Well, now that it is all said and done, I figured it was an appropriate time to post my review of the Penetration Testing with Kali Linux (PWK) course and the subsequent Offensive Security Certified Professional (OSCP) Exam/Certification.
All in all, I was a big fan of the course material. There were a few chapters that were largely refreshers, but there were others that were almost completely new to me (a lot of the file transfer methods were really neat). I could see myself referencing the PDF in the future in addition to my other resources (Google), so that’s definitely a plus.
At first, it annoyed me that the videos followed the PDF so closely, but a few chapters in I realized this would be beneficial. A lot of the later chapters I would either read quickly or only skim, but then the video going over the same information definitely helped to solidify the knowledge a bit more.
Plus, as anyone else who has taken the course can verify, Muts’ voice will forever haunt my dreams/nightmares.
I really enjoyed the lab environment, and yearn to set up something similar for myself soon. There were plenty of machines, networks, attack vectors, and difficulties which kept it always interesting. Additionally, there were plenty of machines that looked obvious, but required some slight tweaks to get everything working (or even vice-versa).
Though the exploits ranged in difficulty from click and own to custom development, there were enough targets that they touched on a lot of concepts, software, and OSes which was great.
I ended up 6 machines short of a full network compromise in the end, but I’m glad I took a step back to let my mind clear before the exam, and I’d recommend this to anyone else considering a time for scheduling.
The exam was very similar to the lab environment, and it was great. While the challenge of rotting 5 machines in under 24 hours was overwhelming at first, it was just a matter of breaking it all down and staying focused. Additionally, the machines in my version of the exam were hard enough, but still satisfying. Almost every one of the machines made me really think about the problem from a slightly different angle, but popping a new box kept me exhilarated and pressing forward every time.
The biggest pieces of advice I can share are to keep good notes/screenshots as this will make the report MUCH easier to write as well as properly enumerate everything (even if it doesn’t seem useful yet). Other than that, you can script some of your processes (enumeration, escalation, exfiltration, etc.) to save time if you’d like, but it isn’t something that is completely necessary (I scripted some things, but some things I still prefer to do manually and non-linearly).
IRC was an invaluable tool, as were other students/administrators. There can definitely be a love/hate relationship when you message an admin, as they aren’t really able to give away too much. Eventually you get used to this though, and they can even just be helpful as a place to describe your issue out loud (Rubber Duck Debugging). Additionally, having other students in IRC (even just as motivation/unrelated idea sounding boards) helps to keep things in perspective and motivational.
Overall + Final Thoughts
Overall, I truly enjoyed this course, and would recommend it to anyone with an interest or background in a more offensive security background. Fair warning though, this class will have an occasional roller-coaster of emotion (YES, I’m the best! This is awful, if I paid for this class why won’t the admins help me?! Oh wait, I can learn this on my own and do it myself! THIS IS AWFUL AND I HATE COMPUTERS. *Phew* I passed.). Additionally, it is not for the faint of heart, and Try Harder! isn’t just some sort of joke or catchphrase; you will have to really believe and live by it during the course.
Additionally, it helps a lot to have someone cheering you on or at the very least supporting you. I would get constant messages of praise and support from my girlfriend while spending late, late nights in the lab environment, as well as some messages during the exam encouraging me. If you live with someone (significant other, roommate, animal companion), then let them know what you will be doing for sure. This not only lets them help you/not interrupt you, but that support stream can help during a few of the tougher times.
While I’m still not sure if OSCE is my next step (still something I will do at one point), I do know that I have obtained a lot more than a piece of paper from this certification.
Ray Doyle is an avid pentester/security enthusiast/beer connoisseur who has worked in IT for almost 16 years now. From building machines and the software on them, to breaking into them and tearing it all down; he’s done it all. To show for it, he has obtained an OSCE, OSCP, eCPPT, GXPN, eWPT, eWPTX, SLAE, eMAPT, Security+, ICAgile CP, ITIL v3 Foundation, and even a sabermetrics certification!
He currently serves as a Senior Staff Adversarial Engineer for Avalara, and his previous position was a Principal Penetration Testing Consultant for Secureworks.
This page contains links to products that I may receive compensation from at no additional cost to you. View my Affiliate Disclosure page here.