+ Reply to Thread
Page 3 of 4 First 123 4 Last
Results 51 to 75 of 90
  1. California Kid JoJoCal19's Avatar
    Join Date
    Mar 2009
    Location
    Jacksonville, FL
    Posts
    2,322

    Certifications
    CISSP, CISM, CISA, CRISC, GCIA, GSEC, CEHv8, CHFIv8, ITIL-F, MSISA, BSBA
    #51
    Awesome!
    Have: CISSP, CISM, CISA, CRISC, GCIA, GSEC, CEHv8, CHFIv8, ITIL-F, BSBA - University of Florida, MSISA - WGU
    Currently Working On: MS Cybersecurity, Learning Python
    Next Up:​ None
    Reading:​ Python Crash Course
    Reply With Quote Quote  

  2. SS -->
  3. Member
    Join Date
    Jan 2017
    Posts
    96
    #52
    Its really fun following the journey.
    Reply With Quote Quote  

  4. Junior Member
    Join Date
    Jun 2016
    Location
    Italy
    Posts
    6

    Certifications
    CISA, LA ISO 27001, LA ISO 22301, eCPPT, OCAJP, OCPJP
    #53
    Quote Originally Posted by McxRisley View Post
    Join the TechExams discord channel at https://discord.gg/AQwaeGf

    The channel is growing nicely and there are lots of good resources listed along with current students who can help nudge you in the right direction if you need it.
    Hi, you're doing a great job there. Congrats.

    If allowed, I'd like to join the channel (I'm currently doing some pre-course training but I plan to start PWK within a couple of months).
    Clicking on the above link I get an invite not valid/expired message.
    Thanks
    Reply With Quote Quote  

  5. Senior Member McxRisley's Avatar
    Join Date
    May 2016
    Posts
    153

    Certifications
    Bachelors of Science in IT, MTA, SEC+, CSA+, CASP, C|EH, OSCP
    #54
    Hey guys, It's been awhile but I am back with another update! at This point I am sitting on 44 hosts, inlcuding all but one from the pub network and the entire admin network. This is what my new goal was and I am happy to have made it this far. I havent been doing much attacking this last week as I have been writting my report and getting it all ready to turn in after my exam. I have also moved my exam date up to this Sunday and will begin at 11 am my time. Also I took and passed the CEH yesterday, what a joke..... anyways back to things that are relevant. This will most likely be my last update until after my exam. After my exam I will come back and give additional insight and info about my progress in the labs and on the exam.
    Reply With Quote Quote  

  6. Senior Member supasecuritybro's Avatar
    Join Date
    Jul 2015
    Location
    Miami, FL
    Posts
    152

    Certifications
    CISSP, GPEN, eJPT, CSA+
    #55
    Quote Originally Posted by McxRisley View Post
    Hey guys, It's been awhile but I am back with another update! at This point I am sitting on 44 hosts, inlcuding all but one from the pub network and the entire admin network. This is what my new goal was and I am happy to have made it this far. I havent been doing much attacking this last week as I have been writting my report and getting it all ready to turn in after my exam. I have also moved my exam date up to this Sunday and will begin at 11 am my time. Also I took and passed the CEH yesterday, what a joke..... anyways back to things that are relevant. This will most likely be my last update until after my exam. After my exam I will come back and give additional insight and info about my progress in the labs and on the exam.

    YEah that C|EH is a joke. Way to GO! Best wishes and get it done!
    Completed: CISSP, GPEN, eJPT, CSA+, M.S. Information Security
    Current Goal: eCPPT
    Five Year Plan:​ RHCSA, CISM, OSCP, GSEC, GCIA, GCIH, GMON, GWAPT, GSE
    Book/CBT/Study Material:​ Web Application Video Course Cybrary
    Reply With Quote Quote  

  7. There is no spoon. p@r0tuXus's Avatar
    Join Date
    Nov 2016
    Location
    KCMO
    Posts
    515

    Certifications
    ITIL-F, A+, S+, CCNA
    #56
    I've enjoyed your thread, I wish you success and can't wait to see that "Passed!" post coming up.
    Reply With Quote Quote  

  8. California Kid JoJoCal19's Avatar
    Join Date
    Mar 2009
    Location
    Jacksonville, FL
    Posts
    2,322

    Certifications
    CISSP, CISM, CISA, CRISC, GCIA, GSEC, CEHv8, CHFIv8, ITIL-F, MSISA, BSBA
    #57
    Good luck on the exam!
    Have: CISSP, CISM, CISA, CRISC, GCIA, GSEC, CEHv8, CHFIv8, ITIL-F, BSBA - University of Florida, MSISA - WGU
    Currently Working On: MS Cybersecurity, Learning Python
    Next Up:​ None
    Reading:​ Python Crash Course
    Reply With Quote Quote  

  9. Junior Member Registered Member
    Join Date
    Feb 2017
    Posts
    3

    Certifications
    A+, ACMT(Apple), Security+, ACE (Palo Alto), PPT (pen testing cert).
    #58

    Default I signed up just to say thank you!

