Calling all Penetration Testing with BackTrack (PWB)/OSCP students!

impelse · May 2012

It's ok.

When you are studying (lab/video) you need to do the exercises, in that moment you are practicing, for example they ask you to scan all the network and find which tcp/udp are open ( you learn to create your own scripts to save the info), in my case I did not have any knowledge of scripts or using grep but I learnt it and I begin to use it more often. Also in another lab they will ask you to enumerate if smtp is vulnerablele to verification, now you begin to look for smtp port open, step by step you begin to build up the skills, at the end you begin to have fun try to hack all the machines.....

You will not feel the time, you will drill it. Take it, I procrastinated too much time this training.

smoofy · May 2012

Ok, so I go for my registration next week and see what is gonna happen. Hope it is at least as good as you guys declare it is cause it is quite expensive but I think it is worth the money. Will share my experiences with you.

the_hutch · May 2012

smoofy wrote: »

cause it is quite expensive but I think it is worth the money.

Relatively speaking...it is not expensive at all. In fact, its one of the cheapest security certification training programs you can find. Plus reputation has it, the lab environment is exponentially better than most other training programs. I spent $1899 on a CEH certification training program and the labs were terrible. And I just spent $3899 on my CISSP bootcamp...for 4 days of content. I haven't taken OSCP (I plan to after CISSP in August) but I can already tell you that it is well worth the money.

j-cert-man · May 2012

Hi all,
I decide to post this here rather than create a new thread. Let me know if you want me to move this to it's own thread!

I bought the PwB material and lab access in July 2011, but did not get started for work reasons. Work isn't a problem anymore and I've started again and I will keep working on this - I won't quit this time!!! SO far:
* I have watched all the videos once and realised how much there is to it! So changed my approoach
* I spent 2 weeks watching cbtnuggets (24hr access) on Linux to understand more about the file system, privileges and bash scripting
* This worked and I feel confident about the entry level modules 1 to 5
* I am trying to work through Module 6 - Buffer Overflows. Again I was in over my head, so I've spent a week on securitytube dot net watching Viveks ASM Primer and I feel better on this topic
* I think I'm going to have to keep doing this on lots of topics ... Python for example
* I plan on going through the lab workbook and videos in more detail before buying a chunk of lab time

I am an experienced Network Engineer 8 yrs - CCNP, CCSP and am trying to move into Cyber-Security, specifically pen-testing. I know Networks, Firewalls and VPN's. I also know IDS/IPS's. It feels a bit strange to be starting again ... here's my question:

Anyone want to study together - we can motivate and make sure our heads don't drop.

I know I have lots to learn. Cheers

J

smoofy · May 2012

There is always lots to learn

. I just made up my mind and registered for course today and should start on next sunday so we can exchange some ideas afterwards should you like.

impelse · May 2012

I am stuck looking for exploit for the lab, modifying other people exploit.....

smoofy · May 2012

Registration done, payment approved and can not wait till I start. If it is not as good as you said I gonna be haunting in your dreams you lot

It is a pitty that I could not start this sunday!

ipchain · May 2012

impelse wrote: »

I am stuck looking for exploit for the lab, modifying other people exploit.....

Sorry to hear that. What seems to be the problem? Feel free to PM me on IRC...my nick is same there.

ipchain · May 2012

smoofy wrote: »

Registration done, payment approved and can not wait till I start. If it is not as good as you said I gonna be haunting in your dreams you lot It is a pitty that I could not start this sunday!

Awesome. Good luck with the course - I am sure you will have tons of fun!

YuckTheFankees · May 2012

How's everyone doing with the course?

smoofy · June 2012

I am going slowly but surely. Great course indeed I have learned so much stuff already a I still do not know nothing and what is the best the course makes you to step aside and study plenty of side topics pretty deep as well. I think that once one finishes the course he keeps continue to study as a great hobby and fun. I love it so far.

the_Grinch · June 2012

Might definitely take this course after I finish Python...

YuckTheFankees · June 2012

I've pretty much decided against pentesting as a career but my heart still wants to try this course.

impelse · June 2012

My case is the same, I am moving very slow, I will add another 60 days

JDMurray · June 2012

YuckTheFankees wrote: »

I've pretty much decided against pentesting as a career but my heart still wants to try this course.

It's one of many skills worth having experience with for most technical InfoSec professionals. You may not be doing pen testing for a living, but you may work with pen testers, and you will better understand how they do their job.

impelse · June 2012

It is right, I got an interview and got a job offer, just to mention this training and how difficult is and some times I study very slow because we need to learns the details (they knew about this training) and how to apply it.

At the end I feel I am getting some experience with the same machines, lol

YuckTheFankees · June 2012

Impelse, did you obtain a security position?

smoofy · June 2012

I decided to provide little update on my progress. I have managed to get to Win and linux exploitation so far and right now I am studiing Art of Assembly Language. I am literally drowning in studiing materials and, as I call it, sidequests

Have not seen the lab guide nor lab itself for while now even though I still study. I have 14 days left and I hope a manage to do all the lab exercises so I do not need to extend it but there is still too much to learn. But as somebody said before, it is definitely worth it!

ipchain · June 2012

Anyone else in for PWB / OSCP? If so, what's your status? I am currently taking OSCE

the_hutch · June 2012

i'm taking the_grinch's lead and going to take SPSE (SecurityTube Python Scripting Expert) first. Should be working on OSCP before the end of the year. How is OSCE going? Is it brutal? And is it just more advanced techniques or does it cover different topics?

YuckTheFankees · June 2012

SPSE would be a good choice before the OSCP. I know one guy who has passed it and he said it was the most challenging test/cert/class he has ever done.

the_hutch · June 2012

YuckTheFankees wrote: »

I know one guy who has passed it and he said it was the most challenging test/cert/class he has ever done.

Are you referring to OSCP or SPSE?

YuckTheFankees · June 2012

Sorry about that, I was referring to the OSCE.

the_hutch · June 2012

Oh yeah...I have no doubt that OSCE is a beast. I don't know anyone who has it.

nicklauscombs · June 2012

i have once again picked up 30 days of lab time to hopefully finish out this exam. it's actually refreshing to spend 60 days in the lab and come back a few months later and jump in again.

YuckTheFankees · August 2012

any updates?

I officially bought the OSCP course, starting the 12th. Do they grant access to the lab guide and video's before the start date (I know I can't use the actual lab until then)?

** I emailed them asking if I could start sooner and I just received an email stating I'm starting on the 5th

Quantumstate · August 2012

I've never seen any employers asking for the OSCP. I know it is a prize, but it only seems to be valued in the blackhat community.

YuckTheFankees · August 2012

The way I see it; I've never heard one negative remark about the course and the employers that need to know about the course, usually know about it.

ipchain · August 2012

YuckTheFankees wrote: »

I officially bought the OSCP course, starting the 12th. Do they grant access to the lab guide and video's before the start date (I know I can't use the actual lab until then)?

** I emailed them asking if I could start sooner and I just received an email stating I'm starting on the 5th

Awesome, best of luck! Keep us posted on your progress, will you?

Killj0y · August 2012

Good luck to all taking the OffSec course. It will be a fun, painful ride. Side Note: I agree with YuckTheFankees. Every Sec meeting group or conference I go to, the OffSec courses get a lot of respect and praise. I think the word is getting out. If HR could look past CISSP, I think it would get more praise however.

Calling all Penetration Testing with BackTrack (PWB)/OSCP students!

Comments