure someone has gone from having very little experience to a pen tester without too many years of trying - though I'm willing to put years into it, but if there's a way of shortening this then great.Thanks for any help given!
Comments
-
Options
Mooseboost
Member Posts: 778 ■■■■□□□□□□
Disclaimer: I have not finished the OSCP yet, but I am working through it.
Client-side: You will encounter these. Offensive Security has scripts setup to mimic user behavior on machines and they do the typically user things (related to the client) about once every 1-3 minutes. In my experience this do break from time to time, so you may have to burn a reset if the machine is behaving oddly.
As long as you have the tenacity and patience, you will do fine in the course. The course will give you building blocks but you will still have to do significant research outside of what they teach you. You won't be able to go through the videos and pdf then proceed to pwn all the things but you will be able to start working in the labs. Having gone through a few training courses, I can say overall their materials are pretty good. You will want to go through both the pdf and the videos though. You will find one covers things the other doesn't.
The OSCP will definitely assist you with getting interviews, but it won't outright win you jobs. It does validate that you know what you are doing and that you have what it takes to be successful in the field. I could very well see landing a junior role with nothing but the OSCP and dreams. Do you have any IT experience? IT experience will go a long way to making you more desirable. The best thing you could do after the OSCP is start networking at local meet ups and cons while doing every CTF you can get your hands on. Community participation goes a long way in this field. -
Options
Hornswoggler
Member Posts: 63 ■■□□□□□□□□
OSCP will give you the skills and practice to hack, which is a key part to being a good pentester. You can read about hacking all you want in other courses/certs but the bottom line is if you can get root or not. By the time you own 30+ boxes in the lab, you'll have a routine down for just about anything. It's a good variety of challenges, client side stuff included. I especially enjoyed the client side hacks.
Clear your calendar for 90 days and jump in. Don't kid yourself that you'll have a regular life and just spend a few hours per week on this and pass... unless you are already a pro. The labs will tell you where you are weak. It's an entry level hacking cert but not an entry level field. Good luck and have fun!2018: Linux+, eWPT/GWAPT -
Optionstommylist
Member Posts: 10 ■□□□□□□□□□
Thanks for your replies!
I have no IT experience in a professional working environment. I have worked in Digital Marketing, in which we worked solely on computers, but that's about it. I have however, always had an aptitude for computers and from a young age would fix the computers in my step dads company. But in terms of professional experience, I have none.
Sounds good! I'm happy they have some focus on the client side. What would you rate the difficulty of the OSCP? I've heard it's an entry level exam but pen testing isn't an entry level industry so it's really difficult. Of course I guess this is relative to the people who tend to sign up to the course (beginners) as I'm sure there are many harder exams but they have more pre requisites so aren't as hard for the people taking them.
Thanks!