OSCP Study

syklops

rreimao wrote: »

I'm also preparing for OSCP. I will DM you guys.

I'm currently doing the lab.pentestit.ru, does anyone know if it's harder/easier than the OCSP?
Some of the labs on the pentestit.ru are insane. Not for being hard, but for being things that I would never imagine (like port knocking).

A pentester I hold in the highest regard spent 3 months on pentestit.ru and then failed the OSCP exam. The OSCP mantra is "Try Harder". With that kind of mentality behind it, I suppose it can't be difficult enough. Hopefully its a bit harder than the OSCP test environment.

Roottoor

I am also tackling the OSCP, wondering can I get added to the group. Thanks

moneymad

Anyone one of you take the exam yet?
I've started my studying today.

Keyzer

I'm binning the Slack group next Monday due to lack of activity - anyone else wants to become Admin let me know.

Keyzer

Keyzer wrote: »

I'm binning the Slack group next Monday due to lack of activity - anyone else wants to become Admin let me know.

To be honest the boards thread is probably enough if people have questions. Slack and IRC for things like this can serve as more of a distraction than anything.

moneymad

I'm signing up this Monday for the 90 days lab access, course starts FEB 12th.
I came across a very good thread on techexams called oscp-jollyfrogs-tale.

moneymad

Dear ######,

We are happy to inform you that you have reserved a seat for the Offensive Security Penetration Testing with Kali Linux (PWK) online course starting on Sun, 29 Jan 2017, 00:00 (Europe/Dublin). Your seat will be confirmed and scheduled after payment has been received.

I'm really looking forward to this challenge.

Best of luck moneymad, I need to get back to doing this myself. Working a full time job in forensics doesn't make it easy

Kur4mA

So did anyone actually get their OSCP certification yet?

I'm going to brush up on my coding/scripting at the moment reading Automate the Boring Stuff with Python and doing all of the exercises, then creating a few handy scripts based on what I learn. After that, I plan to get back to doing some VM's from VulnHub and reading as much of the recommended reading material given by jollyfrogs on techexams. His path to the OSCP was linked above and has lots of great detail. His reading material is fairly exhaustive as he says and might have been insanely over the top but I've already read a fair few of them on my travels.

I spent the most interesting part of my degree in college using Kali and learning a ton, but never stuck to my plan of going after the OSCP. I plan to get cracking on it later in the year, all going to plan.

moneymad

Deleted User wrote: »

Best of luck moneymad, I need to get back to doing this myself. Working a full time job in forensics doesn't make it easy

Thanks Niall. I know the feeling very well. Forensics would be very interesting.

moneymad

Kur4mA, Ya, scripting is a massive part of it. The amount of reading material is sickening. Jollyfrogs approach to obtaining the cert was brilliant.

Kur4mA

moneymad wrote: »

Kur4mA, Ya, scripting is a massive part of it. The amount of reading material is sickening. Jollyfrogs approach to obtaining the cert was brilliant.

Very clever approach but just that reading material alone is a massive undertaking, lol. Hopefully the missus doesn't disown me!

moneymad

Nearly one week into the course and I spent the whole week learning bash scripting.
So far I've automated the creation of a folder structure for each live host along with nmap scan results copied into each hosts folder.
150 lines of bash , christ
Next onto service enumeration. Another week of that id say.

moneymad

Hi, took the exam yesterday at 3pm and finished today at 3pm. I managed to only get 25 points out of 100.

This cert is deadly lads. I've added more lab time and i'm going for it again in a few weeks.
Anyone thinking of doing this cert I would say go for it. It's very enjoyable and you learn so much cool stuff.

moneymad

Took the exam again last week and failed with around 45%.
I have to wait 2 weeks before i can book it again.

timmywex

Keep trucking, identify what you're missing or areas that you need to brush up on and really concentrate on them. Sometimes a bit of luck helps you along the way too!

moneymad

moneymad wrote: »

Took the exam again last week and failed with around 45%.
I have to wait 2 weeks before i can book it again.

