So I’m a couple of weeks into my OSCP course and I thought I would share some of the things I’ve encountered. It’s been an interesting experience for me so far and I’ve learnt a lot, but I have a lot more to learn before I take the exam.
Here are some of the emotions I’ve experienced so far (not in any order).
1. “OMG this is freaking awesome, I’ve never had so much fun.”
2. “Why won’t you work damn it.”
3. “What do you mean access denied?”
4. “Why do you hate me so much.”
5. “Oh that was easy, maybe too easy??”
6. “Compile you stupid code, compile damn you!!!!”
This course is designed to push you well out of your comfort zone (well mine at least) but that’s what makes it fun, even when not working on the labs at home I spend hours running ideas and solutions through my head looking for different attack vectors that might get to access to the lab machines.
These are my top tips so far.
1. Never give up, just try harder.
2. Google is your best and only friend.
3. Don’t just rely on one tool, things like Metasploit are great but make sure you know more than one tool to get the job done.
4. There is usually more than one way to accomplish your goal (if in doubt see point 1).
5. Join the #offsec irc channel.
The last point might seem obvious but up until this course I’ve never used irc (don’t mock me) but now it’s the first thing I load up, it’s good to be able to ask questions and talk to other people (plus it’s nice to see when others might be struggling).
Overall I’m seriously enjoying the course, I’ve not done a lot of the exercises or watched many of the videos (yet), I tend to use them for reference and for re-enforcing either what I already know (or thought I knew) and what I find online. I’ve tried to keep my documentation flowing and I will probably start writing it up ahead of completing my lab time just so I don’t panic at the end.. 🙂