+ Reply to Thread
Page 2 of 6 First 12 3456 Last
Results 26 to 50 of 139
  1. Security Advocate MSP-IT's Avatar
    Join Date
    Dec 2012
    Location
    Denver, CO
    Posts
    727

    Certifications
    list index out of range
    #26
    I went through the majority of The Hacker Playbook last week, prior to starting the OSCP. It was great reference and well written. So far, there is almost no overlap in tool recommendations between OSCP and THP. THP has gone over some tools that I'll most likely add to my arsenal alongside those covered in the OSCP material.

    As far as the course goes, the amount of material is quite surprising. I didn't realize that there was that much to work with. I'd say I'm relatively 20-35% of the way through the videos, and 20% of the way through the PDF (printed/bound a copy). As Kim mentioned a quote that I believe will be valuable in approached the exam.

    Give me six hours to chop down a tree and I will spend the first four sharpening the axe.
    - Abraham Lincoln
    I plan on working through both the PDF and videos a few times before I even start attempting the machines in the lab. I'd like to become pretty comfortable at the command line before I get my hands dirty.
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member YFZblu's Avatar
    Join Date
    Nov 2011
    Posts
    1,425

    Certifications
    A+, N+, S+, CCNA, CCNA:Sec, GSEC, GCIH, GCFE
    #27
    Quote Originally Posted by MSP-IT View Post
    As far as the course goes, the amount of material is quite surprising. I didn't realize that there was that much to work with.
    Agreed. There is a lot to cover, the course is quite broad for only 360 pages. During some down time at work the other day, I took a peek at the two-page OSCE course syllabus and thought it hadn't downloaded fully. Turns out, OSCE covers far fewer topics, just at a much deeper level.
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Oct 2011
    Location
    MKE
    Posts
    956

    Certifications
    CISSP, CCNA, CCDA, MCP, TOGAF Certified
    #28
    I'm gonna be taking my OSCP at the end of next summer after I finish my Adv Network/Web hacking classes at DSU. Let me know how the OSCP compares to the graduate classes your taking/taken.

    -Phil
    Reply With Quote Quote  

  5. Security Advocate MSP-IT's Avatar
    Join Date
    Dec 2012
    Location
    Denver, CO
    Posts
    727

    Certifications
    list index out of range
    #29
    Just got back from a vacation in the Caribbean. I was hoping to get a bit done there, but the ocean and sun took hold and wouldn't let go. Hoping to get quite a bit done this week.
    Reply With Quote Quote  

  6. Security Advocate MSP-IT's Avatar
    Join Date
    Dec 2012
    Location
    Denver, CO
    Posts
    727

    Certifications
    list index out of range
    #30
    I'm not but 2 and a half weeks in and I'm already a bit discouraged. The material isn't overly hard, but it is rough to digest. With the SSCP, CISSP and even the Stanford cert, I felt as though I had enough mental capacity to dive in when I returned home from work every day, but that's not the case with PWK. The depth of the material and the curveballs that are thrown, you really need to be attentive and at the peak of your day's mental capacity to feel comfortable enough to absorb most of the information, and that's almost never the case for me after noon.

    I was also able to study while at work during the other certificates, but my work environment keeps me from being comfortable from even attempting to SSH out of the network to my lab machine, as this course doesn't fall under my line of work. That being said, I'll have to dedicate my weekends and days that I work from home to the course labs, thus keeping my pace quite a bit slower.
    Last edited by MSP-IT; 09-03-2014 at 05:42 PM. Reason: Spelling/grammar
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    Oct 2013
    Location
    Washington DC
    Posts
    498

    Certifications
    OSCP, eMAPT, eWPT, CISSP, GPEN, GWAPT, GCIH, GCIA, GSEC, CEH, CNDA, ECSA, CHFI, Sec+, Net+
    #31
    Quote Originally Posted by philz1982 View Post
    I'm gonna be taking my OSCP at the end of next summer after I finish my Adv Network/Web hacking classes at DSU. Let me know how the OSCP compares to the graduate classes your taking/taken.