    Quote Originally Posted by McxRisley View Post
    Hey guys, It's been awhile but I am back with another update! at This point I am sitting on 44 hosts, inlcuding all but one from the pub network and the entire admin network. This is what my new goal was and I am happy to have made it this far. I havent been doing much attacking this last week as I have been writting my report and getting it all ready to turn in after my exam. I have also moved my exam date up to this Sunday and will begin at 11 am my time. Also I took and passed the CEH yesterday, what a joke..... anyways back to things that are relevant. This will most likely be my last update until after my exam. After my exam I will come back and give additional insight and info about my progress in the labs and on the exam.

    McxRisley, Thank you for all the updates on this. You have no idea how much this helps me. I feel more confident now.

    Thank you!
    Reply With Quote Quote  

  10. Member
    Join Date
    Jan 2017
    Posts
    96
    #59
    Good luck!
    So motivated and looking forward to taking the course!
    Reply With Quote Quote  

  11. Senior Member Mooseboost's Avatar
    Join Date
    Jan 2015
    Location
    North Carolina
    Posts
    637

    Certifications
    CCNA: R&S, eJPT, JNCIS-SEC, Adtran(IPBG & IN), Dell Sonicwall CSSA, Dell Sonicwall Email Security, CompTIA Security+, CompTia Network+
    #60
    Looking forward to reading about your pass soon.
    2017 Certification Goals: CISSP [] eCPPT [] OSCP []

    Blog: www.networkingfox.net
    Reply With Quote Quote  

  12. Senior Member McxRisley's Avatar
    Join Date
    May 2016
    Posts
    153

    Certifications
    Bachelors of Science in IT, MTA, SEC+, CSA+, CASP, C|EH, OSCP
    #61
    Well......... I've been up for a day and a half. I sat through the whole exam with minimal breaks and no sleep. It took me 22 and a half hours to finally reach the 75 point mark not including the points for my lab report and exercises. All in all that was one tough exam. I spent the better part of 12 hours completely stumped but in my final hours I pulled through. I will elaborate more when I have had some sleep. It feels good to be at the end of this journey.....for now.
    Reply With Quote Quote  

  13. Senior Member chrisone's Avatar
    Join Date
    Nov 2009
    Location
    Los Angeles
    Posts
    1,569

    Certifications
    SilentBreakSecurity - DarkSideOps, CISSP, CCDP, CCNP R/S, CCNP Security (Secure, FW) , C|EH , PA ACE
    #62
    Wow! so all in all this journey has taken you almost 3 months! that is pretty quick! I hope you get that well deserved pass, looks like you were beasting through hours and hours of study.
    2017 Goals: Dark Side OPS: Custom Pentesting (complete), eCPPT (in progress), LFCS (in progress), OSCP
    Reply With Quote Quote  

  14. There is no spoon. p@r0tuXus's Avatar
    Join Date
    Nov 2016
    Location
    KCMO
    Posts
    515

    Certifications
    ITIL-F, A+, S+, CCNA
    #63
    Quote Originally Posted by chrisone View Post
    Wow! so all in all this journey has taken you almost 3 months! that is pretty quick! I hope you get that well deserved pass, looks like you were beasting through hours and hours of study.
    He has some threads dating back to May of 2016 signalling the prep for this exam. It was no doubt hard work and dedication to do everything needed to get to this monumental point of tribulation. Surely, with all the work and lab-time, he nailed it. Also, I noticed he's taking his exam with 2-3 weeks to spare in case he needs to re-take the exam... I'm assuming.

