PentesterLab: First Impression Review

Like I mentioned at the end of last weeks post, I moved away from HackTheBox this week and studied on the PentesterLab site. This is a relatively new service that focuses on web application penetration testing, providing a wide range of systems that can be used to practice exploiting specific vulnerabilities. With approximately 200 exercises … Continue reading PentesterLab: First Impression Review →

OSCP Week 17: HackTheBox (Part 5)

I continued on with more HackTheBox machines this week, and have now managed to rack up 25 total. As usual for these types of posts, I'll detail some of the things I learned from each machine - but will not be covering them in enough depth to class them as complete guides. One of the … Continue reading OSCP Week 17: HackTheBox (Part 5) →

OSCP Week 16: HackTheBox (Part 4)

I took a break over the weekend and generally relaxed more during the week, so was only able to go through three retired HackTheBox machines. As such, this post will be shorter than usual, but I found some interesting things in these machines so I hope the post is still worthwhile. CronOS The hostname for … Continue reading OSCP Week 16: HackTheBox (Part 4) →

I Failed the OSCP Exam. Here’s Why.

Like the title states, I failed my first attempt at the OSCP exam last week. I came close, really close, but unfortunately couldn't quite get myself over the line. This post will cover the exam attempt itself, why I failed and what I'm going to do from here. The Exam Attempt My exam started at … Continue reading I Failed the OSCP Exam. Here’s Why. →

OSCP Week 15: Mock Exam (HackTheBox Part 3)

I initially thought that my exam was going to be the Friday just gone, but I quickly realized I had underestimated how much time I had, and found myself with another week to prepare for the OSCP exam. After some thought about what I should do with this newfound time, I decided to set myself … Continue reading OSCP Week 15: Mock Exam (HackTheBox Part 3) →

OSCP Week 14: HackTheBox (Part 2)

In the same vein as last week, I went through some more HackTheBox machines this week in preparation for my OSCP exam. Below are my quick thoughts and key takeaways for each of the machines I attempted. Arctic Similar to a machine seen in the OSCP, Arctic is a relatively straightforward web application exploit. Making … Continue reading OSCP Week 14: HackTheBox (Part 2) →

OSCP Week 13: HackTheBox (Part 1)

My first week of OSCP study without access to the OSCP lab environment! I decided to take it a little easy and give myself a bit of a break, but still went through a decent number of retired machines on the HackTheBox network. For each machine, I watched the IppSec video in full to gain … Continue reading OSCP Week 13: HackTheBox (Part 1) →

OSCP Week 12: Pain and Humble

Course content: 18/18 Lab machines: 28.5/55 Days: 90/90 I actually underestimated the amount time I had left, and was surprised to find out I was actually into my last week of lab access. Thinking I had 2 weeks left, 'losing' a week of time set me back a bit and meant I wasn't quite able … Continue reading OSCP Week 12: Pain and Humble →

OSCP Week 11: Heading Into the Home Stretch

Course content: 18/18 Lab machines: 26.5/55 Days: 77/90 I made some solid progress again this week, managing to root 3 lab machines of varying difficulties. It feels like I'm starting to head into the final stretch of my initial attempt at the OSCP so I'm doing my best to keep the motivation high and commit … Continue reading OSCP Week 11: Heading Into the Home Stretch →

OSCP Week 10: Taking a Step Back

Course content: 18/18 Lab machines: 23.5/55 Days: 70/90 I managed to get through 2 lab machines this week, which is a little less than what I have done in usual weeks. However, there is a reason for this. I decided to go back through the course material, reading it through and completing some of the … Continue reading OSCP Week 10: Taking a Step Back →