    -Phil
    No comparison man. I'm currently doing my Masters in InfoSec at Strayer University, and while there are lab activities in most of my PenTesting courses, they mostly consist of following very explicit instructions (type this, click that, etc...). OffSec is gonna make you figure it out yourself. Some university programs may be different...and your mileage may vary, but I have yet to take a course at any university that even comes close to the difficulty of or quality of knowledge acquired by the PWB/PWK course.
    Reply With Quote Quote  

  8. California Kid JoJoCal19's Avatar
    Join Date
    Mar 2009
    Location
    Jacksonville, FL
    Posts
    2,354

    Certifications
    CISSP, CISM, CISA, CRISC, GCIA, GSEC, CEHv8, CHFIv8, ITIL-F, MSISA, BSBA
    #32
    Quote Originally Posted by MSP-IT View Post
    The the depth of the material and the curveballs that are thrown, you really need to be attentive and at the peak of your day's mental capacity to feel comfortable enough to absorb most of the information, and that's almost never the case for me after noon.
    Ugh. That's bad news for me then because I'm the same way as you. My job is easy but just waking up at 5am, the commute to and fro, and thinking while at work, when I get home by 5pm I'm ready to check out mentally. Then my day still continues for the next 3 hours as I play with kids, dinner time, bath time and put them to bed. When it hits 8 I just want to sit in front of the TV and not actively think. I think that's why moving from CISSP/ITIL to CEH was so difficult. CEH material requires more thought and absorbing while the non-technical stuff just came to me naturally and seemed easy to absorb.
    Have: CISSP, CISM, CISA, CRISC, GCIA, GSEC, CEHv8, CHFIv8, ITIL-F, BSBA - University of Florida, MSISA - WGU
    Currently Working On: MS Cybersecurity, Learning Python
    Next Up:​ None
    Reading:​ Python Crash Course
    Reply With Quote Quote  

  9. Security Advocate MSP-IT's Avatar
    Join Date
    Dec 2012
    Location
    Denver, CO
    Posts
    727

    Certifications
    list index out of range
    #33
    Quote Originally Posted by JoJoCal19 View Post
    Ugh. That's bad news for me then because I'm the same way as you. My job is easy but just waking up at 5am, the commute to and fro, and thinking while at work, when I get home by 5pm I'm ready to check out mentally. Then my day still continues for the next 3 hours as I play with kids, dinner time, bath time and put them to bed. When it hits 8 I just want to sit in front of the TV and not actively think. I think that's why moving from CISSP/ITIL to CEH was so difficult. CEH material requires more thought and absorbing while the non-technical stuff just came to me naturally and seemed easy to absorb.
    It could be different for some people, but I've found that I cannot manage it the same way as other courses I've taken.
    Reply With Quote Quote  

  10. California Kid JoJoCal19's Avatar
    Join Date
    Mar 2009
    Location
    Jacksonville, FL
    Posts
    2,354

    Certifications
    CISSP, CISM, CISA, CRISC, GCIA, GSEC, CEHv8, CHFIv8, ITIL-F, MSISA, BSBA
    #34
    I definitely agree with you as what you said applies to me for sure. But even if other people are different, I think what you said about the material is spot on. Sounds like the OSCP material requires a lot of thinking and active learning outside of the given materials. Far different than reading some pretty straight forward information like the CISSP.
    Have: CISSP, CISM, CISA, CRISC, GCIA, GSEC, CEHv8, CHFIv8, ITIL-F, BSBA - University of Florida, MSISA - WGU
    Currently Working On: MS Cybersecurity, Learning Python
    Next Up:​ None
    Reading:​ Python Crash Course
    Reply With Quote Quote  

  11. Security Advocate MSP-IT's Avatar
    Join Date
    Dec 2012
    Location
    Denver, CO
    Posts
    727

    Certifications
    list index out of range
    #35
    I think that the difference is actually why the OSCP is viewed as one of the highest tier certifications in the industry.

    The CISSP and other theory-based certifications require more of a understanding of concepts, whereas in PWK and the OSCP, you actively participate and have to learn various things on top of the theory.
    Reply With Quote Quote  

  12. Senior Member si20's Avatar
    Join Date
    May 2014
    Location
    UK
    Posts
    424

    Certifications
    MCDST, MCP, BSc Computer Forensics, MTA: 98-366, OSWP, OSCP, FJSE, ACE, PGCert, Linux+
    #36
    You guys are seriously worrying me about the OSCP I've signed up already. I've got very very little pen-testing experience. In University, we just hacked some Windows 2000 machines using a C file and then did the same but with metasploit. I understand some networking and scanning IP's etc. But have I bitten off more than I can chew with the OSCP? I've literally saved up for months and months to afford the 90 day course.... Judging from what I said, am I in too deep?
    Reply With Quote Quote  

