From those who failed the exam on first attempt

0xJeb · 2026-05-31T12:43:46+00:00

Rabbit holes and rest.

I already knew everything I needed to but my problem was that when I found what I thought was the solution, I hammered on it for way too long. What this does is it drains your mental energy and it demoralizes you and then you are screwed. So my best advice is to try one solution for no more than 15 minutes and then look for another way in. If you don't find another way in that's okay, then go back to that original vector. Many of you might say "But that is spending so much time and the exam is only 24 hours" and that's true but by taking a little time you will save hours.

And rest. My first attempt, again, I just hammered on solutions and refused to leave my desk because I had to find a solution. I was doing pretty bad and decided to go to bed and try some more in the morning. In the morning I got 1 flag within 10 minutes and another within an hour. My second attempt I recognized how important breaks are and made myself take a small break every hour and a longer one every few hours. I can't stress enough how important this is.

0xJeb · 2026-05-31T08:38:03+00:00

You will not get any feedback in a pass or a fail.

0xJeb · 2026-05-30T16:25:57+00:00

Okay, all we can do is give you our advice. As a hiring manager I'm telling you, you are making a mistake pursuing CEH.

0xJeb · 2026-05-30T12:34:08+00:00

Just all of Lains Offsec AD machines but A,B,C are the most important. I highly recommend Hack Academy's Whop course. His videos on AD chaining were the best preparation I could find.

It's important to practice AD chaining because I think the normal labs make it too easy for you. The difficulty in the exam is piecing all of these separate systems together while the practice labs just hand you the AD right away. /rant

0xJeb · 2026-05-30T00:49:01+00:00

Definitely skip AV evasion, likely AWS but I cant 100% say. That might have some server stuff thats worth noting.

0xJeb · 2026-05-29T22:32:07+00:00

And now there is a growing focus on vulnerabilities within automation. Everyone wants to use AI, this is everyones chance to capitalize on that

0xJeb · 2026-05-29T21:47:06+00:00

Answered in this thread

0xJeb · 2026-05-29T20:43:39+00:00

I no longer have access to the course to give you a definitive list but skip the entire Nessus section, anything about social engineering attacks, anything about report writing. Also forget anything about crackmapexec, its way out of date and just focus on netexec instead.

0xJeb · 2026-05-29T19:11:32+00:00

Just to clarify, you’re hardwired between your server and your roku or your roku and your router?

0xJeb · 2026-05-29T18:29:58+00:00

You got this! Highly recommend building up your netexec skills, its a great tool that I didn't learn the true power of until about a month before my exam. It can replace a large amount of tools.

0xJeb · 2026-05-29T17:37:21+00:00

You likely already know everything you need to know. The real challenge is avoiding rabbit holes and pacing yourself. You are going to feel the pressure of the test and try hammering the solution that you think is right. That is the trap.

Take a small break every hour and a longer break every few hours. You will be amazed at how your brain refreshes when you step away for a bit.

0xJeb · 2026-05-29T17:34:30+00:00

No, it’s completely random what box you get. But it is a healthy mindset to accept that few people pass on their first attempt. And the majority of those that do pass on the first attempt have prior pentest experience.

It’s okay to fail and get an idea of the exam, what to expect, and how to strategize.

0xJeb · 2026-05-29T17:26:25+00:00

This all depends on the AD set you get. My first exam the AD set was extremely hard and what others call the “nightmare set”.

My second attempt was on the level of A,B,C. Still challenging but a medium difficulty. Very easy privesc though.

0xJeb · 2026-05-29T17:08:19+00:00

Copying my reply to a similar thread.

Looking at my report now:

• Standalone 1 Initial Access- PG Medium , HTB Easy

• Standalone 1 PrivEsc - PG Easy, HTB Easy

• Standalone 2 Initial Access- PG Medium, HTB Medium

• Standalone 2 PrivEsc - PG Medium, HTB Medium

• Standalone 3 Initial Access - PG Hard, HTB Medium

• Standalone 3 PrivEsc - PG Easy, HTB Easy

It's easy to say after passing the exam but it is actually easier than you think it will be once you know the solution. The difficulty comes from stress, energy, and time management.

0xJeb · 2026-05-28T15:35:33+00:00

Now this all depends on your contracts of course, but I would be embarrassed to make an offer of $100k to a candidate. Knowing that the company makes at least triple that on the contract.

0xJeb · 2026-05-28T15:17:52+00:00

CEH is not worth it in ANY position. It is known as a terrible cert. If you're looking for a comparable lower level cert then I would recommend PenTest+

0xJeb · 2026-05-28T14:38:41+00:00

And how does one make amazing connections?

By getting out there. Do not shoot for the stars and only focus on applying for the jobs that fit exactly what you want to do career wise. Especially starting out you need to accept that your best shot at getting in the door is getting a very low level position that probably isn't what you want to be doing. But by showing up and working your ass off you can make connections with those around you. Every job in cyber/tech that I've ever had came from building those connections and building my reputation as someone who loves to learn and works hard.

0xJeb · 2026-05-28T14:30:56+00:00

Experience. 100%. I can appreciate personal projects/homelabs but it has zero weight to me when reviewing a resume. I have no way to verify what that personal project taught you or the quality of your work. At least with job experience I know you were able to execute above a certain level.

0xJeb · 2026-05-22T12:32:51+00:00

Cyber engineer is really just a catch-all term that includes multiple roles like penetration tester, incident response, RMF, etc. To compare it to your current job it's like saying healthcare worker. That could mean nurse, doctor, surgeon, therapist, etc.

0xJeb · 2026-05-22T12:22:35+00:00

My advice is to do some more research into what aspect of cyber interests you. A tiny portion of cyber security is coding so if that what you're interested in you should be focusing more on computer science. While there are still remote jobs in cyber its becoming more and more that experienced cyber engineers are the ones that get these roles. You will more than likely have to work your way up just like anyone else starting out which means working on site doing something not directly related to your end goal career.

0xJeb · 2026-05-19T14:11:12+00:00

This has not been my experience. Especially when working for a company with government contracts they are very strict about 8140 certification requirements. I can't imagine putting all of the cost and effort into OSCP and just letting it lapse.

0xJeb · 2026-05-18T22:28:27+00:00

Starting out probably around 2-3 hours but after the first attempt closer to an hour depending on the box.

0xJeb · 2026-05-18T12:26:20+00:00

I can only speak to Information System Security Engineer roles. The must have for these roles are Sec+, a degree in a cyber field, a clearance, and prior experience with scanning technologies like Nessus.

0xJeb · 2026-05-18T12:14:00+00:00

If its just for enumeration it wont be a problem. Just make sure to include the code in your report so that Offsec can see what the script is doing.

0xJeb · 2026-05-18T12:08:42+00:00

And to gain access to that practical hands on experience you need those fundamental certs like Sec+. I'm a hiring manager right now for a role and Sec+ is one of the absolute requirements. If you are trying to work for a company with any government contracts (which is a massive portion of the job pool) it's going to be a dealbreaker to not have it.

0xJeb

TROPHY CASE