This blog went dead about the time that I started training for OSCP two years ago, in November 2016. After getting my CISSP in 2015, this was the next step in personal and professional goals in the form of a certification. My employer footed the bill for 90 days lab time. Following through with that I sat my first exam attempt in February of 2017. I did not pass. In what became a pattern I would get one privilege escalation away from passing multiple times. After my last attempt in the fall of 2017 I decided to put any further attempts on hold. I’m not sure when or if I’ll pick it up again.
I did not walk away empty handed. Training for the OSCP has taught me that nothing is unattainable regarding software. I learned the sequence of enumerate, analyze, exploit, report on a level where it’s as familiar to me as my name. I apply it to interactions that have nothing to do with software, or pentesting, or computers.
Enumerating in the OSCP labs is turning over every rock, googling every string, every version number, and learning how to combine your results. Everything is vulnerable. Either by its defaults, its configuration, its construction, or sometimes just the admin’s laziness. Exploits too, take different forms in ways I could not have predicted. Sometimes it’s editing or writing a script to send raw string data to a network source, abusing defaults, exploiting poor authorization, or just getting lucky and finding a data dump.
Exploits built this way, analyzing piece of information, and every possible combination teaches one thing, over and over and over. Nothing is perfect, nothing is insurmountable. With these lessons in hand it further illustrates what every security practitioner knows. Security is a HARD JOB. It takes vigilance in planning, choosing a tech stack, deploying, configuring, and maintaining. The lessons I learned with the OSCP are used every day, in meetings with product owners, developers, educators, customers, prospects, pentesters, sysadmins.
If you’re curious about penetration testing, or learning security by exploit, I encourage you to make the time. OSCP is not the only answer. I have and will continue to post walkthroughs of VMs from VulnHub, and recently started working on Hack the Box.