+ Reply to Thread
Page 5 of 5 First 12345
Results 101 to 120 of 120
  1. Senior Member
    Join Date
    Apr 2014
    Posts
    160
    #101
    Quote Originally Posted by gui4life View Post
    If i'm done with that module exercise - I should be okay to use 64bit Kali 2.0?
    well the thing is that you should expect Buffer Overflow in your exam, that is clearly why Offsec is providing a PWK dedicated Kali VM.. I'd say if you're using an hypervisor just install both so you're safe.. Though i'd follow the OffSec rules..
    Reply With Quote Quote  

  2. SS -->
  3. Junior Member Registered Member
    Join Date
    Dec 2015
    Posts
    2
    #102
    Gracias for the thread, JF. Excellent read.
    Reply With Quote Quote  

  4. Junior Member Registered Member
    Join Date
    Jan 2016
    Posts
    1
    #103
    Really great thread Jolly!

    Did you do full UDP scans (ports 0-65535) on every box you could in the lab environment with nmap, and what sort of speeds to you get over the VPN connection?
    Reply With Quote Quote  

  5. Member
    Join Date
    Oct 2014
    Location
    Detroit, MI
    Posts
    66

    Certifications
    A+, Network+, PC\Network Pro, Word 2010
    #104
    Pm'd you Jollyfrogs! Great thread!
    Reply With Quote Quote  

  6. Junior Member
    Join Date
    Mar 2015
    Location
    North VA, USA
    Posts
    17

    Certifications
    CEH, MCDBA, OCP 10g, 11g
    #105
    I don't think there is any need to do anything more than nmap --top-ports for UDP. As a test, try installing nmap on your windows vm so that you can run nmap locally, inside the lab. Some of the linux boxes in the lab already have nmap. As far as I know doing a UDP scan of all ports is always going to take FOREVER.
    Reply With Quote Quote  

  7. Junior Member
    Join Date
    Jun 2012
    Location
    A wonderful cardboard box
    Posts
    22

    Certifications
    Security+, CCNA, ITILv3 Foundation, Project+, CISSP, C|EHv8
    #106
    Congrats!!
    Reply With Quote Quote  

  8. Junior Member
    Join Date
    May 2016
    Posts
    7
    #107
    Hi Jollyfrogs,

    Would you mind if I request for the Jollykatz? Seems like the link to it is not working.

    Cheers!
    Reply With Quote Quote  

  9. Junior Member
    Join Date
    May 2016
    Posts
    7
    #108
    Like all of you guys, I finally saved for the OSCP course and I really want to pass it.
    Reply With Quote Quote  

  10. Darth Lord of the Sith ITSpectre's Avatar
    Join Date
    May 2016
    Location
    The Normandy/ DMV
    Posts
    965

    Certifications
    Sec+, MTA, MCP
    #109
    CONGRATS JOLLY!!!! Im going to use this thread when im ready for the OSCP!
    In the darkest hour, there is always a way out - Eve ME3
    “The measure of an individual can be difficult to discern by actions alone.” – Thane Krios
    Reply With Quote Quote  

  11. Senior Member Mooseboost's Avatar
    Join Date
    Jan 2015
    Location
    North Carolina
    Posts
    637

    Certifications
    CCNA: R&S, eJPT, JNCIS-SEC, Adtran(IPBG & IN), Dell Sonicwall CSSA, Dell Sonicwall Email Security, CompTIA Security+, CompTia Network+
    #110
    You know, I have not seen Jolly around in some time. I wonder what they moved on to after owning the OSCP?
    2017 Certification Goals: CISSP [] eCPPT [] OSCP []

    Blog: www.networkingfox.net
    Reply With Quote Quote  

  12. Member
    Join Date
    May 2015
    Posts
    79
    #111
    Quote Originally Posted by Mooseboost View Post
    You know, I have not seen Jolly around in some time. I wonder what they moved on to after owning the OSCP?
    I'm still around but haven't had much time due to work commitments. I'm doing SLAE now, in preparation of OSCE. I posted a new post today on my progress with SLAE
    Reply With Quote Quote  

  13. Senior Member aderon's Avatar
    Join Date
    Jul 2013
    Posts
    369

    Certifications
    B.S. IT - Sec, CCNA Security, CCNA R&S, AWS CSA Associate, CCENT, A+, Net+, Sec+, Proj+, Lin+, LPIC-1, CIW: WFA, CIW: WDS, MTA: OS, MCP
    #112
    This is such a great thread. I'm in the pre-lab prep stage at the moment and have been using this to guide my studies. Thanks for all the useful info!
    2017 Certification/Degree Goals: AWS CSA (Complete), OSCP (In Progress), M.S. Cybersecurity (In Progress)
    2017 Reading Goals: Advanced Bash-Scripting Guide (Completed), Automate the Boring Stuff with Python (In Progress)
    Reply With Quote Quote  

