Hi all.
This is my first message.
I've just passed Offensive security exam and obtained
OSCP.
Want to share my experience about how it was. So,
start from the beginning.
My background relies on six years in IT, four of them in IT Security. I started as technical
support engineer and now I'm not only Expert Security Researcher but
Independent Security Researcher. Also, I'm experienced in IT security,
audit, pentest and enterprise defense including system and network
administration. Last year I passed "Professional Penetration Tester" exam by
elearnsecurity and got
eCPPT.
Why did I choose this course and should to do the same? My personal motivation for taking the course and exam were to better
understand some techniques and methods of penetration testing
, the desire to enhance my knowledge and get qualification. Sometimes potential employers would rather see a professional
qualification on the CV. I heard about this course from skilled professionals earlier and
I do not regret their choice.
It was amazing challenge.
Despite that I am unable to share the details of the course, I will try to give some advices. If you want to pass the exam and do all of the Lab, I would recommend to take 60 or 90 days (about 4-6 hours everyday) depends on your knowledge.
The books above and some
online resources help me to do some boxes in lab.
The good reviews about exam and lab has already written I fully agree with is available here:
http://g0tmi1k.blogspot.com/2011/07/review-pentesting-with-backtrack-pwb.html
http://proactivedefender.blogspot.com/2012/01/oscp-my-review.html
I just say that the Lab consists of the several subnets, which you should to find and open with the keys. The final goal in the Lab is the key in admin network but also you can try to get root on all of the Lab PCs.
I had some troubles with several PCs in the Lab, because another students doing the lab at the same time or did before me and
interfere with other: change passwords, disable services and etc. My advice is revert PCs from your panel before you start.
I took 2 months of the lab time. I spent for the labs about 4 hours at first month and 6 hours at last every day and night and as much as
possible on weekends. It was not an easy thing when you are married and working. I'm very tired.
There are a range of boxes, with mix operating systems, services and different ways of exploitation and getting root.The lab is really well designed, many thanks to developers and admins. I have to be short-spoken because of two reviews mentioned I fully shared with authors.
Finally I
rooted almost all of the Lab machines, wrote some working exploits, and sent 2 reports (Lab and Exam). When I received the official email from Offensive Security that I had passed I was very happy and satisfied the results. I really did enjoy the whole course and waiting for a letter with my Certificate.