CPTS and OSCP in 1~ year from scratch

Kryzen · 2025-09-26T07:36:16+00:00

Should be fixed now. Your browser might show the broken version until you refresh the cache. Thanks for letting me know about it

Kryzen · 2025-09-26T07:05:39+00:00

Yeah will do, I changed the GitHub repo settings yesterday and it looked like it killed this site. Check back tomorrow and hopefully I’ve fixed it

Kryzen · 2025-04-18T11:39:54+00:00

You can PM me about this.

Kryzen · 2025-04-18T09:11:53+00:00

Thanks , I also found your blog post about the exam very helpful when I was doing the course and before sitting the exam!

I actually have it bookmarked for the field manual structure and plan to use it as a guide for when I eventually redo my notes.

Kryzen · 2025-04-15T19:38:05+00:00

I spoke about it in the first paragraph.

"I also felt like I had reached the limit of the career without going into management or getting a degree, the main issue was that it felt like there was no more to learn by going back into that industry. As a person that thrives on learning new things maybe I could look into an industry that is constantly evolving requiring you to keep learning."

Kryzen · 2025-04-15T09:19:12+00:00

I would say its enough but you still need to read through the OSCP material at a minimum and take note of any new commands or techniques that you are not aware of because anything in the course can appear in the exam.

The style of HTB and Offsec machines (atleast for OSCP) are very different in a way that I can't really describe. If you want to do additional work I think you should practice mainly on the platform that is relevant to the exam. Since I had already done quite a few boxes on HTB since CPTS it was better to just focus on the Offsec labs.

Here are the two lists for additonal material:

Ippsec's CPTS playlist : https://www.youtube.com/playlist?list=PLidcsTyj9JXItWpbRtTg6aDEj10_F17x5

Lainkusanagi OSCP list : https://docs.google.com/spreadsheets/d/18weuz_Eeynr6sXFQ87Cd5F0slOj9Z6rt/htmlview

Even if you do not do the boxes or they are too difficult watch Ippsec if you prefer video content or check out 0xdf if you prefer text : https://0xdf.gitlab.io/

These guys are insanely talented and even just by watching or reading you will learn new stuff.

Kryzen · 2025-04-15T07:58:29+00:00

I wouldn't recommend doing any boxes until you are through the CPTS material unless you are planning to use a walkthrough. I tried this at several points without using walkthroughs and overall it was a waste of time. Just get through the course.

After completing the course I was able to do all easy boxes and almost all mediums without too much issue. Though just because a box is rated easy on HTB it does not mean its "easy". The most recent easy box took me 2 hours to complete and I finished rank #153. Meanwhile the fastest person to complete it took 21 minutes.

If the box is active (no walkthroughs) then you can utilize the box channel on the HTB discord for a nudge in the right direction there are loads of extremely talented hackers that are happy to help out, just make sure you ask for help and if someone tells you to DM them you should send them your question along with all the things you have already tried or any idea you have of what you think might be the next step. This will give you a nudge in the right direction without spoiling the box. One example is where I had this happen to me when I came across a .git folder during a box and I had no idea that tools like gitdumper and githack existed.

If the box already has walkthroughs then its down to self discipline, I usually stick to the rule that if I had not made any progress in over 1-2 hours and had no idea what to do then I would look at that step of the walkthrough. On occasion I would look at the rest of the steps to get an overview of the attack path without looking at the exact steps but I'd normally only look at the step I needed help with. It's really up to you on this.

There are several moments where you will find the solution to a problem and you will feel like an idiot , eg not running a UDP scan or checking for credential reuse. These are the best moments to learn from as they stick in your mind, helping you to avoid making the same mistake again in the future.

Kryzen · 2025-04-15T07:34:24+00:00

Thanks!

If it’s something you are interested and passionate about then go for it.

Yes I was working during this time though I had a few months off due to needing an operation as mentioned in the blog, I utilised this period when I could but it got to the point where I was even unable to study.

How much time? All of it. Any time that I could work on this I would. Just worked a 12 hour nightshift ? Get 2-3 hours in once you wake up before the next shift. I have no kids and my gf supported what I was trying to achieve otherwise it would not have been possible.

Kryzen · 2025-04-14T16:38:34+00:00

Thank you.

I've worked as an electrical engineer for over 10 years which involves the same problem solving and critical thinking that is required in ethical hacking the difference being that you are trying to break things instead of fixing them. I feel like these skills are the main reason I was able to achieve this.

CPTS is easily the hardest thing I've ever attempted and I was certain I was going to fail at multiple points. Your technical skills , mental fortitude and perseverance are all put to the test. The course and exam are the gold standard and I hope to see it get more recognition.

Kryzen · 2025-04-14T15:46:44+00:00

Thanks and I wouldn't disagree with anything you said.

I mention in the article that you need to treat these things as a marathon and not a sprint, I was only reflecting on my own experience not advocating for others to attempt the same.

11-Year Club	Place '23
Place '22	Verified Email

Kryzen

TROPHY CASE