..

Mid OSCP Update #2

Hello people, here I am again with another PWK Update post. I’ve succesfully completed all public network PWK Boxes which do not have a dependency.

Backstory

But before I review them, here is a little backstory:

I have 90 days of labtimes, i've 30 days left. Am working at a SOC Parttime, 
while studying digital forensics as past of my BSc. 
I have done some hackthebox and pentesting assignments prior to enrolling for OSCP, 
and tbh like the field very much so far.

The first two weeks of my labtime went to the course material (PDF and video). 
After that I spent a week or two on making an enumeration tool: https://github.com/yassirlaaouissi/EZEA
Started of with the PWK Learning path (https://yassirlaaouissi.github.io/mid-oscp-update.html) 
and went on to work through the public network from there.

Subnets

The PWK lab knows some subnets which can be obtained while doing the public network. Even though I like the idea of training for pivoting, I don’t see any direct value for the exam. I know it might sound stupid, but I am not gonna waste any time right now on learning the specific methods for the subnets. The subnets are very useful for the real world type of scenario’s. Though I have roughly 40 days left until my exam, and I would rather spend that time on something else.

Whats next

Well, as I’ve said, around 40 days left. I still have to do Buffer Overflows, ofcourse i’ve read the coursematerial. But lets face it, the book is kinda wack and the video’s are an audiovisual version of the book. Therefore I asked some people for recommendations, THM Buffer Overflow was recommended (https://tryhackme.com/room/bufferoverflowprep). But ofcourse, more resources are welcome. Furthermore i’ll do some “practice exams”. Which basicly means that I am going to do some machines that look like the OSCP Exam. Maybe i’ll do some work on my tool. i’ll see how it goes. To be continued……..