EH-Net

Namaste.

I have just registered for the PWB course and am waiting to hear back from the team.
I had attempted this course earlier, but failed to connect to the lab, so am trying again.

Will try to share my experience as much as possible.

I hope to take it again in the future. I don't know about anyone else, but working night shift full-time and going to school full-time really killed my ability to finish PWB. I highly recommend you set aside enough time to dedicate to the course before shelling out the money. There are a lot of puzzles to solve, so sitting down for 30 minutes here and there just will not cut it. I loved the material and learned a lot, but wish I had realized the commitment level before going in. Good luck!!

Thanks Cashiuus. I do have some experience in PT work, so hoping the course will help me learn more and not be too taxing at the same time.

It has been more than 24 hours since I re-registered. Waiting patiently.

goodluck dbest! try to put as many hours into the lab as you can, it will only help you gain more knowledge and skills, however, make sure you work through the course materials first. keep us posted!

thanks jordy.

Just waiting to hear back from them. it's been 2 days now!

Looking forward to hearing about your experience.  I finished C|EH and CPT this year and found myself going "what can I do with this?"  I'm thinking about trying the OSCP later this year to see what I can pick up.

I as well plan on taking this class, good luck.

I have completed my C|EH and always wanted to do the OSCP. It seems more exciting.


Good luck to you as well.

I am still waiting to hear back from the team. Should I re-register? Been approximately 4 days.

It shouldn't take that long. Jump on their IRC and ask an admin. Channel is #offsec

-C

Depends, did he provide a non-free email address that they can check? sometimes the background check takes a little longer due to certain factors (country of origin etc.) but still, hop on IRC and tackle an admin, good luck!

Good luck.  I am not even going to attempt this until fall/winter.  Too many distractions during the summer.

sorted by mailing them.
Now I am testing the connectivity to the lab. The last time I faced an issue with this and hence did not go through with the course.
Fingers crossed!

Test lab connectivity was sucessful.
I will begin the course on 10th of July.

good luck dbest.

Thanks Chrisj. I will try to update you guys as much as possible.

The course begins tomorrow.  ;D

Great, keep us posted, I was rechecking the site yesterday, I already saved  for that training.

Right, so I received my welcome e-mail today. It contains links to the VM & videos, as well as a Lab Guide.

The note from the authors section of the Lab Guide really impressed me. I have not gone into the details of the lab guide yet, but for those who do not read the notes from authors (I do that always), do not miss this one. I can only imagine how the rest of the material will be.

Did you sing up with 60 or 90 days?

Have fun!!

I was initially thinking of signing up for 30 days of labs, but after reading some other posts, I signed up for 60 days.

Thanks

good luck! i guess we won't be seeing you around here much the next 60 days ;)

Enjoy it. I am a little when I am studying because i like to go deep, so in my case I am planning 90 days

I think, if you have the money, the 90 days is well worth it, even if not always necessary.  It's always interesting to spot things you didn't, upon second and third looks at something, and, even after you've exploited a lab box, sometimes, you'll find other ways (or better ways) of accomplishing the same things, as well as being able to try different tools against the lab, to see how the behave, how quickly and accurately they report findings, etc.  It's a good test ground, as well as a training ground.

Good luck, and let us know how you do!

Right now, I'm weighing time and money for OSCE...  I passed the "FC4me" pretty quickly, so if I can scare up some free time and money, I might go ahead and enroll.  But it's rough, as someone else noted in another thread, to balance THAT much time against a family and work.  We'll see...

hayabusa

Dude, it's a blast. You should go for it. I thought it was much harder than OSCP but it was that much more rewarding as well.

Thanks guys.
I wish I could afford the 90 day lab, but unfortunately, not at the moment.

Yeah, I know how it goes with $$.  I did the 60-day, also.  Just a nice option to grab extra lab time, for folks who can afford it, as it's always nice to be able to hack / test on someone else's machines, when you have no prior knowledge of them, rather than setting up known stuff on your own labs.  That said, once you've experienced the OSCP labs, you'll definitely have ideas for pushing your own labs to be more effective, etc.  <evil grin>

Good luck, dbest, and let us know how you're coming along with it.

Work + family + ill health = less time for PWB. :(
Still stuck on Module 1. I know its really easy, but am going through module in the way that is recommended. Read the course PDF, watch the video, do the exercises.

Is it not better watch the video, then read the material and do the practice?

The general recommendation is to read the material, then watch the videos. It also works well for me, coz I watch the videos late in the evening, once I am at home.

Generally speaking, there are times when the video makes much more sense, if you already have some idea of what is being done, based on having read the material, first.

I will try that way, for my certifications I was watching first and read later but I loosed interest when I am reading after the videos

Yeah, sometimes I also look at videos (when doing it by reading first, then watching the videos) as a treat, for having taken the time to read and digest the materials.  They're almost refreshing, sometimes.  You can clear your head, and watch as they put the stuff, you read about, into action.

I think I'd be the same way, and might be a more lazy reader (myself, not saying you are,) if I did the videos first, because I'd always want to be chomping at the bit to try things, rather than fully understand the "how and why."  I think it makes me a better pentester, in that I get the full effect and learn and understand the inner workings of things, rather than just seeing and emulating, and not necessarily understanding, completely.

That's my opinion, anyway, for what it's worth...

I agree with hayabusa. For both OSCP and OSCE I relied on the videos more than the guide. They're such high quality and so easy to follow, I found it the most important supplement to the course. The lab guide also came in very handy but for me it was only when I needed further clarification or detail on a subject.

