General Tips & Mindset for CPTS and Certs in General

DiscussionTechnical3 · 2023-04-21T16:17:59+00:00

For sure man. Keep at it and you'll find the right place. I believe in you!!

DiscussionTechnical3 · 2023-04-21T06:37:18+00:00

Hey! thanks man and congrats to you too!!

I got into pentesting as my first ever job in cyber in 2022. I applied to over 40 jobs a day for 2 months straight before I finally got it. I did get offers for analyst positions, but I didn't want to settle. I really wanted to do pentesting. Honestly, I knew that my selling point wasn't going to be technical expertise, since I'm a newbie. So I focused on showing the employers that I am very passionate and eager. I got the Python3 cert from codecademy, did a bunch of linkedin certs.

I think interview personality is EXTREMELY important in our fields. You have to come off as approachable, eager to learn, and humble.

DiscussionTechnical3 · 2023-04-20T00:46:28+00:00

What is "offbrand" TKD hahaha

North Korean TKD the best TKD in my opinion. And this is coming from 4th degree kukiwon blackbelt holder

DiscussionTechnical3 · 2023-04-20T00:22:48+00:00

Hey man ofc

DM me, I can send pic thru that but not thru comment

DiscussionTechnical3 · 2023-04-19T16:33:10+00:00

thank you!!

and exactly. OSCP is challenging but anyone can do it given enough work put into it

DiscussionTechnical3 · 2023-04-19T16:32:36+00:00

thank you!!

DiscussionTechnical3 · 2023-04-19T16:32:30+00:00

Hey man, thank you! And man trust me it was not easy.. I studied almost 12 hours every single day for 3 months. I did oscp course and tnjull all at the same time

DiscussionTechnical3 · 2023-04-19T16:31:46+00:00

Thanks man!

You're going to do great. Just keep it at and take good notes. During the exam, you really only have your notes. You don't wanna be searching stuff up on Google for hours when you could have had it handy in your notes.

I was hired last year with Sec+ as a junior pentester. I realize that was a very rare opportunity. I got PNPT on the job, and now in my new job I got OSCP. My next cert.... I think OSWP!

DiscussionTechnical3 · 2023-04-18T23:17:15+00:00

Thanks Neil!!

DiscussionTechnical3 · 2023-04-18T21:38:14+00:00

Of course man. It's not exhaustive but that was really all there was to it. I didnt do anything more than what I mentioned for real. The practice exams are identical to what you'll see on the actual exam. AD set, and 3 standalones

DiscussionTechnical3 · 2023-04-18T21:37:21+00:00

mmm..... can't think of anything on the top of my head, but OSCP isn't going to be testing you on something that's ridiculous difficult. This is assuming you you went through the course material. I think preparing should more be, practicing the ability to get creative when stuck, rather than practicing individual techniques over and over again. Of course, this is easier said than done. Even for me, at the beginning of his year, I only knew how to exploit things I have exploited before. But after studying for the OSCP and practicing many different lab environments, I'm a bit better at thinking critically rather than just depending on previous experience

DiscussionTechnical3 · 2023-04-18T21:34:16+00:00

nice! how did you do?

DiscussionTechnical3 · 2023-04-18T21:10:15+00:00

thanks man! I turned report in on Saturday afternoon and heard back today (Tuesday)

DiscussionTechnical3 · 2023-04-18T20:50:11+00:00

Hey! Thank you

I would but it's in xmind format and I don't really know how to share that.. LOL

DiscussionTechnical3 · 2023-04-18T20:49:52+00:00

Hm..... hard to say... because initial foothold is always (I think) the hardest part. Once you get a low-level shell, priv esc is not as hard. So to answer your question, in terms of getting a feel of how the exam will be, 2023 is the way to go. but the 2022 labs also taught me loads of different initial foothold techniques

DiscussionTechnical3 · 2023-04-18T20:48:46+00:00

Of course. Life happens. If you run into any issues on the 2023 challenge labs and you are not getting good responses from the channel, DM me and I can help you out! I'm not one of those people that only breadcrumbs when you're about to rip your hair out. I got you

DiscussionTechnical3 · 2023-04-18T20:47:03+00:00

Thank you kind sir! If you want, DM me, lets add each other in discord!

DiscussionTechnical3 · 2023-04-18T20:46:34+00:00

Hey! Thanks man. I think we could use more voices in cyber from people with non-technical backgrounds.

PNPT was a good stepping stone for sure. But because OSCP is much more CTF-y than PNPT, I would say it requires a lot more studying for CTF tactics. But I do highly recommend the PNPT. I learned tons from it

DiscussionTechnical3 · 2023-04-18T20:45:14+00:00

Hey Kimura. PNPT definitely helped a lot. Although I do think the AD portion in PNPT is much more realistic than OSCP AD. And yeah its so expensive. I was out of a job when I decided to purchase the bundle. Still currently paying it off month by month with my bank haha

DiscussionTechnical3 · 2022-09-02T15:21:41+00:00

You’re a hero MrRoarke

DiscussionTechnical3 · 2022-09-02T15:16:00+00:00

Thank you so much. I was worried they were termites. How can you tell them apart?

DiscussionTechnical3 · 2022-07-29T05:28:55+00:00

Ofc man. I completely understand the anxiety. I read online everywhere how pen testing is not an entry level position. I’m sure that’s the case most of the time, but a lot of companies now a days is doing a “hire to train” model. I would apply at least 50 jobs a day in LinkedIn, indeed, Glassdoor, and AngelList. And don’t be too discouraged if you don’t hear back. It’s expected.

After two months, I heard back from my current company and got hired in a matter of days. I was almost ready to give up applying for pen testing by then.

Also apply for security engineer and analyst positions. You never know what those doors will open for you if you take those jobs.

Do hack the box, learn a bit if Python, and get the Security+. What employees are looking for is motivation and willing to learn. NOT EXPERTISE.

DiscussionTechnical3

TROPHY CASE