OSCP Week 2: Speed Bump

Course content: 11/18 Lab machines: 0/55 Days: 14/90 Progress stalled for me a bit this week, and I wasn't able to cover as much ground as I would have liked. Part of this is because I was unable to spend as much time during the week due to external commitments, but the main factor is … Continue reading OSCP Week 2: Speed Bump →

OSCP Week 1: Crash Course

Course content: 7/18 Lab machines: 0/55 Days: 7/90 So my first week of the OSCP PwK course is done and dusted. Like I planned, I spent around 20 hours total and was able to complete the first 7 course modules. I also decided to fully complete and document the lab exercises for the learning experience … Continue reading OSCP Week 1: Crash Course →

How I Prepared for the OSCP PwK and my Expectations for the Course

I'm writing this post the day before I officially start Offensive Security's Penetration Testing with Kali Linux course. Over the next 90 days I'll be studying the course material and making my way through as many lab machines as I can before attempting the OSCP examination, hopefully successfully. I decided to focus this post on … Continue reading How I Prepared for the OSCP PwK and my Expectations for the Course →

OSCP Prep Episode 15 – HackTheBox and a Confirmed Start Date

So the title basically gives the crux of this post away. My OSCP course start date has been confirmed for October 21st! After months of preparation, I'll finally be starting the OSCP PwK course exactly a week from today. I'm extremely excited at the prospect of getting stuck in with both the course and lab … Continue reading OSCP Prep Episode 15 – HackTheBox and a Confirmed Start Date →

OSCP Prep Episode 14 – HackTheBox and Reconnoitre

Continuing on from last week, this week I owned more machines on the HackTheBox platform. I have been a bit lost as to what the best way forward is for me at this stage, as I personally feel ready to start the OSCP and don't feel I can gain too much more from theory in … Continue reading OSCP Prep Episode 14 – HackTheBox and Reconnoitre →

OSCP Prep Episode 13 – HackTheBox and Back to Basics

Having done the Kioptrix series of vulnerable machines, I decided to head over to HackTheBox and attempt some of their beginner machines. I had heard good things about the HackTheBox platform in the past, and having now used it, I can't stress enough how amazing of a resource it is. After signing up, you are … Continue reading OSCP Prep Episode 13 – HackTheBox and Back to Basics →

The Hacker Playbook 2 – Book Review

Having done the four beginner Kioptrix boxes, I decided to go back into reading to see if I could expand on what I had learned so far. This lead me to reading The Hacker Playbook 2: Practical Guide to Penetration Testing by Peter Kim this week. This book is not intended for the pure beginner, and Kim … Continue reading The Hacker Playbook 2 – Book Review →

OSCP Prep: Episode 12 – Kioptrix 1-4 Vulnerable Machines

I gave some thought into how I wanted to approach these next few weeks after finishing the Hands on Introduction to Hacking book. My main toss up ended up being between attempting beginner boxes and gaining some practical experience or reading another book for more theoretical knowledge. Ultimately, I decided to just give some boxes … Continue reading OSCP Prep: Episode 12 – Kioptrix 1-4 Vulnerable Machines →

Penetration Testing: A Hands-on Introduction to Hacking – Book Review

When I first decided I would begin this journey of learning penetration testing, I did some research on where the best place to start would be. It wasn't long before I stumbled across a book titled Penetration Testing: A Hands-on Introduction to Hacking by Georgia Weidman. As someone who had next to no prior knowledge of penetration … Continue reading Penetration Testing: A Hands-on Introduction to Hacking – Book Review →

OSCP Prep – Episode 11: Client Side Attacks

Client side exploitation is penetration testing from a different perspective. The other attacks I have covered so far have all required direct access to a network to be successful, which has become increasingly difficult as network engineers and software developers strengthen their 'perimeter' defenses. As a result, client side attacks, where users unwittingly open the … Continue reading OSCP Prep – Episode 11: Client Side Attacks →