OSCP

Well, I have been away for a while because I decided to do the OSCP exam. It is more practical exam than the CEH because it consists of a one month long access to the lab and a 24 hour practical exam.

The first part is the lab where there were like 40 machines all said to be exploitable. I got a VPN access and could do whatever I wanted to. Of course there was a lab guide which was a kind of training material guiding the individual from the discovery, enumeration through the exploitation. This kind of training is very useful because it does not rely only on lexical knowledge rather than on practical effective hacking. You have to hack the computers and PWN them; no excuse. Nobody is concerned wether you know all the arguments of all tools available for a simple task or you write your own script the only thing that has to be done is hacking the machines until you get root or system privileges.

The lab is over, next week I'll pass the exam part hopefully. The only annoying but unfortunatelly very useful and required step is to create an audit report of the hacking and the lab exercises. Oh yes, there are like 15 lab exercises that has to be done. Now I have 360 pages in the report but not finished yet.

Completing the exercises and the free hacking part including the audit report have much more benefit than the inconvinience. And of course it worth 40 CPE points which is mire than enougth for one year...

 

To be continued...