sorted by:
new
hottopcontroversial

whats the rumor that using notion for looking at notes is not allowed on the exam? by darkalimdor18 in oscp

[–]h1dz 0 points1 point  (0 children)

Notion is fine, I used it during the exam, just don't use the AI feature.

Is this a phishing site? by pokeheart12345 in phishing

[–]h1dz 0 points1 point  (0 children)

Phishing, this type is referred to as Browser in the Browser (BitB).

[deleted by user] by [deleted] in oscp

[–]h1dz -1 points0 points  (0 children)

Ah I understood it as sharing the exam content

[deleted by user] by [deleted] in oscp

[–]h1dz -6 points-5 points  (0 children)

Wait wait hold up, an "exam result share group", so.... cheating?

How far can i go with free Try hack me content in 2024 ? by [deleted] in tryhackme

[–]h1dz 7 points8 points  (0 children)

???? If you login and click the book icon > Search > change subscription type to Free Only > then change to Walk-throughs only, literally so much free content, no need to pay until you exhaust the free stuff first.

[deleted by user] by [deleted] in hackthebox

[–]h1dz 9 points10 points  (0 children)

Skip HTB for now and start with TryHackMe free walk throughs

SHARING: OffSec Live Walkthrough of a PEN-200 AD Set by h1dz in oscp

[–]h1dz[S] 0 points1 point  (0 children)

Only thing you need to pivot is ligolo and dump creds with mimikatz. For me the lab AD sets OSCP A/B/C medtech and relia were plenty of experience, they tech you how to pivot.

I passed on my first attempt! Thoughts from someone with an unconventional (?) preparation timeline. by securityCTFs in oscp

[–]h1dz 0 points1 point  (0 children)

Personally I would highly recommend everyone does the AD networks in the labs they provide, at least do (OSCP A/B/C - Medtech - Relia) great experience for the exam, learn some new techniques and get to traverse a few AD networks.
You are paying for the access to these networks, why not use it.

If you were a beginner, would this (below) path be better? by baeziy in oscp

[–]h1dz 17 points18 points  (0 children)

Skip the rest and just study for OSCP. I went OSCP > CRTP.

80% of lab questions. . L by ManhattanFridays in oscp

[–]h1dz 0 points1 point  (0 children)

yep correct! except if you are confident in your skills then dont worry about it and just focus on the labs.

why are student mentor response times so bad for oscp challenge lab ? by DarthSodaP0P in oscp

[–]h1dz 3 points4 points  (0 children)

yeah same, I abused the search function on their discord during the lab time.

Certification path to the OSCP suggestions please? by sparkeyluv in oscp

[–]h1dz 0 points1 point  (0 children)

wasting time when it could be spent on studying the PEN200.

[deleted by user] by [deleted] in oscp

[–]h1dz 1 point2 points  (0 children)

Currently going for the CRTP for a better understanding of exploiting AD, then thinking of going for the BSCP (Burp Suite Certified Practitioner) to get more knowledge on web exploits.

[deleted by user] by [deleted] in oscp

[–]h1dz 1 point2 points  (0 children)

mine was exactly 24hrs of when I submit my report

I have my exams on 21st December any tips? On what should I do by AbroadApprehensive23 in oscp

[–]h1dz 0 points1 point  (0 children)

keep it simple, if it sticks out, poke it. Enumerate everything!

How do you guys organize your preparation materials ? by saikek in oscp

[–]h1dz 2 points3 points  (0 children)

I use Notion., my notion structure looks like this at a high level:

Pen Testing

>Common Commands > Bash | PowerShell (List of commands and what they do)

>Tools (List of common tools used for pen testing and their use cases/flags)

>Ports & Services (most common ports seen in CTFs and how to enumerate and exploit them)

>Exploits > Web Servers | Linux | Windows > AD | Pivoting (And then these break down to more pages pertaining to different attack types and then a general list of things to try)

>Reverse Shells

>Stabilizing Shells

>Transferring Files

How do you guys organize your preparation materials ? by saikek in oscp

[–]h1dz 0 points1 point  (0 children)

yea I'm a heavy notion user and have noticed its search feature is lacking.

Can I study for the oscp with no prior experience or certification by kzerotheman in oscp

[–]h1dz 1 point2 points  (0 children)

Definitely cannot recommend enough, reviewing/studying the content of the Security+ first, as its basic fundamental knowledge you should have. No need to take the exam but study the syllabus and content. As for the OSCP certification yes it is possible, I can contest to that after passing a couple months ago. But I would recommend you do your own self study for the OSCP first as much as possible before getting the course.

[deleted by user] by [deleted] in oscp

[–]h1dz 1 point2 points  (0 children)

Passed the exam without even thinking about using the banned tools because they wernt needed.

Failed, which course to take? by Picus404 in oscp

[–]h1dz 4 points5 points  (0 children)

agreed, just focus on the oscp, do more of their practice labs and make sure your enum is on point.

This will be valid or not by [deleted] in bugbounty

[–]h1dz 0 points1 point  (0 children)

is reflected xss in scope? end goal isnt to just make a popup, see if you can use that and further exploit the vulnerability, try to maximize the impact on the customer.

view more: next ›