  14. California Kid JoJoCal19's Avatar
    Join Date
    Mar 2009
    Location
    Jacksonville, FL
    Posts
    2,322

    Certifications
    CISSP, CISM, CISA, CRISC, GCIA, GSEC, CEHv8, CHFIv8, ITIL-F, MSISA, BSBA
    #113
    Agreed. I think this thread should be individually sticky'd.
    Have: CISSP, CISM, CISA, CRISC, GCIA, GSEC, CEHv8, CHFIv8, ITIL-F, BSBA - University of Florida, MSISA - WGU
    Currently Working On: MS Cybersecurity, Learning Python
    Next Up:​ None
    Reading:​ Python Crash Course
    Reply With Quote Quote  

  15. Junior Member
    Join Date
    Dec 2014
    Posts
    8

    Certifications
    CISA, CISSP, SCSA
    #114
    This is a terrific thread. Fantastic contributions from Jolly and everyone!

    I'm awaiting an exam result for an exam sat in early June and then, if I don't need to re-sit it, I'll be prepping for the OSCP with a view to having a first crack at the online exam next June. Work commitments this year mean I'm not getting any holiday time in 2016, but I'm likely to get some quieter time between Xmas/New Year, so I'll be able to ramp the learning up then.

    I'll be seeking to set-up my lab following Jolly's instructions.

    I'm pretty confident with the Linux side. I still have my Perl exploit scripts from pen-testing work performed in the past, but I'll likely convert them to Python. Where I know I am weak is on the Windows stuff, so I'm reading-up on that subject right now.
    Reply With Quote Quote  

  16. Junior Member Registered Member
    Join Date
    Oct 2016
    Posts
    1
    #115
    Great job JollyFrogs. You are truly amazing. I studied a lot too and I hope I'll become OSCP certified as well. I'm currently preparing for ecppt and then after some time I'll try OSCP. Apart from your knowledge and intelligence, what I really liked is your methodology. I can study a lot in short time and I'm very multitasking although I may lose focus quickly, be less organised and more lazy than you. They are some areas I should work on. Indeed sharpening the axe before signing up for the course is a great move. ecppt will give me a good foundation, it's also highly practical and reporting is taken in great consideration as well. After that I plan to do a number of VulnHub machines, especially some of them were recommended because a bit similar to OSCP labs. I read about this in this website I think. I'll also try to make some scripts. ( I already have a couple of them I made in the past). I have a general understanding of networking, but I'm not an expert in this unlike you. I hope it will be enough, as I probably don't have a lot of time to dedicate to this. I already know the theory behind exploit development although I need more practical experience. Then finally I'll sign up for the course.
    Reply With Quote Quote  

  17. Member
    Join Date
    Oct 2016
    Posts
    42
    #116
    This has been a very helpful thread
    Reply With Quote Quote  

  18. Member
    Join Date
    May 2015
    Posts
    79
    #117
    Every once in a while someone emails me, they typically ask if I'm still alive (I am!). After OSCP I've been busy with SLAE and OSCE, and I'm currently studying the SecurityTube Forensics course and the SANS course GXPN, as well as doing research on two (red team) topics.

    I saw the jollykatz files timed out on the original upload location, and TE doesn't allow uploading the zip file (probably because it contains .exe files), so I've uploaded them to this permanent location. The jollykatz_xp is compiled slightly differently, so if the other version doesn't work, the XP version might (specifically on Windows XP service pack 0 machines. The zip file has no password, and I've just scanned all 4 files with Avast and all files are still FUD.

    https://www.jollyfrogs.com/tools/jollykatz.zip

    Please note: jollykatz is just a simple recompilation of the mimikatz tool with the aim to make it FUD. All credit goes to the creator of Mimikatz.
    Reply With Quote Quote  

  19. Senior Member adrenaline19's Avatar
    Join Date
    Dec 2015
    Posts
    248
    #118
    Jolly, you are good people. Keep fighting the good fight.
    Reply With Quote Quote  

  20. Senior Member
    Join Date
    Mar 2017
    Location
    Phoenix, AZ
    Posts
    167

    Certifications
    CISSP, CEH, CCNA Security, CCNA R&S, VCP5-DCV, VCP-Cloud, MCSA 2012, MCSA 2008, MCSA 2003, Security +, Net+, A+
    #119
    Impressive to say the least Jolly.
    Reply With Quote Quote  

  21. Member
    Join Date
    Jan 2017
    Posts
    96
    #120
    Securitytube seems to be a foundation for success with regard to Offensive Security. Definitely will put it apart of my deep study in preparation.
    Reply With Quote Quote  

+ Reply to Thread
Page 5 of 5 First 12345

Social Networking & Bookmarks