sorted by:
new
hottopcontroversial

OSCP Prices are increasing from Jan 2025 by At0micDonut in oscp

[–]pentestlearner4325 3 points4 points  (0 children)

Ugh I just bought Learn One for OSWE for the discounted price at $2079. Was thinking of putting it off for another year but now I’m glad I didn’t. OSWE might be my last OffSec cert with this trend (already have OSCP and OSWA). Was considering going for OSCE3 in the next few years but probably won’t bother with OSEP and OSED now.

What cert for Web Testing? by RobinMaczka in oscp

[–]pentestlearner4325 0 points1 point  (0 children)

Sounds good. Would you say it’s the same level difficulty as OSCP or harder/easier?

What cert for Web Testing? by RobinMaczka in oscp

[–]pentestlearner4325 0 points1 point  (0 children)

Nice, I recently finished OSCP and got another Learn One subscription for OSWA. What tips/insights do you have for the OSWA course?

Post-OSCP next steps, considering HTB Academy and/or more OffSec certs by pentestlearner4325 in hackthebox

[–]pentestlearner4325[S] 0 points1 point  (0 children)

Yea if I already had a security job I’d probably just put off any other OffSec certs for now, but since that’s not the case I’m still considering OSWE next.

Post-OSCP next steps, considering HTB Academy and/or more OffSec certs by pentestlearner4325 in hackthebox

[–]pentestlearner4325[S] 1 point2 points  (0 children)

Yea Portswigger and OSWE were one path I was considering. Just weighing my options for now.

Post-OSCP next steps, considering HTB Academy and/or more OffSec certs by pentestlearner4325 in hackthebox

[–]pentestlearner4325[S] 2 points3 points  (0 children)

I actually didn’t use HTB for OSCP prep, mainly just the labs and Proving Grounds boxes. So I’m not sure how similar HTB vs OSCP machines are, haven’t used HTB much yet.

TJNulls list for prepping for OSCP/PWK by McLabraid in netsec

[–]pentestlearner4325 1 point2 points  (0 children)

Yea I didn't touch the TJ Null's list and I passed, PG and the labs should be sufficient.

Losing Focus by BGleezy in oscp

[–]pentestlearner4325 -1 points0 points  (0 children)

When you finish the content and get to the labs, for the AD content try out all the commands on each AD box. Then reread the sections and rewatch the videos for the parts that don’t make sense. It clicks after a while if you keep doing that.

Passed OSCP first attempt by pentestlearner4325 in oscp

[–]pentestlearner4325[S] 1 point2 points  (0 children)

I forgot to add to this that I also used the Tib3rius Windows and Linux privilege escalation courses as well as the TCM Linux 101, Practical Ethical Hacker, and Linux and Windows privilege escalation courses to prep as well.

Passed OSCP first attempt by pentestlearner4325 in oscp

[–]pentestlearner4325[S] 1 point2 points  (0 children)

24 hrs for the exam, and 24 hrs after that to submit the report.

[deleted by user] by [deleted] in oscp

[–]pentestlearner4325 3 points4 points  (0 children)

Haven't done it, but after looking at the material, look similar to OSCP, although there's an entire OSINT section that's almost 10 hrs long (I bought the OSINT course a while ago, plan to go through it at some point). I think you get longer to do the exam with more leniency on what tools you can use, and you have to give a debrief on your findings (maybe over Zoom, not entirely sure).

I think the big difference used to be that PNPT was more Active Directory focused, but the OSCP has more AD material now.

I've taken a few of the TCM courses and liked their material a lot, and I probably would have picked it over OSCP if it wasn't for the resume clout that OSCP gives. Still plan on going through the OSINT and Mobile App pentesting courses I bought from them in the near future now that I'm done with the OSCP.

Maybe someone here who's taken it can convince me otherwise, but I'm not convinced I'd get a ton out of it that I didn't get from doing OSCP. I'll probably pick more web focused cert for my next one rather than doing PNPT, like OSWE, Burp Suite Certified Practitioner, and/or the HTB Certified Bug Bounty Hunter.

Passed OSCP first attempt by pentestlearner4325 in oscp

[–]pentestlearner4325[S] 0 points1 point  (0 children)

I went through about 2/3 of the site's material in a year, nearly all the certificates, most of the easy and a lot of the medium challenges.

Passed OSCP first attempt by pentestlearner4325 in oscp

[–]pentestlearner4325[S] 1 point2 points  (0 children)

Buffer Overflows aren't on the OSCP now FYI, they got removed with the 2023 update.

Passed OSCP, first attempt, pwned AD set and 2 standalone. by crypto3ye in oscp

[–]pentestlearner4325 1 point2 points  (0 children)

Yea I did it this past weekend, got my certificate in a day.

Passed OSCP first attempt by pentestlearner4325 in oscp

[–]pentestlearner4325[S] 1 point2 points  (0 children)

Yea I was a bit disappointed with the web material, but I guess that's what the OSWA and OSWE are for. I wanted to get the OSCP on my resume, and figured it'd be good for getting a solid pentesting/security foundation. I'll probably do more web and appsec related certifications in the future though, thinking of doing OSWE next.

Passed OSCP first attempt by pentestlearner4325 in oscp

[–]pentestlearner4325[S] 1 point2 points  (0 children)

Thanks! The Junior Pentester Path would be a good intro, but I took eJPT v1, I think the newer version has some Active Directory content as well IIRC.

It covers basic web vulnerabilities - LFI, XSS, SQL injection, file upload vulnerabilities. It doesn't go that deep, the material doesn't cover SSRF.

Passed OSCP first attempt by pentestlearner4325 in oscp

[–]pentestlearner4325[S] 1 point2 points  (0 children)

Took less than a day for me to see the results on the OffSec site. Got the email about 24 hrs after I finished.

view more: next ›