Thanks everyone!!! 

Something that's funny: Since I knew exactly this time what I was getting myself into, I was so prepared mentally that I don't feel especially tired or exhausted (I mean, after two good nights of sleep).

I already started reading in "The Shellcoder's Handbook" yesterday. I am starting to study for OSCE tonight (first pass watching the videos).

BTW, I also stopped working on OSCE two years ago because after CISSP, I was totally brain dead. I --HATED-- studying for this exam!! I almost burn myself out. I ended up taking almost a full year off after CISSP...

But I am back now!

Anyone working on OSCE right now? 

Thanks! 

I am opening a cold Kilkenny beer right now... 

But don't despair Cyber.spirit, you really don't need to be an assembly guru in order to write exploits. I would say you only need limited knowledge to get you started.

Start with http://www.securitytube.net/groups?operation=view&groupId=6 then http://www.securitytube.net/groups?operation=view&groupId=5 and you will know more than what you need to write exploits.

What you really need is understand how operating systems work and learning a bit of assembly will help you a lot in understanding the registries, the stack, etc. And again, you really don't need to be good at assembly. Just write a few programs and you will be fine.

For the rest C, python, ruby, perl, etc are, like ajohnson said, only there to help you deliver your shellcode.

Good luck and post your questions! 

Hi everyone,

I just got the email that I FINALLY passed the OSCP exam. For those who have been member of this forum for a while, you may remember that I tried very, very hard 2 years ago, getting 60% twice! (see http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,6315.0/).

I ended up doing GPEN, CISSP and GWAPT before giving OSCP another try. But this time, I was better prepared and it showed in the exam.

Before someone ask me the question, next certs: OSCE (which I started 2 years ago, but without trying the exam) and maybe CCNA (I want to get better with networks).

So at last, I did it!! 

I agree with ziggy_567.

Mitigating vulnerabilities could be quite a challenge. I will start with OWASP Top 10 vulnerabilities found in web applications:https://www.owasp.org/index.php/Top_10_2010-Main

Yes jOrDy, I am curious to know what you did to get prepared for this exam. What source did you use for studying?

I am happy you passed it buddy!

On the same train of thoughts, the first computer I bought myself didn't have an hard drive...

And as far as typing is concern, my left hand little finger was broken years ago and is all crooked, so I can't use it for typing. So much for me for learning how to type correctly 

Congratulations j0rDy !!!

What is the next one now?

Wow, lucky you!!!

Congratulations!!

I just ask the Offensive Security team about their AWAE and AWE courses and here is their response:


So, AWAE will eventually be available online. We will probably have to wait a long time for AWE...

As always, ajohnson is right! 

First time I hear about this. I won't do this again, promise!

Yes, I totally agree if you see it this way! They pissed me off big time with their Try Harder thing, so you know what?
+6

Although I agree with all of you, we were able to have a quality PWB course and a very good linux distro because they have spent some time in the past building and fixing them.

They probably make 90% of their proifit with the PWB course, so we can't blame them to update it every 3 years or so...

So yes, me too I can't wait to get AWAE, but we have to understand their position too...

Pentesting 3000 hosts in details is way too much, even for a team.

Since time is money and the ultimate goal of a pentest is to make your organization more secured, you have to target specific hosts and go from there.

For example, take a few representative workstations, find the vulnerabilities, fix all 2000 workstations (if required), then try again to confirm things are better now. Also, scan for specific services (like port 80 and 443 for web servers) that shouldn't be opened on workstations. You can also check network traffic for odd things and go from there.

For the servers, again go after typical basic installation, start with the ones containing sensitive data or thoses exposed to the internet, etc. You want to make sure that the critical servers are secured first, then move to less critical ones. You will also find that if a server has a vulnerability, chances are that other servers have the same problem and training is required.

So I could go on and on about this, but there is no way you can spend, let's say, half a day on each host. Because after 1500 days of work (With about only 220 working days in the year, assuming you work alone), the first host you would have scanned 6 years ago would probably be vulnerable by now...  

So you have to be smart about it...

I feel the same. But nevertheless, it was worth watching. I especially liked to learn how AV evasion was performed as oppose to "here is a button you can click on to do some magic".

But still, this was a sell speach...