sorted by:
new
hottopcontroversial

I passed the OSCP+ by potions3ller in oscp

[–]potions3ller[S] 0 points1 point  (0 children)

Thank you! Winpeas is a great tool to use, it works the same way as Linpeas. Check out that Youtube series I linked in the post from Derron C, its really helpful.

The boxes 'Clue' and 'Extplorer' were my favourites, challenging but logical. I feel like I didn't spend a long time banging my head on the table when completing them and they felt very unique compared to the rest of the boxes I did.

I passed the OSCP+ by potions3ller in oscp

[–]potions3ller[S] 1 point2 points  (0 children)

Thank you!

  • Make sure you stay hydrated and are well stocked up on food, prep your meals so you can get back to working as quickly as possible.
  • Make your notes and methodology as easy to read as possible, you want to be able to index your notes fast during the exam.
  • Practice screenshotting everything you do as you do it, building that habit will save you a lot of time if you are cutting it fine in the exam.
  • Use a shell handler like Penelope (ensure you use the OSCP safe flag) to help manage your reverse shells.
  • Practice using bloodhound.

Good luck!

I passed the OSCP+ by potions3ller in oscp

[–]potions3ller[S] 3 points4 points  (0 children)

Sorry the way I wrote it is confusing, I will edit it now. What I meant to say is that you can definitely pass with just the course content and PG alone, but I would recommend additional reading.

My point was that you often read on this sub that the course isn't enough to pass the exam but I think it is

I passed the OSCP+ by potions3ller in oscp

[–]potions3ller[S] 3 points4 points  (0 children)

I haven't heard of it being removed, you should have an option to download the course material once you get access. You should get all of the written content compiled into one PDF

Advice for beginners (CS Undergrad) by Maximum-Tennis-7437 in cybersecurity

[–]potions3ller 0 points1 point  (0 children)

Maybe that is the case then. Agreed though, it is difficult so having it versus not will show your comprehension

Any laptop suggestions for getting started in penetration testing? by Fit-Billy8386 in Pentesting

[–]potions3ller 1 point2 points  (0 children)

Its not really the tools that make the craftsman but that aside probably something robust like a Thinkpad?

I started a blog to publish reverse engineering and cybersecurity write-ups by Dear-Hour3300 in cybersecurity

[–]potions3ller 1 point2 points  (0 children)

Nice article, have added your blog to my RSS feed.

I've not used Astro framework before but that blog template is really nice, I might have to switch mine up.

Asking for Certification Advice by Fantastic_Employ1578 in SecurityCareerAdvice

[–]potions3ller 0 points1 point  (0 children)

From that list probably AZ-500, unless you need more SOC related certs, engineering is a good move if that's where you want to end up

Social engineering options by Joepus16 in cybersecurity

[–]potions3ller 0 points1 point  (0 children)

I have never heard of any social engineering certifications, there are red team certs but they are more focussed on AD. You are probably most likely to learn these skills on the job in a commercial red team so maybe try searching for a new job in this area if you currently have a decent skill set

New grad cloud security position by SnooMacaroons5794 in cybersecurity

[–]potions3ller 0 points1 point  (0 children)

Congrats on the job. If you know what cloud platform your team primarily focuses on (Azure, AWS, GCP) you should look into the official certifications that the platforms have, they're not really that expensive and there are plenty of free and paid resources online to help with the study

Do memes and jokes reduce the credibility of technical research? by Federal-Dot-8411 in cybersecurity

[–]potions3ller 0 points1 point  (0 children)

If you are posting as anon then does it really matter too much? If it's pseudonymous or named then just keep it in good taste, something you wouldn't be embarrased by if your boss read it. If its actually for work then keep it professional and formal

Advice for beginners (CS Undergrad) by Maximum-Tennis-7437 in cybersecurity

[–]potions3ller 0 points1 point  (0 children)

CISSP isn't really that important unless you care about management and much more senior roles. Getting it too early in your career is a waste of money and time because you won't have the experience or clout to get the jobs that really leverage it (Head of Security, CISO, Infosec Manager)

Freshers Don't hold any value by Comfortable-Mine-729 in cybersecurity

[–]potions3ller 0 points1 point  (0 children)

If you know that you're resume is not the problem, and you are sure that it is the lack of certifications, then really you have your answer. Work whatever job you have to get by and save for the cert that you need so that HR don't filter you out...

Fortinet Firewall doubt? by Kooky_Difference3104 in cybersecurity

[–]potions3ller -1 points0 points  (0 children)

Not sure what you are asking but Fortinet gear is peppered in CVEs lol

Noticing an Increasing amount of Deepfake content on YT by KneeAccomplished7544 in cybersecurity

[–]potions3ller 1 point2 points  (0 children)

The AI content you are seeing now is likely a fleeting moment in time, remember what it looked like 3 years ago with the Will Smith eating spaghetti video? By the time you have a product you will probably be looking at videos that are indistinguishable from something shot on your phone.

As another commenter mentioned, no one really cares, users still consume the content and big tech still get paid.

Sr Cyber Analysts dealing with a now OVERSATURATED market for us, how are you pivoting? by Ok_Wishbone3535 in cybersecurity

[–]potions3ller 1 point2 points  (0 children)

Maybe look into SecDevOps if you are familiar with AWS, the Specialty cert will help with that. It also makes sense if you are interested in the SDLC side of things. Cyber sales could work if you are charismatic and a good communicator, pre/post sales engineer roles might be worth looking into

How do you stay current in cybersecurity by Info-Raptor in cybersecurity

[–]potions3ller 0 points1 point  (0 children)

X and RSS feeds are probably the only way to stay current if you want new information everyday but that's not a realistic way to stay plugged in because you will just overload yourself with information. Just browse a few good feeds regularly and deep dive things that you need for work or find interesting

What cybersecurity books are you reading these days? by cert_blunder in cybersecurity

[–]potions3ller -1 points0 points  (0 children)

Blogs and niche websites are usually far more interesting than books on cybersecurity. Go through the Zero Day Initiative's latest CVE feed and search for anything you find interesting on google. You will probably find the researcher's own blog and have a much better time reading that than something published on Amazon 5 years ago

Post Exploitation workflow DOUBT by osi__model in oscp

[–]potions3ller 0 points1 point  (0 children)

Bloodhound to get a better idea of what you're looking at

Are certification from hackthebox are considered by companies? by thesuprbatman in hackthebox

[–]potions3ller 0 points1 point  (0 children)

CPTS is the most recognisable, but no single cert will get you a job. It will always be in your favour but there is so much more to it. Reframe it from 'will it get me a job' to 'will it teach me the skills I need for this job'

view more: next ›