OSCP: 80% Done with the PWK Course

I’m currently 80% done with the “Penetration Testing with Kali Linux (PWK)” course that comes as part of the OSCP certification.

Here are my thoughts so far:

• While I already knew everything that I’ve covered so far, the reporting process has made me gain a deeper understanding of the techniques I use – which is a great plus.
• Automation is awesome – I already knew this, but I have written scripts to take care of many enumeration tasks and attacks that are necessary yet repetitive.
• I have become more proficient at file transfers that don’t get tripped by Anti Viruses and firewalls.
• I have become more proficient at web application attack techniques and processes – such as leveraging local file inclusion vulnerabilities, code execution, uploading files and getting a shell.
• I have written some very handy privilege escalation shell-related scripts thanks to being encouraged to look for more ways to exploit the systems.
• I have been able to exercise my Powershell skills in order to compromise systems – which are a set of very handy skills to have.

I will very likely start attacking the lab machines next week, and I’m extremely excited about it.

 

Side-Notes:

• I have uploaded some of my “everyday” Python scripts to my Github account. Check them out. The recent additions include: key loggers, screen grabbers, format conversion scripts, and more.
• I encourage everyone to follow me on Twitter. I constantly post interest research papers and PoCs which you might be interested in.

 

Until next time.