    Excited to get to tackle this too, but I'm just on the outset of his own timeline and always watching for these OSCP threads. They're exciting!
    Reply With Quote Quote  

  15. Senior Member chrisone's Avatar
    Join Date
    Nov 2009
    Location
    Los Angeles
    Posts
    1,569

    Certifications
    SilentBreakSecurity - DarkSideOps, CISSP, CCDP, CCNP R/S, CCNP Security (Secure, FW) , C|EH , PA ACE
    #64
    I hope I can complete OSCP within 3 months, after I finish eCPPT. I start OSCP in April and want to have both eCPPT and OSCP completed before blackhat where I will be taking Darkside Ops Custom pentesting course. Hopefully eCPPT is good enough prep/pre work that will help me finish within 3 months
    2017 Goals: Dark Side OPS: Custom Pentesting (complete), eCPPT (in progress), LFCS (in progress), OSCP
    Reply With Quote Quote  

  16. There is no spoon. p@r0tuXus's Avatar
    Join Date
    Nov 2016
    Location
    KCMO
    Posts
    515

    Certifications
    ITIL-F, A+, S+, CCNA
    #65
    Quote Originally Posted by chrisone View Post
    I hope I can complete OSCP within 3 months, after I finish eCPPT. I start OSCP in April and want to have both eCPPT and OSCP completed before blackhat where I will be taking Darkside Ops Custom pentesting course. Hopefully eCPPT is good enough prep/pre work that will help me finish within 3 months
    How is your experience with the eCPPT course? I was considering that as well and had hoped there were more videos/labs than slides, based on the ejpt course I'm doing now.
    Reply With Quote Quote  

  17. Senior Member chrisone's Avatar
    Join Date
    Nov 2009
    Location
    Los Angeles
    Posts
    1,569

    Certifications
    SilentBreakSecurity - DarkSideOps, CISSP, CCDP, CCNP R/S, CCNP Security (Secure, FW) , C|EH , PA ACE
    #66
    I think eCPPT is good. I had taken PTPv2 back in 2013 and failed the exam. I was under a lot of pressure at the time working on a Nexus Data Center core replacement and my career was strictly network engineering. Now I am fully security dedicated and I came back to finish the job with eCPPT lolThe information is good, the slide format has big text and it seems like the slides only use 40% of the browser real-estate. That combination causes the user to click through loads of slides and clicking back and forth to cross reference topics is a pain. I highly enjoyed the Systems module. Going through Architecture fundamentals, Assembly language, Debuggers, buffer overflows, shellcodes was interesting. I had to go over the systems module twice in order to get those concepts. That is after going through it back in 2013, which obviously to be fair, I don't remember much from back then. I think most people would get a little frustrated or find that module hard, but at the end of the day I feel good somewhat being able to understand it. I think the only things that will translate or help me with OSCP would be the Networking module and bufferover flow/shellcode topics from elearn. Many say OSCP does not entertain web pentesting topics like elearnsecurity does. So when I tackle OSCP I am hoping to progress well knowing I don't have to focus on XSS, SQL Injections, etc. nevermind I stand corrected

    OSCP HOLDERS CAN

    Use multiple information gathering techniques to identify and enumerate targets running various operating systems and services.
    Write basic scripts and tools to aid in the penetration testing process.
    Analyze, correct, modify, cross-compile, and port public exploit code.
    Successfully conduct both remote and client side attacks.
    Identify and exploit XSS, SQL injection, and file inclusion vulnerabilities in web applications.
    Deploy tunneling techniques to bypass firewalls.
    Demonstrate creative problem solving and lateral thinking
    Last edited by chrisone; 02-28-2017 at 08:25 PM.
    2017 Goals: Dark Side OPS: Custom Pentesting (complete), eCPPT (in progress), LFCS (in progress), OSCP
    Reply With Quote Quote  

  18. Senior Member McxRisley's Avatar
    Join Date
    May 2016
    Posts
    153

    Certifications
    Bachelors of Science in IT, MTA, SEC+, CSA+, CASP, C|EH, OSCP
    #67
    Those people who said that the OSCP does not contain web pentesting topics are wrong lol. It does in fact have web pentesting topics and A LOT of the labs are web app based.
    Reply With Quote Quote  

  19. Senior Member
    Join Date
    Jul 2015
    Location
    Island on the other side of Pacific pond
    Posts
    942

    Certifications
    C****, C***, C**
    #68
    Wow! Impressive! I look forward to your review.

