The #Offsec #OSCP song #TryHarder

https://yt.oelrichsgarcia.de/watch?v=t-bgRQfeW64

Alt. link.:

https://youtu.be/t-bgRQfeW64

#nemoradio

🎙️ ✨ A new episode has been published on @ITSPmagazine

Show: Hacking Your Potential Podcast with Frankie Thomas

Episode: The OSCP, Imposter Syndrome and The Power of Community | A Conversation With Jason Watt

#podcast #OSCP #cybersecurity #ethicalhacking #pentesting #tech #technology #infosec

Enjoy, share, and subscribe!

👉 https://www.itspmagazine.com/hacking-your-potential-podcast

Καλημέρα <3 and happy new week to everyone :) I hope everyone's week gets off to a good start and that we all have a productive week. Any big plans or exciting projects you're starting this week?

On my end, I'm still on holiday from work for my move so working on studying for my #OSCP mostly. Doing ALLLL the boxes. Is that perhaps content folks would be interested in seeing? We could do some TryHackMe or HackTheBox or something similar on stream :)

Best of Active Directory Enumeration

🔹RPC Client: https://www.hackingarticles.in/active-directory-enumeration-rpcclient/

🔹BloodHound: https://www.hackingarticles.in/active-directory-enumeration-bloodhound/

🔹PowerView: https://www.hackingarticles.in/active-directory-enumeration-powerview/

🔹 Active Directory Enumeration: https://www.hackingarticles.in/empire-for-pentester-active-directory-enumeration/

#infosec #cybersecurity #pentesting #oscp #cheatsheet #informationsecurity #hacking #cissp #redteam #ActiveDirectory

OMFG, the whole #offsec #oscp stuff is such a shitshow. They recently revamped the course material and their "learning platform". This removed the possibility to start any challenge from a browser that is not in their VPN, meaning I need to run my Kali VM with graphics *just in order to have a browser open to click the "start challenge" button*. All in all it's completely ridiculous that everything is so Kali focused and just about running the right script. It's just a cert "how to become a script kiddie".

A complete sham and I cannot understand how this cert holds any real value. With the most recent update they even removed buffer overflow exploitation techniques, now it's really only scanning for known vulnerabilities and misconfigurations. That's no "attacker mindset". It's just boring keeping track of known vulns and exploiting them. There's *no worth* in that at all.

Of course, 90% of the market is not looking for "new vulns" but about looking for misconfigurations. But these aren't properly addressed by pentests anyway, but by actual proper security operations. This is a general misconception anyway: Some companies even think pentests make them more secure. Slightly less worse, they think that pentests evaluate the security of their product. Not completely wrong, but...

RT hackinarticles: Pic of the Day

#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #cybersecuritytips

This weekend I ran eight miles and rooted four Proving Grounds Windows machines at Offsec. I'd like to thank the developers of the following: PrintSpoofer, winPEAS, zaproxy, autorecon, obsidian, msfvenom, nmap, book.hacktricks.xyz. The list goes on an on. I apologize to the hundreds of tools and developers I've left out. 🙂

Tools like these and amazing networks of knowledge allow us to test and harden our enterprise networks/environments. Testing with these tools makes it less easy for nefarious actors to take orgs down because we can remove some of the dumb attack surface that merely require web searches, nmap scans, and simple exploit database scripts to leverage.

Keep up the great work everyone! #infosec #oscp #pentesting #learning

So #OSCP is apparently very keen on inn activity. Where do I find the next pub? :-D

💠 Top OSCP Resources: Links to Help You Prepare for Your Penetration Testing Journey By
@HYDRA3301

https://hacklido.com/blog/331-top-oscp-resources-links-to-help-you-prepare-for-your-penetration-testing-journey

#cybersec #oscp #infosec #hacking #pentesting #ethicalhacking #infosec

I feel like spending 4 days on fixing, cleaning up, and properly versioning Python scripts *after* already having pwned the machine is not the right way to do #OSCP.

Use coupon code TWITTER to get 25% off my courses at my new platform or @Hackers_Academy:

https://t.co/netGhatzhw
https://t.co/bJbzgzwJBK

Or use coupon code MAR2023 on Udemy:

https://t.co/Yhwcj3iMEc
https://t.co/7r95cH5meS

#OSCP #InfoSec #CyberSecurity Please share!

El lado del mal - Máster de Seguridad Ofensiva y Certificación Offensive Security OSCP para ser un Pentester https://www.elladodelmal.com/2023/03/master-de-seguridad-ofensiva-y.html #Ciberseguridad #CampusCiberseg #Hacking #Pentest #Pentester #OSCP #OffensiveSecurity #RedTeam

I’ve finally hit the meat of PWK. Finished 5 chapters of Linux-fu, and course admin. Learned a decent amount of new Linux-fu though. Which was also pretty exciting. Onwards to the actual enumeration and hacking portion of the course!

#oscp #hacking

RT @hackinarticles
Pic of the Day

#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #cybersecuritytips

This evening I got some satisfaction from rooting an OSCP Proving Grounds box and afterward discovering that I used a method not in the write-up. Was something that I'd read somewhere and BOOM! (It worked.) I've spent over 300 hours in the OSCP training environment to-date. Even if I never pass the exam, my knowledge has grown tremendously in this space over the last few months. #OSCP #infosec #pentesting #learning

#oscp #hacking #pentesting

Nachdem die #ECES Zertifizierung keine wirkliche #Challenge war, suche ich nach einer neuen Herausforderung, bevor ich den #OSCP mache! Habt ihr irgendwelche Ideen? Nein, der #CEH ist keine Option, da er ähnlich "funktioniert" wie der Certified Encryption Specialist.

Just installed Winamp yesterday. Yes, I'm "this" old. 🫣
---
RT @hackinarticles
Pic of the Day

#infosec #cybersecurity #cybersecuritytips #pentesting #oscp #redteam #informationsecurity #cissp #cybersecuritytips
https://twitter.com/hackinarticles/status/1629358865870643200

HIRING: Cyber Security Expert / Paris, Germany https://infosec-jobs.com/J25097/ #InfoSec #InfoSecJobs #Cybersecurity #jobsearch #hiringnow #CyberCareers #Paris #Germany #AWS #CEH #CERT #Cloud #EDR #Firewalls #GIAC #IAM #Incidentresponse #MITREATTCK #Monitoring #OSCP #Pentesting

Just finished a Proving Grounds box. Here was my comment: "Holy Cow! This sucker took years off my life. I spent over 15 hours on it and still had to wave the white flag and take the write-up-to-root attack vector. I did learn a lot. But was Satan's idea of intermediate." Took a look at the community rating "Very Hard." Welp, I agree. #oscp #provingGrounds #infosec