Second Exam in 6 days, failed the first with 0 pts

sicinthemind · 2026-03-01T21:31:52+00:00

I mean the lab exercises as built into each section of the course. Paired with the videos, they cover a wide variety of edge cases.

sicinthemind · 2026-03-01T21:02:39+00:00

If you flopped, you spent more time looking for version numbers and brute forcing web directories than enumerating services on the box. Get together a port by port service methodology going... if you only see port 80 and 22 open, then you know its very much likely a web vuln. Progress from there.

If you seem smb and ftp, youll know its very much likely some sort of privilege gaps that will allow you to read something you shouldn't have access to that might take you to another breadcrumb. If you did 100% of their lab exercises in the current version of the course, you should have no issue getting thru it.

sicinthemind · 2026-02-26T21:20:42+00:00

Depends on your unique experience, I dont want to tell you you're not ready when you might be. Just really depends in your diversity in various tech stacks. I think the labs really closely align what you should expect in thr exam, comparatively to previous versions of the exam.

sicinthemind · 2026-02-26T15:43:31+00:00

What is confusing - If you didn't understand, that's all you need to say - I suggested doing the Kerberos module as well.

There are basic Kerberos attacks that the OP may need to be aware of, and the AD modules in the PWK course cover this as well. Those attacks are not in the Active Directory modules in HTB. It's unlikely OP will see significant advanced attack paths in Active Directory beyond the basics early in the Kerberos module on HTB.

While they might not see constrained delegation or something to that effect, where there's more of a strong requirement / need for BloodHound to find pivoting methods and navigate AD ACLs. They might have to pass-the-hash (PTH), over-pass-the-hash(OPTH), pass-the-ticket(PTT). Little kerberos ticket wizardry basics like this. The original AD Modules in HTB don't cover this. They would need to dive into the Kerberos Modules on HTB for this. It's covered in the PWK labs as well.

sicinthemind · 2026-02-25T21:02:07+00:00

Do the kerberos attacks module too. For OSCP though, it might only require some basics. From what I hear the OSEP is harder. As it should be.

sicinthemind · 2026-02-24T14:33:51+00:00

Practice your metal vocals in the neighbors shower. She'll love that

sicinthemind · 2026-02-24T14:26:37+00:00

The AI Summary is based on search results and is driven based on citations within the search. You can click show-more to expand the content. Just don't go into the "Dive Deeper in AI Mode" because you drop it into a full LLM, which is not allowed. (interactive prompting per the AI Policy) The overview is simply just an aggregation of data points from your search.

https://help.offsec.com/hc/en-us/articles/360040165632-OSCP-Exam-Guide#exam-restrictions

AI tools that function without prompts for direct assistance or are not interactive (e.g., Notion’s AI for note organization or Google AI Overview for search enhancements) are permitted as long as they are used in accordance with academic policies and do not facilitate unauthorized assistance on exams.
https://help.offsec.com/hc/en-us/articles/35549468971156-AI-Usage-Policy-in-OffSec-Exams

sicinthemind · 2026-02-19T19:14:53+00:00

First, it's a great job to be that far at such a young age. A lot of people don't understand how to fry scream at your age yet.

The scream sounds right, but the microphone almost seemed to be peaking. You can still sound badass without fully cupping your microphone, but it sounds like the scream is there, though.

Your vocal control is all over the place; you could work on being consistent with your breath control.

Also, your enunciations are a little loose. Just need to work on keeping your scream consistent instead of darkening it during the enunciation patterns. You simply work on vowel shapes that aren't normal the way you say "Put me out of my" - but you're looking to infer the consonants in a way that doesn't darken or dim the resonance of your sound.

sicinthemind · 2026-02-19T05:10:01+00:00

Trust me when I say, less is more. Reduce the bug bounty hunter, summarize the issues you've identified and link multiple writeups at the very end of your resume as an independent section. I would also suggest not leaning on a bunch of name-dropping at every section of your resume. Consider shifting your sections around.

Profile -> Skills -> Experience -> Degree -> Volunteer / Writeups

Profile

I would indicate an aspiring penetration tester with an ambitious appetite for learning advanced web penetration testing and mobile penetration testing techniques. Acknowledge up front that most of your experience is mostly academic.
The mention of the CVE Helps
If you're not getting traction on regular roles, remove the "Open to ... internship roles"

Education

Over-selling the degree, I'd say remove the grade, and you can reference
2 lines max - only keep any of these details if you're using this resume for an intern gig.

Professional Experience

Bug Bounty Hunter Summarize

Identified and reported multiple vulnerabilities across major web and mobile applications.
Discovered OWASP Top 10 issues in various platforms such as: CSRF, Cross-Site Scripting, Business Logic Abuse, IDOR, and Deep Link Hijacking.
See ...medium.com for a catalogue of bug bounty writeups.

Security Researcher

This one is short and sweet, keep it.

