Home
Passing OSCP
30 March 2019Last September I wrote about my first attempt at the OSCP exam. My goal was to complete the certification by the end of 2018 and today I’m writing about the process I used that helped me pass on my second attempt. Rather than buy more lab time, I decided to use the Hack the Box platform to prepare.
What follows is the process I used to prepare, a few lessons learned, the tools I found most useful, and some thoughts on the new proctored exam format.
Continue reading...Thoughts on OSCP
23 September 2018About six months back I took my first stab at earning my Offensive Security Certified Professional certification, or OSCP. I failed hard on my first go, and as I prepare to prep for the exam again I wanted to document some lessons learned from my first attempt.
Offensive Security’s training program is Penetration Testing with Kali which offers a lab environment of 50 machines for you to exploit. It is undoubtedly one of the most challenging goals I’ve pursued, and its also been one of the most rewarding. Even after failing my first try on the exam, the lessons I learned in the labs paid dividends immediately. OSCP focuses on getting hands on with the material. You have to be able to demonstrate the ability to compromise computers in order to pass, and successfully passing is a strong indicator of your ability to adapt to new environments and solve unfamiliar problems in a short period of time.
Continue reading...Becoming a Technical Ninja
27 August 2018Some time ago a friend showed me Talos Intelligence Group’s blog post How do I become a Ninja?. It’s a great reference if you are already familiar with exploitation basics, but if you’re just getting started, it doesn’t provide much in the way of direction, which can be super frustrating for someone looking to learn.
I wanted to build a guide from start to finish on how to work through these exercises for someone who’s looking to get into the security field.
Continue reading...