Journey to OSCP – Update 1

Journey to OSCP – Update 1

Hello Everyone! I am back with a quick update!

Hours Spent: 22 Hours

Note: I always wondered about the actual hours spent by others, so I decided to record mine for everyone! Keep in mind, these hours are not necessarily the most efficient hours. These are hours spent at the computer, or dealing with the task, but they do include my occasional run to the kitchen, texting, 20 minute lunch break etc. (Overall, time mainly spent working on OSCP).

 

Progress:

My email arrived at exactly 5:00pm on Saturday, May 26th, as promised! Offsec is very punctual! The email included all of the information I needed. It gave me the links for the materials, vpn stuff, forums etc. I downloaded everything and got it all configured, this probably took about an hour. I opted out of using the Offensive Security provided Kali VM. This has proved to not be the absolute best decision in terms of the Buffer Overflow part of the course, but overall, pretty smooth sailing on my own VM. I am currently on Chapter 10, which is a little over half way done with the materials.

 

My Process:

  1. Watch the entire chapter videos, unless it is a large chapter, and just let it wash over me.
  2. Read the corresponding PDF text.
  3. Take STRONG notes.
  4. Do the Exercises, while following along with the videos again if needed.

This methodology has proved to work very well for me. I have gone through each chapter thoroughly, taking detailed notes. The exercises are really critical. Do them right after you watch the video/read the text. Do not skip them, you’ll thank yourself later. These exercises really solidify the information learned throughout the chapter, and give you the ability to play with the concepts hands on.

 

My Tips:

I have prepared myself well for this. Nothing is really new to me except for the hands on buffer overflow sections, but I have a good grasp on them! All of my preparations have definitely come in handy. I recommend everyone to get very comfortable with Kali Linux before starting the course. The course requires a comfortably with Linux that will only come with time. Other than that, I recommend getting comfortable with the basic tools: Netcat, Wireshark, TCPdump, Nmap, Host, nslookup etc.

If the idea of using your own VM makes you uncomfortable, just use theirs. It is already equipped with everything one needs, and it is plug and play. If you feel comfortable using your own VM, go for it! But still download their VM. I assure you that it will come in handy at some point.

Do your Exercises! I cannot stress this enough. I have really taken my time so far and made sure to understand everything, I recommend everyone to do the same.

The materials they provide will not hold your hand through everything. Multiple times I have had to google commands and concepts they are talking about. Nothing has been major as I have already understood the overall concept, but still it is worth noting!

I am using Cherry Tree for note taking. It comes pre-installed in the more updated released of Kali, but it is not on their own VM. It has proved to be a great note taking program, and I personally like it much better than KeepNote. If you want to try it out for yourself type in:

apt-get install cherrytree

It will be located in the Applications -> Useful Applications -> Accessories drop down menu

Lastly, read their online syllabus located here. Get comfortable with everything in that syllabus and you’ll be absolutely fine throughout the materials!

 

It is truly awesome so far. I’ll update everyone again once I am done with the materials. That should be either late tomorrow night or Thursday morning. More to come…

 

-Matt Lewis

Feel free to email me at [email protected] with questions or if you are currently taking the OSCP as well!

(Note: I will not answer any questions that break the NDA, do not ask me very specific questions!)

 

4 thoughts on “Journey to OSCP – Update 1

  1. Hi Matt,
    Very excited to see how you progress through the course. I took it last year, but failed unfortunately 🙁 Best of luck going forward, it’s an awesome course!

    I would also recommend Live Overflow as a supplementary source of information, his channel really helped me understand the fundamentals of binary exploitation. It’s also got a lot of other great infosec content in general, 10/10 would watch again.

  2. I appreciate, cause I found just what I was having a look for. You’ve ended my four day long hunt! God Bless you man.

Leave a Reply

Your email address will not be published. Required fields are marked *