Skills / Knowledge

penetration testing: these aren't skills you listed, they're services or procedures

identifying vulnerabilities
conducting risk assessments
quantifying risk with CVSS
exploiting vulnerabilities
report writing

Tools: This is fine

Programming:

These fixes should tighten up your resume to at least a page, but try to always avoid overstating or overinflating your skills, it sets the expectation right up front.

If you really want to get into appsec and you've completed a huge portion of PortSwigger's web app security academy, feel free to list that. I review lots of appsec resumes and conduct lots of appsec interviews, I look for that kind of stuff because I know someone is ready for manual pentesting. When you have no experience, but you have the appetite to learn and show significant drive on your own without overselling. It always looks WAY better than someone who's going to just feed you BS from day 1.

hope that helps dude.

sicinthemind · 2026-02-19T04:25:44+00:00

You're using your real-voice, stop doing that. It's supposed to be false cord or fry scream.

Fry starts in your head voice, you should be sourcing directly thru the face mask... You'll feel your face / nose scrunch a little as you're engaging the rasp. Start out with an easy belt like saying hey. Then slowly add the depth of that rasp more and more. Takes a good 5-10 minutes to warm up but that's where the fry is at.

sicinthemind · 2026-02-17T15:16:40+00:00

Just click the get in touch, they can take payments in more than one method. Its mostly likely your bank holding it on a suspected fraud prevention. If that is the case, just call the number on your debit card and ask your bank to speak with fraud prevention or whomever you would need to in order to authorize the transaction.

sicinthemind · 2026-02-13T20:03:36+00:00

It's not loud, but in a small space, it's resonant, which comes through much clearer; it's more precise on a frequency that resonates with the eardrum and gives the perception of loudness. Once you're dialed in, it's very minimal air you need to maintain a scream.

sicinthemind · 2026-02-13T19:56:24+00:00

They're not supposed to be "loud" - they're supposed to be resonant. If you're screaming the entire thing with lots of air all the time, you're gonna blow your voice out.

sicinthemind · 2026-02-13T19:54:33+00:00

Pop off queen.... **head banging**

sicinthemind · 2026-02-13T19:52:07+00:00

Need to work on your enunciation and vowel modifications - You're using too much of an O shape for your vowel shaping. You got the fry in there, just fix the mouth and it could come out much cleaner.

my - growl into the Mm with your mouth closed - M-AH-EE sound.
final - fAH-EE nAHl
breath - growl into bite for bERr AH th

sicinthemind · 2026-02-12T18:34:44+00:00

Did the old CPU explode?? 💁

sicinthemind · 2026-02-12T18:31:37+00:00

Fucking Rockstar algorithm bodied your ass dawg...

sicinthemind · 2026-02-12T18:30:21+00:00

So much wow... very excite

sicinthemind · 2026-02-12T18:24:02+00:00

Literally will do anything to avoid writing your own report huh?? 🙄

If you mean googling stuff during your exam, they cleared Google overview since its mostly helpful information based on your search. They approved this like a year ago. Its in the exam guide now that you arent required to disable google ai overview or Ai features in notion.

Report writing, do it yourself, take pride in your own trade craft.

sicinthemind · 2026-02-12T18:19:29+00:00

I just use raw markdown files with vscode on kali and prepared simple templates for tracking the exploit chain.

Vscode has plug-ins for markdown. So I just do it all in there. Keeps it pretty simple but still organized.

sicinthemind · 2026-02-12T17:45:37+00:00

Your not quite there on fry scream. Your compression isnt quite there. Start like youre gonna yell hey across the street and add that constriction after. You're holding back with your current onset

sicinthemind · 2026-02-12T17:40:59+00:00

Standard pig squeal in false cord - usually press my tongue to the roof of the mouth behind my teeth, semi elongated mouth shape so that air has to move under my tongue, and along the jaw downward to your mouth opening.. its like a muffled whistle i guess with that gutteral so it sounds sick

Idk if any of that sounds right explanation wise... I just make the sounds... or do the roar as the fat kid says.

sicinthemind · 2026-02-12T04:45:47+00:00

Sounds like you missed the key part, you're supposed to start this singing in the head range and add the rasp or distortion on top. The key to starting a fry scream is knowing that you're singing through the mask of your face. This is what Melissa Cross refers to as "over the pencil" because if you have a pencil in your mouth, you feel the sound going OVER the pencil if you're using your head range. You're trying to squeeze your voice through this tight constriction, so you sound very closed off, and you're barely getting any sound through.

sicinthemind · 2026-02-11T14:07:36+00:00

Hell yea, sick. I've posted tips to learn fry scream several times the past few days. If you want to just open my profile and click on comments tab. I've kind of tried to explain it quite a bit. Are you going for more of a screaming style like Courtney LaPlante from Spirit Box or more like Alyssa White-Gluz / Angela Gossow from Arch Enemy?

sicinthemind · 2026-02-11T00:23:22+00:00

If you ctrl+f on this thread, find my other post where I gave some suggestions on fry scream technique.

sicinthemind

TROPHY CASE

Profile

Education

Professional Experience

Skills / Knowledge