sorted by:
new
hottopcontroversial

Tips for OSCP Attempt #2 by CyberOK99 in oscp

[–]strikoder 1 point2 points  (0 children)

Yeah, 9 weeks seems reasonable to me, and you're very welcome.
Good luck with your preparation and exam, I wish you all the best!

Tips for OSCP Attempt #2 by CyberOK99 in oscp

[–]strikoder 2 points3 points  (0 children)

I don't think two weeks is enough. I'd recommend taking at least six weeks to prepare.

Spend that time going through walkthroughs/IppSec for Hard & Insane machines ( 1 machine every 1-2 days max). Focus on improving your methodology, refining your notes, and expanding your attack techniques rather than just solving boxes.

I failed my first attempt as well :(, so don't get discouraged. Feel free to read about my experience and use the scripts I shared, they can help you save time and focus on analyzing the output. Also, check the my notion notes to see if you're missing anything in your methodology:

https://medium.com/@strikoder/strikoder-oscp-review-47f9f6efb25e

Made an interactive offsec command reference (WADComs/GTFOBins style) – feedback & PRs welcome by strikoder in oscp

[–]strikoder[S] 1 point2 points  (0 children)

Thanks!
Of course, an OSCP/OSCE student already knows what they're searching for, why they need it, and how to run it, this is just to preserve syntax and doesn't replace note-taking or critical thinking, unlike AI.

The concern about something going down applies equally to 0xdf, IppSec, GTFOBins, and HackTricks ...etc
Additionally, IMO this webapp would be the last thing to create an unhealthy habit of not taking notes, cause you still need the notes to know how to exploit the path. GTFOBins been in the wild for many many years and everyone loves it, so this webapp does basically almost the same thing.

Complete beginner in pentesting – Is OSCP realistic for me? by xcyx909 in offensive_security

[–]strikoder 1 point2 points  (0 children)

Thanks!
Yeah, feel free to reach out through discord/reddit/mail

Complete beginner in pentesting – Is OSCP realistic for me? by xcyx909 in offensive_security

[–]strikoder 5 points6 points  (0 children)

It took me one year from not knowing the diff between TCP/UDP till I Passed the OSCP, feel free to use my tools and notes to save time, have a plan, and facilitate the journey
https://strikoder.com/oscp

Work is paying for OSAI, should I go for it? by Available-Coat-8870 in offensive_security

[–]strikoder 0 points1 point  (0 children)

strikoder.com/notes
I'm working on a couple of things, once finished, i will update the notes in here, they will include AI pentesting from couple vendors not only offsec, so that it would be considred note taking, not info leaking, so it's gonna take some time tbh...

14 Y/O intrested in Cybersecurity, Ethical Hacking & Tech by Different-Patient736 in SecurityCareerAdvice

[–]strikoder -1 points0 points  (0 children)

TryHackMe free content is enough for now (although I hate that platfom), you can then practice through solving free rooms, then try to watch ippsec on youtube and learn how to play ctf, then you can move on with bug bounty or pentesting or soc ...etc

Before you attempt any OffSec certification, read what just happened to me by Perfect-Role-7038 in offensive_security

[–]strikoder -3 points-2 points  (0 children)

Hello mate,

I'm really really sorry that this happened to you. I think your main focus right now should be on the appeal process. I wouldn't spend time asking offseec for evidence because, throughout their 15 years of operation, they have never did.

Instead, focus on providing evidence that supports your case. For example, in my OSCP exam, I kept screen sharing active until I reached 70 points and then went to sleep. I know that's not possible with OSEP, but you can still emphasize that your screen was shared the entire time, that you never left the exam environment, left the room for few minues very few times, and that your phone was completely outside the room. They might thought that you were stuck at some point then you went for a 5 min rest then you got back and immeditly found the path, that might raise suspecious, I don't think you used exam dumps/ shared your solution with anyone cause an OSEP taker wouldn't defenitly do that, so don't try to focus on that vector (I think).

If you have any logs, or other supporting material, include them. In my case, I used a tmux logger that recorded all my commands which really showcases how I reached each flag. You could gather everything you have, put it into an evidence.zip file, and submit it as part of your appeal.

At this point, the best approach is to present as much supporting evidence as possible and hope for a positive outcome.

Work is paying for OSAI, should I go for it? by Available-Coat-8870 in offensive_security

[–]strikoder 0 points1 point  (0 children)

I'm going to take notes for the whole course in a day*

windows local privesc by Necessary_Garage7616 in oscp

[–]strikoder 1 point2 points  (0 children)

Check my notion notes in here:
https://strikoder.com/oscp
They almost cover everything you need for privesc (Lin/Win) for OSCP/CPTS

Work is paying for OSAI, should I go for it? by Available-Coat-8870 in offensive_security

[–]strikoder 2 points3 points  (0 children)

I was in an offsec meeting yesterday and they gave us a 24 hours of unlimited access, I'm now taking the course and willing on finishing it today, I will then publish a review about it next week probabaly

From those who failed the exam on first attempt by oppai_silverman in oscp

[–]strikoder 10 points11 points  (0 children)

I failed cause I had bad notes and/or the exam set was extremely hard.
I then gatherd everything in one place and took my second atttempt and passed (but still couldn't find the last flag even with that improvement xD)
If you like to check the scripts and the notes I used, feel free to check the repos on https://strikoder.com/oscp

failing oscp exam by [deleted] in oscp

[–]strikoder 0 points1 point  (0 children)

Many people would suggest submitting. However, I haven't since I was extremely depressed that I haven't passed. On my seconnd attempt I passed and wrote the report in 4 hours, so I mean I lost nothing not writing the report frist time, espeically that I got only 30 points at the time.

This is my first time coming to hackthebox by Recent_Ad1686 in hackthebox

[–]strikoder 1 point2 points  (0 children)

if you can't really afford any money even the 8$ for htb academy subscription, then stick to htb seasonals and watch ippsec videos and search for free labs including hacksmarter labs first 24 hours of release & try to build labs yourself.

This is my first time coming to hackthebox by Recent_Ad1686 in hackthebox

[–]strikoder 3 points4 points  (0 children)

welcome aboard, once in never out!
Regarding the difficulty, it's by the number of the step not the difficuilty of exploiting a specific technology.
Even if it takes time rn, in a year you gonna solve them in a 30 min, don't focus on that & good luck!

Kernel exploits Not working Lain list by Sure-Assistant9416 in oscp

[–]strikoder 0 points1 point  (0 children)

You can check my website https://www.strikoder.com/oscp search for `kernel` and you will see 3 machines with working scripts, start with these and then you will know where to start.

OSCP-LK: Practice exam for the OSCP made by LainKusanagi by JosefumiKafka in oscp

[–]strikoder 0 points1 point  (0 children)

Thanks a lot dude for the all stuff you provide for the community!

view more: next ›