Hello Everyone, I am back again with my third blog post. I have received many requests to explain how I have prepared for the OSCP, so here it is.
P.S. Sorry I haven’t made this post sooner, I had finals in college and had to wrap up the school year!
Firstly, I would like to start off and tell everyone who I am and my experience with technology. I am currently 19 years old and do not have any cyber security certifications under my belt. However, I do have some experience. I have been running a desktop support business in my area for over a year and have acquired 150+ clients. About half of them are small businesses, and the other half are residential. This has allowed me to earn a nice income, and has given me the opportunity to be exposed to a wide gambit of technologies. Also, I have taken a couple of college level programming classes, so I am familiar with the basics. In December of 2017, I realized this industry is my passion and I have been vigorously learning ever since.
After finding out that this industry is my passion, I started trying to swim in this massive ocean. First, I picked up two books:
- The Basics of Hacking and Penetration Testing, Second Edition: Ethical Hacking and Penetration Testing Made Easy by Patrick Engebretson
- Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman
Which have served a great purpose. The first book gave a really nice general scope of what hacking is, and how it is accomplished. The latter was a hands on approach, and gave me experience with Kali Linux, Metasploit, Nmap etc. Genuinely, this combination may be the best duo I could’ve picked to get into this field, as it gave me the theoretical and hands on dichotomy. What I have found is that you must get some hands on experience before reading a higher level perspective. If someone simply reads the high level view they’ll find themselves trying to memorize foreign steps, methods, and concepts. Instead, take a more hands-on approach, get a little familiar with the tools, then read the higher level book and it’ll demystify so much more. Before I continue, I must say that Georgia Weidman’s book is somewhat outdated. The concepts are relevant, but it takes some elbow grease to follow along. Absolutely worth the read nonetheless!
Note: I have heard that Georgia did a free video course that related to her book, so feel free to check that out too!
The Certified Ethical Hacker:
I know, I know. All of you are wondering why I am talking about the CEH, but trust me, it makes sense! The next logical step I took in this field was to try to obtain a certification. Keep in mind, I was brand new to this industry. I searched around and ultimately decided on studying for the CEH. I know there is incredible animosity between proponents and critics of the CEH, but it teaches you high level cyber security concepts, and that cannot be disputed. The CEH is similar to the Security+ with some additive tool information. I read the Matt Walker Exam Guide, and cannot thank him enough for this amazing book. It is quite verbose in the areas it needs to be, and doesn’t waste time on the outdated/unimportant areas. I read this book cover to cover, and I can truly say it drastically changed my overarching image of cyber security. Even if you are not going to attempt the CEH exam, this book is incredible for learning about high level security. I ultimately opted to instead go for the OSCP and for now have side tracked the CEH, but this book provided great insight nonetheless.
The OSCP: Specified Studying
After reading that book, I ultimately opted to spend my money on the OSCP instead. Ever since, I have been specifically studying for this course. For the past months I have been filling my head with as much security information as I can. Here are the books I have additionally purchased:
- The Hacker Playbook 2: Practical Guide to Penetration Testing by Peter Kim
- Professional Penetration Testing, Second Edition: Creating and Learning in a Hacking Lab by Thomas Wilhelm
- The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws 2nd Edition by Dafydd Stuttard and Marcus Pinto
- Black Hat Python: Python Programming for Hackers and Pentesters by Justin Seitz
All of these books have played integral in the arsenal for one reason or another, and I do not regret one purchase. They have added to my knowledge in the different areas on penetration testing, and I recommend them all.
The Hacker Playbook 2 provides insightful information on varying tools. Professional Penetration Testing scopes pentesting as a profession and contributes tips for writing reports. I am still going through the Web App Hacker’s Handbook, but it provides insightful information about port 80/443 vulnerabilities (VERBOSE!). Finally, Black Hat python has re-involved me in the world of programming, and will surely be beneficial for the OSCP.
I have also gone through a few plural sight courses. Their content quality is second to none, and they make everything simplistic yet informative. I have watched Troy Hunt’s SQL Injection Course (~5 Hours), Ethical Hacking: Hacking Web Applications (~ 5 Hours), and Ethical Hacking: Hacking Web Servers (~ 3 Hours). I have also found a couple of great quality videos on Youtube:
These videos have all been contributed to my knowledge for the OSCP and Penetration Testing in general. I have listened to some of these videos multiple times over as I have driven around to continue to solidify that information.
Nothing beats the conjunction of reading these books, watching these videos, and staying immersed in content while simultaneously working in Kali Linux. I have been doing vulnhub boxes for awhile, and I personally followed Abatchy’s OSCP-like boxes guide.
I have gotten root on nearly every box on abatchy’s list and a couple of other obscure ones. Ultimately, the only good box the post is missing is Tr0ll.
Also, I recommend checking out Troy Hunt’s intentionally vulnerable web app hackyourselffirst.troyhunt.com as this has given me a much better understanding of attacking web apps.
Overall, I have spent dozens of hours playing around with Kali, tools, and breaking into stuff. This in combination with the theoretical knowledge has truly helped my preparation.
I have not been to a conference yet in person, but I have listened to dozens of conference speeches from Blackhat, Defcon, NDC etc. I reccomend listening to these talks in your car. There is so much wasted time driving, why not leverage it to continue learning? Here are a few interesting talks I have listened to:
- Blackhat 2017: How the Feds Caught Russian Mega-Carder Roman Seleznev
- Defcon 22: How Tor Users Got Caught
- Yow! 2015 – Making Hacking Child’s Play
I listen to all of these conferences from Youtube, and it isn’t about them directly helping towards my knowledge for the OSCP. It is all about just becoming immersed in this field, and everything else will fall into place. There is absolutely endless amounts of conference content out there, dive in! You’ll be more knowledgeable on the other side!
Lastly, I like to stay in the loop on the current Information Security happenings. This boosts my knowledge all around and continues to improve my picture of Information Security. I read and try to comprehend many of the posts on the subreddit netsec (It’s really hard sometimes!) I also follow OSCP, netsecstudents, and AskNetSec on reddit. Additionally, every week I watch Troy Hunt’s weekly update which is mainly Web Application Security based, but incredibly important for the OSCP nonetheless.
Note: I have heard many times that boxes in the OSCP have vulnerabilities on port 80, that is why I have tailored a lot of knowledge towards Web Apps!
There it is folks. There is what I have done to gain knowledge for the OSCP. My tip is to immerse yourself. There is no streamlining this knowledge. It is going to take awhile and there is no way around it. These concepts are difficult to understand at first, but the more exposure you have the more prepared you’ll be. I registered for the course, then studied my ass off for it. I am a true believer in just dive in and do it. So this is my progress so far. Course starts tomorrow! Expect an update on how it’s going Monday or Tuesday of next week. Thank you all for reading.