I wouldnt rush into another attempt. Identify the areas you didn't do well in and brush up on them. Maybe your technique needs streamlining.

Chin up. Theres a reason its one of the most difficult exams out there, and theres a reason for the respect it commands once you get it.

Edit: I've said this before but one of my friends who I reckon is one of the best hackers in Ireland did the OSCP and failed on the first attempt.

moneymad

Rock solid advice lads. I held off on the quick retake and waited till last week - I was 10 points off a pass.
Nearly there.

moneymad

Failed at my fourth attempt. I'm 2 weeks into a 6 week cooling off period. I'm sitting it again at the beginning of October. My methodology is not working at all.
Moving onto doing vulnhub and metasoloitable VMS as the labs are costing me a fortune since February.

moneymad

Great news. After not giving up I passed it on my sixth attempt on Wednesday. With 20 minutes left I got the last machine to pass.

Keyzer

Well done, you tried harder.

neonman

moneymad wrote: »

Great news. After not giving up I passed it on my sixth attempt on Wednesday. With 20 minutes left I got the last machine to pass.

Well done moneymad, I've been keeping on eye on your journey to get the OSCP cert. Great to see you stuck at it and got it in the end. I plan on doing OSCP next year after I finish my CyberOps cert.

spaceHopper

moneymad wrote: »

Great news. After not giving up I passed it on my sixth attempt on Wednesday. With 20 minutes left I got the last machine to pass.

Any idea how much it cost you in the end?

moneymad

neonman wrote: »

Well done moneymad, I've been keeping on eye on your journey to get the OSCP cert. Great to see you stuck at it and got it in the end. I plan on doing OSCP next year after I finish my CyberOps cert.

Very good Neonman. Thank you. You will have a ball. Cyberops any good? If you have any questions fire away anyway.

moneymad

spaceHopper wrote: »

Any idea how much it cost you in the end?

I paid 1250 roughly for the 3 months lab access which includes an exam attempt.
After the 3 months were up I kept renewing for 30 days at 250 I think it was.
I spent over 2k in total.

becool

moneymad wrote: »

I paid 1250 roughly for the 3 months lab access which includes an exam attempt.
After the 3 months were up I kept renewing for 30 days at 250 I think it was.
I spent over 2k in total.

Hi moneymad, its really worth it at the end. I think its all about the dedications and having the mind set to try harder, its really inspiring. Best of lucky with your new cert.

becool

Is there any one tackling the OSCP soon, I hopping to start the journey really soon, this would be my new year resolution.

It will be more fun to tackle as group, if there anyone to join this journey let me know please, I am based in Dublin 15.

neonman

becool wrote: »

Is there any one tackling the OSCP soon, I hopping to start the journey really soon, this would be my new year resolution.

It will be more fun to tackle as group, if there anyone to join this journey let me know please, I am based in Dublin 15.

I hope to do the OSCP in 2018. I am planning on doing one of the elearnsecurity courses first which is for beginners in the pen testing area to get my feet wet before I dive into the OSCP course.

https://www.elearnsecurity.com/course/penetration_testing_student/

Neon

becool

becool wrote: »

Is there any one tackling the OSCP soon, I hopping to start the journey really soon, this would be my new year resolution.

It will be more fun to tackle as group, if there anyone to join this journey let me know please, I am based in Dublin 15.

Honestly I don't think group learning lends itself to something like the OSCP. There's too much potential material to cover.

It'd maybe be better to practice labs as a group. I've done that with a few friends, but you all need to be on about the same page, having read the material and related material.

rolion

neonman wrote: »

I hope to do the OSCP in 2018. I am planning on doing one of the elearnsecurity courses first which is for beginners in the pen testing area to get my feet wet before I dive into the OSCP course.

https://www.elearnsecurity.com/course/penetration_testing_student/

Neon

Thakns !

That web site certifications looks nice.
I am atracted to the "4 in a box" deal... how does the site,preps/labs stands comared with the real world as is first time i ever heard about these guys !

Good luck