+ Reply to Thread
Results 1 to 6 of 6
  1. Junior Member
    Join Date
    Jul 2015
    Posts
    12

    Certifications
    CCNA R&S, CCNA Sec
    #1

    Default OSCP - where to start?

    Hi, I've decided to take OSCP as far as it is one of the best security certifications on the market.
    However I have a lot of questions that are tormenting me.
    1st : where to start? I can't see any official course (study guide), book or videos to buy.
    2nd: what about the topics? OSCP is covering which security elements?
    3rd: Where can I practice, and How am I supposed to know if I'm ready or not?
    4th: What are the requirements? I have to master Linux, BackTrack and other technologies before starting?
    FYI; I'm holding CCNA R&S, Security and CompTIA Security+
    Reply With Quote Quote  

  2. SS -->
  3. Member
    Join Date
    Jul 2015
    Posts
    59
    #2
    I start in a couple weeks, so YMMV. I'd start using some Google-fu to further answer your questions though.

    1. The study guide is a PDF, Videos, and Exercises from OS that you receive when you start. You also get access to the Lab, if you will, where you practice on a plethora of machine and networks before sitting for the exam. If you are looking to brush up your knowledge there are a number of posts on here and in the tubes to look at.

    2. The OSCP syllabus is publically available.

    3. You can practice with Virtualbox/VMWare with any number of boot to root images, books (I like Georgia Weidmann's Pentesting book), various websites, and other tools. From what I can gather, you are ready when you are ready to dedicate some time to the course. Most people recommend 90 days with 20+ hours a week min.

    4. There are no requirements. Although it is recommended to be comfortable in the linux CLI. Most folks will also say brush up on python/bash and do some cursory studies on x86 buffer overflows.

    Good luck.
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    May 2013
    Posts
    1,109

    Certifications
    GWAPT, GSEC, Associate of (ISC)2, C|EH, CCNA:Security, CCNA:R&S, CCENT, Security+, Network+
    #3
    1. The only way to get the official course book and videos is to purchase a package (30/60/90 days) for Penetration Testing with Kali. You could use material for the CEH to prepare but most of that stuff will only help a little. The official course package and researching is how you learn a lot.

    2. The PWK syllabus is available on their website for download.

    3. There are test VMs out there for Penetration Testing and you could also make a vulnerable lab at home. Once you buy the course, you get VPN credentials to their lab for either 30/60/90 days (depending on the package you purchased).

    4. They recommend being comfortable (intermediate level) with Linux and familiarity with scripting. Knowing tools on Kali is not a requirement but of course it helps. The course is not with Backtrack it is with Kali...BT was replaced around 2 years ago.

    Those certifications will help in your knowledge of how networks interact, however you compromise systems/applications...not network devices in the course.

    I would also google hints on taking the OSCP or look at the review section on their website as many people have said what helped them stay organized during the labs through the exam.
    Last edited by TechGuru80; 08-11-2015 at 03:03 AM.
    Reply With Quote Quote  

  5. Junior Member
    Join Date
    Jul 2015
    Posts
    12

    Certifications
    CCNA R&S, CCNA Sec
    #4
    I think that CEH is a necessaty to have an idea about the penetration world.
    I've read that its level is intermediate, comparing to OSCP's, which is advanced.
    What about taking a look and passing the CEH before dealing with OSCP.
    I see that CEH study materials are all over the net (study guide / books to buy / Free videos) ..
    What do you think? Am I going to lost time or is it a good idea?
    Reply With Quote Quote  

  6. Member
    Join Date
    Sep 2014
    Posts
    38

    Certifications
    CISSP, OSCP, CEH
    #5
    I don't see the CEH as a necessity at all. Yes, it gives you familiarity with some of the tools but isn't in the same league, to be honest. Review the syllabus for the OSCP online and then use google or one of the CEH books to get comfortable with the topics.
    Last edited by griffondg; 08-11-2015 at 12:21 PM.
    Reply With Quote Quote  

  7. Senior Member MrAgent's Avatar
    Join Date
    Oct 2010
    Location
    Northern Virginia
    Posts
    1,283

    Certifications
    Sec+, MCP, MCSA 2003, MCTS, MCITP:VA, VCP5, MCSA 2012, MCSE Private Cloud, MCSE Server Infrastructure, C|EHv7, RHCSA, OSCP, GCIH, OSWP
    #6
    Read some reviews and go over their syllabus to get a better idea.
    2016 Goals: GCIH, OSWP - DONE!
    My OSCP review http://www.jasonbernier.com/oscp-review/
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks