I tried harder and achieved the OSCP certifications. From my high school, I always wanted to learn the magic pentester do over a system, and in my view PWK is the way to learn that magic.

Note: Jump to The Road to OSCP section if you are here only for resources.

My Starting years in IT!

I’m programming since my early school-days, but never had the chance to really jump deep into the core of the systems and operating systems. However I have used my programming skills automating the tasks such as benchmarking of my websites, writing python scripts for testing login forms, automating linux tasks and so on.

Okay back to the OSCP thing. I have never had more than the basic knowledge of security that was required to keep my programs safe. Till my University FYP I didn’t get any chance to jump to cyber security but had enough experience with many programming languages not only at course level but I have already done many freelance projects during my university days.

How I jumped into (a little part of) Cyber Security!

In my University final year I got the chance to work on a memory forensics project as my FYP. I only got a little of chance to actually work on memory forensics and most of the time was spent on programming and automating the things that was already discovered but still it wasn’t bad as a start.

Why OSCP!

It’s been years I have programming and doing the defensive side of security but I was always interested into offensive and attacking side. This led me to lots of research about the various courses available, CEH, OSCP, CISSP and so on. I started reading the blogs, books and watching defcon videos on youtube. I was getting their talk but I had still no idea how these things (magics) actually works in practical life. They all seemed to be rather shallow in terms of what they actually taught. I wanted to actually know how to carry these attack on real environments. By now I knew many of methodologies and tools used in pentesting but had no hands on experince. I knew that PWK is the course I have to start, that offers hand on experince with a number of vulnerable machines during the lab time and a challenging exam with a time limit of 24 Hours rather than the theory and multiple choices exam. After the completion of the PWK course one get the OSCP certification that have a value the in field of cyber security because of it’s being challenging and proctored.

The Road to OSCP!

image

I won’t go deep into the details of OSCP as you can find this on offsec’s official website and probably on other writeups available on the internet.

If you haven’t skipped the above sections, you may know that I had basic theoretical knowlege of methodologies, tools and terms used in cyber security and that was the best time (or a requirnment to jump into cyber security) to go for the PWK. I was little afraid that I am not in the condition to go for it and the feeling was because I had read a-lot of blogs / writeups saying that its not for starters and some reddit’s post in which people are discussing it’s their forth or fifth try for OSCP exam. But believe me if you have courage you will pass it in first try.

Okay it’s Jan 2020, I got a good experience with programming and linux, I know the basics of cyber security, I know what a vulnerabilty is, what is an exploit, what is reverse engineering, some basics of OWASP TOP 10 and name of some tools like burp suite, sqlmap and nmap. Fair enough huh.

Before staring the PWK course I decided to give a shot to Hack The Box, I already had an account, not sure when I created it but I remember that for invitation code I followed some youtube video or a blog somewhere I actually don’t remember. I was not in position to start with active machine so I bought a one month subscription and started with retired machines by following the IppSec walkthrough videos on youtube. After doing 5 to 6 machines, I realized that its not benefiting me as I was only following the walkthrough and not using my thinking and not doing my researchs that would eventually help more. I tried doing retired machines on my own but as I knew I have a walkthrough available I was not putting my best so I started active machines. The plus point on active machines were that I started searching about the services, web apps and whatever I found on the machine. No matter I was searching the right thing or not, I was reading the intended way or not it was always useful as now I was learning new things. I started getting help from Hack The Box Forums as nudges was not straight forward that means you still have to search on internet. After owning 3 to 4 active machines I was getting clear on my end goal of the hacking / penetration testing. Why enumeration is important and how to use information we got from the enumeration. I would recommend trying Hack The Box if you are really starting in the cyber security field and want to go for PWK with zero or little knowledge.

I played with Hack The Box for like two and a half month, when I reached Pro Hacker level (I am still Pro Hacker at time of writing this post) I decided to register for 60 days of PWK labs. I register myself on 12th March 2020, my lab started on 25th March and received the video content and pdf on my email. I spent 10 days only on videos content and PDF, making my notes so that I won’t have to refer back to pdf again. Yeah! I know 10 days are too much for the pdf but still I wanted to grab everything first before jumping to practical work. I was following this awesome quote from Abraham Lincoln, Give me six hours to chop down a tree and I will spend the first four sharpening the ax.. On 11th day I started my first machine and my plan was to atleast pwn one machine per day as I had a 9 hours office duty. In short there was days I pwned 4 machines per day and there were several days I did none. At the end of the lab I had total of 45 machnies pwned including big four and 3 networks.

After completing my labs, I realized that 30 days of labs were enough but I went for 60 days as a safe side becuase of my office duties and timings. For exam I decided not to wait long enough so I chose a date of 20th Jun 2020 that was 25 days after my lab ended. I did nothing on first 10 days after lab completion, after those peaceful 10 days I started playing with machines available on https://www.vulnhub.com/. Started doing OSCP likes machines on HTB following IppSec walkthrough and making the notes of things that were new for me. For BufferOverflow I found The Cyber Mentor videos really cool and easy to follow. Enough for the journey below is the list to all resources I mentioned or in case not mentioned but used during my learning and even during the exam.

Pre Labs Hands-On Practice

BufferOverFlow Learning

BufferOverFlow Practice

Windows Privilege Escalation

Linux Privilege Escalation

Misc

Beside those there are a-lot of resources I have used and are available on the internet. Beleive me If you going to give HTB & VulnHun a try you will definitely come across these mentioned above and many other awesome articles, repos and videos. Also if you are going to follow the walkthrough on IppSec channel, I will guarantee no matter at what level of cyber security you are, you will definitely find something you have never seen before.