Since I was originally going to attempt the OSCP again last year (2018), I rebought the newest version of the course materials but did not look at them since I changed my mind. Therefore this week started off with testing my lab connectivity once I received my credentials, and beginning to plan my assault.
I have created a MySQL database that I am going to store various information within such as target IP addresses, credentials discovered, etc. so that I can easily query and form relationships among the data. My first attempt in 2015, I used an excel spreadsheet but I think although a simple solution, it made linking the data together quite tedious and not very efficient. I am still thinking about which note taking program I want to use in addition to the database. Many people have used KeepNote (outdated) or Cherry Tree, so I might try a few before I get deep into the material/lab.
Course Pages: 129 / 380
Lab Shells Popped: 0
So far this year I have been relatively busy with travel and getting back into lifting weights, but recently I have been thinking about which certification(s) I should pursue. The only certification I can think of that would not only have significant clout, but also be achieved in a reasonably short amount of time (<6 months)…is the OSCP. I say this because I already have several GIAC certifications (GSEC, GCIH, GWAPT), CISSP, CISA, C|EH, and a few others that combined carry a lot of weight in the industry.
Back in 2015, I originally made an attempt at the OSCP but due to work certification requirements and moving I did not dedicate the amount of time required and ended up not completing the certification. Fast forward to today, I have completed the GCIH and GWAPT and feel much more prepared to attempt the OSCP again. Outside of the GCIH and GWAPT certifications I have not done additional prep on hacking VMs but work daily with SIEM tools and other blue team tactics that I think will help.
I have purchased the 90 day package, and my goal is to root all the lab machines. I will create blog posts at least weekly as I work towards the OSCP certification.