    OSCP is still on my to-do list, but I want to do eCPPT first.
    Reply With Quote Quote  

  20. Senior Member chrisone's Avatar
    Join Date
    Nov 2009
    Location
    Los Angeles
    Posts
    1,569

    Certifications
    SilentBreakSecurity - DarkSideOps, CISSP, CCDP, CCNP R/S, CCNP Security (Secure, FW) , C|EH , PA ACE
    #69
    Quote Originally Posted by McxRisley View Post
    Those people who said that the OSCP does not contain web pentesting topics are wrong lol. It does in fact have web pentesting topics and A LOT of the labs are web app based.
    Ah ok my mistake, so it did cover a lot of xss and sql varities? What about any assembler exploit development?
    2017 Goals: Dark Side OPS: Custom Pentesting (complete), eCPPT (in progress), LFCS (in progress), OSCP
    Reply With Quote Quote  

  21. Senior Member TeKniques's Avatar
    Join Date
    Jul 2004
    Location
    Oregon, USA
    Posts
    1,245

    Certifications
    OSCP, CISA, CISSP, SSCP, MCSA 2008, MCSE 2003: Security, MCDST, MCP, Security+, Network+, A+, Project+, CCENT, CCNA
    #70
    Quote Originally Posted by McxRisley View Post
    Those people who said that the OSCP does not contain web pentesting topics are wrong lol. It does in fact have web pentesting topics and A LOT of the labs are web app based.
    Congrats on the pass. I was wondering the same thing who was talking about that ... not only in the labs but the exam definitely has web application things.
    Reply With Quote Quote  

  22. Senior Member chrisone's Avatar
    Join Date
    Nov 2009
    Location
    Los Angeles
    Posts
    1,569

    Certifications
    SilentBreakSecurity - DarkSideOps, CISSP, CCDP, CCNP R/S, CCNP Security (Secure, FW) , C|EH , PA ACE
    #71
    sorry I misread someone elses post. Disregard
    2017 Goals: Dark Side OPS: Custom Pentesting (complete), eCPPT (in progress), LFCS (in progress), OSCP
    Reply With Quote Quote  

  23. Senior Member McxRisley's Avatar
    Join Date
    May 2016
    Posts
    153

    Certifications
    Bachelors of Science in IT, MTA, SEC+, CSA+, CASP, C|EH, OSCP
    #72
    I received my official confirmation of passing the OSCP today! This has been one of the greatest and most challenging experiences of my life to say the least. As promised I will give a brief review of the exam and my final thoughts in a coming post but for now I am going to take a break and stare my confirmation email for a bit haha
    Reply With Quote Quote  

  24. Senior Member chrisone's Avatar
    Join Date
    Nov 2009
    Location
    Los Angeles
    Posts
    1,569

    Certifications
    SilentBreakSecurity - DarkSideOps, CISSP, CCDP, CCNP R/S, CCNP Security (Secure, FW) , C|EH , PA ACE
    #73
    DUDE! Well deserved! we all knew it the moment you posted your score lol Ah man I start my jouney in 4 weeks! Can't wait!

    AHHHH! "must have this done before Blackhat/Defcon"

    Great work once again, much respect!
    2017 Goals: Dark Side OPS: Custom Pentesting (complete), eCPPT (in progress), LFCS (in progress), OSCP
    Reply With Quote Quote  

  25. Senior Member McxRisley's Avatar
    Join Date
    May 2016
    Posts
    153

    Certifications
    Bachelors of Science in IT, MTA, SEC+, CSA+, CASP, C|EH, OSCP
    #74
    *****PWK COURSE REVIEW*****

    This course was by far the toughest and greatest learning experience of my life, it will literally crush your soul if you let it. I had planned to start studying for it mid last year and did so for a couple of weeks and then got involved in other things. I didn't really buckle down on it until mid November of last year. So all in all it took me around 3 months of studying and working my ass of on VMs from vulnhub and the labs. I came in with almost no scripting experience and left with some but what I can do now is read scripts and alter them to my liking (I plan to remedy this by doing some heavy python work), this course is also VERY web app heavy when it comes to the lab machines. I came into the course with some decent web app skills and it paid off (insert zaids udemy courses plug for 1000th time here). One thing in particular about the web apps in the lab though is that I only really got to use Burp effectively once, could I have used it more than once? Yes, but it wasnt needed. I kept my usage of metasploit to a bare minimum in the labs but I did use it a handful of times. Let's face it, metasploit is a badass is tool and is very fun to use. One thing I did use A LOT througout the course is msfvenom and the multi handler exploit, these 2 things combined are a god send and very handy for the labs. DO YOUR EXERCISES AND LEARN THEM! My usage of netcat and FTP was also key to my success in the labs, you will become very familiar with pentestmonkey(or at least you should). Another crucial thing while doing this course, if you figure something out and dont quite understand why or how it works, FIGURE IT OUT! Understanding how and why things work is a big part of this course and will aid you and applying that method effectively later on in the course as well.

