OSCP

I know there was a thread on this previously and even a study group but it sort of fizzled out, possibly because people were approaching from different levels and theres potentially an awful lot of material to cover even in the prep-stage.

I got a tax rebate back in Septermber and decided to use this sudden free money to bite the bullet and pay for this course. I have my voucher now but havn't redeemed it yet as I am still just in preparation mode.

I thought a few people might be interested in what I have done/am doing.

First off, I've been a security consultant, doing Pen Testing among other things for over a decade. I have completed both SANS GPEN and GWAPT courses and exams. Despite that, as part of my prep I am learning things almost every day.

Discussing the course and prep work with some friends it seem most used a Kali VM as their test bed so as to mirror the coursework. My original plan had been to use Debian desktop, kali being based on debian, but the overheads in configuring things became something of an issue. So I again, bit the bullet and as of today bought a brand new Lenovo ThinkCentre with 1TB hard drive which will run the Kali VM and should have ample room for wordlists, exploits etc.

I bought a desk in March and my desktop, first time Ive had a proper desktop since I was about 18, is set up. I'll SSH into the Kali VM for training and testing.

I've been using BurpSuite for years sometimes with the full pro license, however the new release of the community edition has added many features and probably what I will stick with. Also, Port Swigger have added labs to their website for demonstrating various exploits for free, so its a good resource for testing some methodologies.

Lastly, I signed up to Hack the Box, which is a number of free hackable VMs. You have to hack the login page to get access so after completing that after many hours I got root on my first Linux machine which I was pleased with