  13. Senior Member
    Join Date
    Oct 2013
    Location
    Washington DC
    Posts
    498

    Certifications
    OSCP, eMAPT, eWPT, CISSP, GPEN, GWAPT, GCIH, GCIA, GSEC, CEH, CNDA, ECSA, CHFI, Sec+, Net+
    #37
    Quote Originally Posted by si20 View Post
    You guys are seriously worrying me about the OSCP I've signed up already. I've got very very little pen-testing experience. In University, we just hacked some Windows 2000 machines using a C file and then did the same but with metasploit. I understand some networking and scanning IP's etc. But have I bitten off more than I can chew with the OSCP? I've literally saved up for months and months to afford the 90 day course.... Judging from what I said, am I in too deep?
    No...you're good. Don't start doubting yourself. OSCP is more about relentless determination than anything. If you want it bad enough, you'll be able to bridge the knowledge gaps required to get there.
    Reply With Quote Quote  

  14. Security Advocate MSP-IT's Avatar
    Join Date
    Dec 2012
    Location
    Denver, CO
    Posts
    727

    Certifications
    list index out of range
    #38
    NovaHax is right. I think time and energy (and a baseline of computer knowledge) are really the primary factors when considering the OSCP.
    Reply With Quote Quote  

  15. Security Advocate MSP-IT's Avatar
    Join Date
    Dec 2012
    Location
    Denver, CO
    Posts
    727

    Certifications
    list index out of range
    #39
    Progress
    PDF Guide: 69% Complete
    Videos: 38% Complete
    Lab Exercises: 30% Complete
    Lab Machine Penetration: 0/50 Attempted

    Given my limited ability to connect to the lab machines at work, I've been studying the PDF manual intently. I hope to complete the remainder of the guide by EOD today. I'll continue to re-read through the guide as needed until I have a firm understanding of the basic path in which to proceed. My soft goal is to have the lab exercises complete by 27th of Sept., in which case I can dive into the lab machine penetration tests. I'll give myself roughly a month to work on the machines, which will leave me ~3 weeks in preparation for the exam.
    Reply With Quote Quote  

  16. Senior Member
    Join Date
    Oct 2013
    Location
    Washington DC
    Posts
    498

    Certifications
    OSCP, eMAPT, eWPT, CISSP, GPEN, GWAPT, GCIH, GCIA, GSEC, CEH, CNDA, ECSA, CHFI, Sec+, Net+
    #40
    Lol...I actually got in trouble for setting up a dedicated and unauthorized 4G wireless access point at my office to work on OSCP. Completely forgot about that until you mentioned not having access to them at work.
    Reply With Quote Quote  

  17. Junior Member SCSI_BEAR's Avatar
    Join Date
    Sep 2014
    Location
    Glasgow
    Posts
    7

    Certifications
    CCNA, MCDST,ISTQB,C|EH,SMFE
    #41
    Hi Folks,

    I thought I would join this forum and see how everybody is getting on with the OSCP course. I have recently signed up for the course and an hoping to be able bounce a few ideas, suggestions about gaining access to some of the boxes, looking for some hints or tips basically but no walkthroughs.

    Is that something that is possible in this forum ?
    Reply With Quote Quote  

  18. Security Advocate MSP-IT's Avatar
    Join Date
    Dec 2012
    Location
    Denver, CO
    Posts
    727

    Certifications
    list index out of range
    #42
    Quote Originally Posted by NovaHax View Post
    Lol...I actually got in trouble for setting up a dedicated and unauthorized 4G wireless access point at my office to work on OSCP. Completely forgot about that until you mentioned not having access to them at work.
    I would just assume that'd be frowned upon. Given my organization, I'd probably be let go almost immediately.
    Reply With Quote Quote  

  19. Security Advocate MSP-IT's Avatar
    Join Date
    Dec 2012
    Location
    Denver, CO
    Posts
    727

    Certifications
    list index out of range
    #43
    Quote Originally Posted by SCSI_BEAR View Post
    Hi Folks,

    I thought I would join this forum and see how everybody is getting on with the OSCP course. I have recently signed up for the course and an hoping to be able bounce a few ideas, suggestions about gaining access to some of the boxes, looking for some hints or tips basically but no walkthroughs.

    Is that something that is possible in this forum ?
    There are quite a few of us going through it currently (3-5?). I'm sure we could we could help each other's through process on the boxes. As for myself, I haven't started on the lab machines yet, but I hope to take a deep dive in the next few weeks.
    Reply With Quote Quote  

  20. Senior Member si20's Avatar
    Join Date
    May 2014
    Location
    UK
    Posts
    424

    Certifications
    MCDST, MCP, BSc Computer Forensics, MTA: 98-366, OSWP, OSCP, FJSE, ACE, PGCert, Linux+
    #44
    I think it'd be a fantastic idea for us all to help each other. I'm not saying give each other the answers - of course not, but I am saying let's learn together. Why isn't something working? Did you try X, Y, Z? Why not? etc. I've recently found out i'm moving onto shift work which is a game changer when it comes to the OSCP. I'm going to have to work hard on my days off and on my work days I wont be able to do any.
    Reply With Quote Quote  