    *****EXAM REVIEW*****

    My exam was tough, I started off strong getting my 10 point box without the use of metasploit and getting a low priv shell on one of my 20 point boxes. I spent the next several hours getting nowhere so I decided to go ahead and finish the buffer overflow box up and within less than an hour secured another 25 points. I then spent the next 12 hours spinning my wheels and feeling hopeless and defeated. There was one exam machine in particluar that was taunting me the entire exam, it had a web page on it with a long binary string that translated to "only n00bs can't pwn me"....... This infuriated me. Then finally in my last 2 hours, when i had all but given up, I found something and hit my stride again. I rooted the box that had been taunting me and then in another 45 minutes rooted my other 20 point box giving me a grand total of 75 points not including my lab report or exercises. The feeling this gave me is indescribable, I had done it, I conquered the OSCP. After submitting all of my local and proof.txts I decided to call it and finish up my report instead of working on my last 25 point box. I finished up my report and sent it off before my exam time was up. My report was a grand total of 220 pages and included the lab report, all of the course exercises and my exam report.

    One thing I noticed a lot of people saying in thier reviews is the neccessity of scripting your scans. I can assure you that this statment couldnt be farther from the truth and is not needed. If you feel the need to do this, then go right ahead but it is not a necessity.

    Also for those wondering, the use of metasploit is limited in the exam. You may only use metasploit ON ONE SYSTEM ONLY. You can not poke around with it on every machine, once you fire it off against a machine, that's it. Thats is now your one metasploit target. However the use of msfvenom/meterpreter and the multi handler exploit is not limited, you just cant use any post modules with your meterpreter shell if that machine is not your one metasploit target. All of this is explicity detailed in the exam rules. If you have already passed the exam at an earlier date and are reading this, the rules have changed since you last took it.

    *****DISCLAIMER*****
    What I am about to say may offend or upset some of you, but hey, the truth hurts. So if you're a softie this next paragraph isn't for you.

    *****FINAL THOUGHTS*****

    So I originally came into this course basically knowing nothing and wanting to prove that anyone can do it, but throughout my time in the course and dealing with some of the other students or those who were hopeful in one day taking the exam I noticed a few things and I would like to express my opinion on these things. I know this contradicts my original thought process but THIS COURSE IS NOT FOR EVERYONE. I spent over 40 hours a week on this course, I have literally never worked harder for anything in my life than I did for this course. If you can't devote the majority of your time to this course, DON'T SIGN UP FOR IT. There are people who have been taking this course for close to a year or longer just to give you an idea of the amount of time and dedication it takes. Also another thing I noticed is that people were skipping the pdf and videos and going straight to the exercises, only to get stuck on simple things that they would have known if they would have just took the time to do the exercises, so for the 100th time I'll say it again, DO YOUR DAMN EXERCISES!!!!!!!!! I met people who were better than me in a lot of areas but would get stuck on simple things because they hadn't done thier exercises.

    Ok now that I'm done ranting, I wana thank everyone whoever helped me out or gave me a nudge during my time in the labs. I also wana give a special shoutout to my bros from the Techexams discord, rex0r, hexcartel, swagger, and mindcrank. I owe my success to them and thier helpful nudges in my time of need in the labs. This has been one of the most rewarding things I have ever done and I am so happy to have earned my OSCP.

    So what's next for me? Well im currently going to hone my scripting skills in python and other languages through pentesteracademy.com while searching for my next pen testing cert. I'm currently considering either the GPEN or GXPN, so if you have any input on these courses and thier value compared to OSCP I would greatly appreciate it.
    Last edited by McxRisley; 03-02-2017 at 12:40 PM. Reason: updates
    Reply With Quote Quote  

  26. There is no spoon. p@r0tuXus's Avatar
    Join Date
    Nov 2016
    Location
    KCMO
    Posts
    515

    Certifications
    ITIL-F, A+, S+, CCNA
    #75
    This was the post I was waiting for. Excellent job. I appreciate the brutal honesty and complete description of your labs/exam experience (minus DQ details). I can't wait to see what you decide to do next.
    Reply With Quote Quote  

+ Reply to Thread
Page 3 of 4 First 123 4 Last

Social Networking & Bookmarks