Passed the Exam
Over this past holiday weekend, I took and passed my OSCP exam. I started this course back in 2008 as detailed previously, but nothing I did back then really carried over to my knowledge base today other than knowing how the course works. I became interested in completing this unfinished task in November 2016 and I signed up for 90 days as March 2017 rolled in. My initial goal was to get about half the boxes over my 90 days of lab time, but I exceeded that pace and adjusted my goals as I went along. After 66 out of 90 days, I had rooted every target system in the labs at least one way (many systems have multiple avenues of success, and I by no means found close to all of them). I extended my lab time 30 days just before taking the exam (for further research regardless of pass/fail), and took the exam on day 90+3.
The point of this and the next post is to give my insight into the course and exam experience. There are dozens upon dozens of exam reviews and stories out there, so I’ll try to keep this somewhat different from the many others. There won’t be a litany of links to cover topics to study (which is a bit ironic considering my links menu on the side). To be honest, others have proctored far better lists than I would provide. Go search them up!
I have 17+ years casual own-time interest in security. 14 years of IT technical work, mostly systems and networking plus security defense management. I am comfortable with scripting and coding principles, comfortable in PowerShell, novice-to-intermediate in Linux administration and working inside it, good with general networking, and extremely knowledgeable about Windows and systems/servers.
This means I bring a pretty decent history of knowledge and exposure to security concepts, even if I’m not always actively utilizing those skills and putting off-sec-style boots on the ground. My professional IT jobs have included doing things with security in mind. I use Linux Ubuntu as a day-to-day desktop at home. I’ve used BackTrack and Kali, and I’ve rooted a handful of boxes in the past using Metasploit or very simple tricks. I’m pretty learned over the years and understand technical concepts, but would still consider myself a bit of a neophyte to the deeper workings of hands-on pen testing.
My Pre-Course Activities
I did a bunch of things to lead up to my PWK/OSCP sign up, but the most important was simply reading other OSCP reviews and feedback and study lists on blogs, reddit, forums, youtube, etc. In doing so, I made an absolutely unattainable list of things to reference and check out, and I sort of tried to prioritize and tackle that list.
I checked out vulnhub and built a better lab environment at home for further study.
I slowly found some of the new and old places that students hang out and socialize, notably a private Discord server off the TechExams.net forum, a Slack off the netsec sub-Reddit, and the #offsec IRC channel.
I signed up for Cybrary and Pluralsight to take some courses to shore up some of my weaknesses and areas I’ve not been heavily exposed to: shell scripting basics, python basics, linux administration, kali and enumeration basics. To be honest, those Pluralsight courses were overall very helpful!
Being a previous student, I was allowed to upgrade my course materials for a small upgrade fee and download them without having to purchase more lab time. This proved to be awesome, as it allowed me to start studying the material without having it happen while my lab clock counts down.
I installed and started getting used to Kali Linux again as both a VM and a dedicated laptop, plus incorporated KeepNote into those installations and my normal Desktops and synced using Dropbox. (Note: In the actual PWK labs I only used my Kali VM that was downloaded as part of the student lab signup and never did an update to it nor had to ever revert it. I also switched away from KeepNote to CherryTree about 2 weeks into my lab time due to issues.)
Importantly, I made sure that I could sign up for the labs during a time where me, my job, and my loved ones were ready to accommodate the time-suck that is required for this course.