  21. Senior Member
    Join Date
    Oct 2012
    Location
    Lexington, KY
    Posts
    534

    Certifications
    CISSP, GMON
    #45
    If you are not on the IRC channel for offsec, then you should join - lots of great info, along with plenty of Try Harder.
    Reply With Quote Quote  

  22. Senior Member MrAgent's Avatar
    Join Date
    Oct 2010
    Location
    Northern Virginia
    Posts
    1,284

    Certifications
    Sec+, MCP, MCSA 2003, MCTS, MCITP:VA, VCP5, MCSA 2012, MCSE Private Cloud, MCSE Server Infrastructure, C|EHv7, RHCSA, OSCP, GCIH, OSWP
    #46
    I'm idling in the chat now. I start my class Saturday. I am pretty excited to start!
    2016 Goals: GCIH, OSWP - DONE!
    My OSCP review http://www.jasonbernier.com/oscp-review/
    Reply With Quote Quote  

  23. California Kid JoJoCal19's Avatar
    Join Date
    Mar 2009
    Location
    Jacksonville, FL
    Posts
    2,354

    Certifications
    CISSP, CISM, CISA, CRISC, GCIA, GSEC, CEHv8, CHFIv8, ITIL-F, MSISA, BSBA
    #47
    Quote Originally Posted by NovaHax View Post
    Lol...I actually got in trouble for setting up a dedicated and unauthorized 4G wireless access point at my office to work on OSCP. Completely forgot about that until you mentioned not having access to them at work.
    Why not just use your cellphone as a personal hotspot?
    Have: CISSP, CISM, CISA, CRISC, GCIA, GSEC, CEHv8, CHFIv8, ITIL-F, BSBA - University of Florida, MSISA - WGU
    Currently Working On: MS Cybersecurity, Learning Python
    Next Up:​ None
    Reading:​ Python Crash Course
    Reply With Quote Quote  

  24. Junior Member SCSI_BEAR's Avatar
    Join Date
    Sep 2014
    Location
    Glasgow
    Posts
    7

    Certifications
    CCNA, MCDST,ISTQB,C|EH,SMFE
    #48
    Progress
    PDF Guide: 85% Complete
    Videos: 80% Complete
    Lab Exercises: 80% Complete
    Lab Machine Penetration: 10/50 Attempted
    Lab Machine Penetration: 9/50 PWNED

    I thought I would include my status so far, good idea that MSP-IT. I find it difficult to gauge the course, I love the course and I love the challenge it presents but it would be nice to have some helpful info besides TRY HARDER. Not sure what the rules are on the forum regarding publishing what boxes you have compromised and how that was done, but I a more than happy to share my experience on what I have been able to accomplish so far and also help where possible.

    Also I am based in Scotland, so any replies to posts might be that quick due to time difference (and the fact i have to tear myself away from the labs, they can be addictive)
    Reply With Quote Quote  

  25. Junior Member
    Join Date
    Jul 2014
    Location
    UK
    Posts
    15

    Certifications
    None currently :o
    #49
    Quote Originally Posted by SCSI_BEAR View Post
    Progress
    PDF Guide: 85% Complete
    Videos: 80% Complete
    Lab Exercises: 80% Complete
    Lab Machine Penetration: 10/50 Attempted
    Lab Machine Penetration: 9/50 PWNED

    I thought I would include my status so far, good idea that MSP-IT. I find it difficult to gauge the course, I love the course and I love the challenge it presents but it would be nice to have some helpful info besides TRY HARDER. Not sure what the rules are on the forum regarding publishing what boxes you have compromised and how that was done, but I a more than happy to share my experience on what I have been able to accomplish so far and also help where possible.

    Also I am based in Scotland, so any replies to posts might be that quick due to time difference (and the fact i have to tear myself away from the labs, they can be addictive)
    I'm unable to PM you due to 'SCSI_BEAR has chosen not to receive private messages or may not be allowed to receive private messages. Therefore you may not send your message to him/her.', is there another method of contact for yourself?
    Last edited by Preflux; 09-12-2014 at 05:18 PM.
    Reply With Quote Quote  

  26. Security Advocate MSP-IT's Avatar
    Join Date
    Dec 2012
    Location
    Denver, CO
    Posts
    727

    Certifications
    list index out of range
    #50
    I'd like to start a group as well.
    Reply With Quote Quote  

+ Reply to Thread
Page 2 of 6 First 12 3456 Last

Social Networking & Bookmarks