LOL!  You might have agreed, but it almost sounds like the opposite...   :P

ahahahhaahah
Damn, the old brain totally read something different than what you actually wrote. I better go home now.

LOL, I thought the same ;D

Yeah, that happens, and I have plenty of those days, myself... <evil grin>

Either way, some folks learn differently than others.  Admittedly, there ARE times when watching videos makes some study faster, and I'll default to those.  But for MOST of my security- and pentesting-related stuff, I prefer to read and really understand the underlying stuff, first, then watch and put it into action.

Edit:  And you're correct cd1zz, in that the Offensive Security videos are done so well, you could easily get away with using them, primarily, too...

That's the part that makes my studies very slow: "I prefer to read and really understand the underlying stuff"

Understandably, but I also highly respect you for that.  

Makes a big difference to know that a person really understands the concepts, versus knowing enough to emulate a video, without truly knowing what they're doing.  As many of our previous threads on EH have discussed, knowing how and what a tool is REALLY doing can make a difference, in performance, in stealth, in NOT taking down someone's system while testing, etc.  I've seen my fair share of script kiddies and the like, who watch a video and throw a test against a production system, only to get hammered for causing major disruptions and problems.  While, in some cases, such as sil noted in some threads a while back, these are still 'valid' tests, in that, truthfully, you ARE showing a weakness and a possible end result, there are too many times when covertness and uptime are more important, and your scope and agreements won't allow you to crash systems, etc.

Good luck, and keep studying!

You're assuming that everything you need to know is in that lab guide. That is far from the truth. I used the lab guide as a supplement but outside research and reading came into play more than the guide did. There is no way you can just fake it through the exercises and not understand what you're doing and pass that exam. I think there is an element of the offsec courses that tries to introduce your brain to think creatively. I also think that people walk into the courses at different levels and what works for one, might not work for another.

Don't get me wrong.  I'm not arguing that point, either.  I'm assuming nothing, as I did OSCP, too.  I fully agree that outside research is very prudent, and totally necessary, to pass ANY of Offensive's courses.  Again, different people learn in different ways.

Would I discount someone who worked primarily from the videos, in an interview?  No... As long as they could show me they DO understand the concepts.  You passed OSCP and OSCE, so you're proof positive that it's completely possible to learn it, with emphasis on the videos, and references to the guide.  I'm sure you understand the concepts, too, as lack of understanding, in the courses wouldn't bode well for passing.  In fact, muts is one heck of a speaker, so again, their videos ARE easily followable, and learned from.

But for me, especially in this field, I also know of folks who slid by on video knowledge, and in THEIR (not your) case, I'd be scared as hell to rely on them in a true pentest.

Again, different learning methods for different people.  In the end, it's do what works for you.  Videos / bootcamps / books are only as good as their instructors, and are only as useful as a given student makes them.

@cd1zz - note, too... Lest you think I'm nuts (ok, so I might be...)  Not saying you 'primarily used the videos', as I know better for these courses.  My wording was bad there.  Meant used videos more than the written course lab materials.  But again, your points are completely valid, and I agree.  To each, their own working method to learn

Totally agree (and this time I re-read your post:) What I have come to learn is that even after OSCP and OSCE I realized I am still an infant in the industry. Like it has been said so many other times in other posts, some of best people who do this have no certs and no college degree. However, there is tremendous value in these courses from offsec for regular people like us! I think offsec, similar to college, teaches you how to think more than even teaching you skills to use. I kind of realize what is possible now which in turn drives further accomplishments and learning...

The true understanding about concepts that you're talking about is multifaceted....errr...ok I'm going to stop here. I love good convo like this!

Yup!  That's the best part of the community like EH.  Great conversation, multiple perspectives and personalities...

It's all good!  And I think we agree, with regards to multi-faceted, and differing experiences.  Learning is what YOU / I / another make it.  And learning Offensive's stuff is all the more fun!

Have a great evening!

Well I can only congratulate you for signing up for the massive content (and pain), that you will receive in return  ;D I have been very satisfied with Offensive Security, and all their courses are of a very high quality!  ;)

Don't forget to check out their IRC channel at irc.freenode.org #offsec , in case you're not already there  :)

Thanks MaXe.
I do visit the IRC a few times, however am not a regular there.

Still stuck on the second module, as work + real life keeps getting hectic. Just feel bad that I am wasting so many lab days. One exercise got me stumped and I noticed that it did the same for loads of others, so am kinda content about that.  :P

Comes with the territory (getting stuck, sometimes.)  Just stay with it.

Try some people on IRC, to help you with that exercise, or send me a PM and I'll see if I can help. I've already done CTP and the OSCE exam too  :)

Would like to provide an update to all. I got stuck in the buffer overflow module and didnt progress further. I am gonna work on creating some exploits locally and then continue my lab access. As the wise men said, "Try Harder".

I'm sure you'll be able to solve it sooner or later, don't forget to use the student forums too.  :)

I actually took (er, am taking) a detour here to refresh my C knowledge and learn assembly. I think the material in the course is enough for me to fumble through the examples, but I really want a more in-depth understanding of how this works. They do some of this in the free Metasploit Unleashed course too, so be sure to check that out if you haven't already.

Thanks guys.

Will have to delay this for another 2 weeks, due to real life. But I started enjoying the exploit development videos on securitytube.net.