I suggest learning to hack without metasploit. You're allowed to use it in the labs, so when you pwn something with metasploit, figure out how to do it without metasploit. You can even look at the exploit module itself in metasploit to see how it's doing it, and maybe you can adapt it to a single script.

Question:

I'm finally getting some books tomorrow, which one should I read first ? Thanks for the advise!!

Tomorrow Friday I get :
1. The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws
Dafydd Stuttard, Marcus Pinto
2. Metasploit: The Penetration Tester's Guide
David Kennedy, et al
3. Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems
Chris Sanders
4. Assembly Language Step-by-Step: Programming with Linux
Jeff Duntemann


On Monday I get:
5. The Shellcoder's Handbook: Discovering and Exploiting Security Holes
6. Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning
7. Professional Assembly Language (Programmer to Programmer)
Richard Blum

THANKS !!!

PS: I'm probably finishing up the pdf of OSCP in a few days.

For OSCP I would adopt the following order:
6: Look for the parts you don;t know or can save you time/automation/scripting or parsing
2: but only sections on payload creation, shellcode, meterpreter
4: read assembly ouput near fluent
5: focus on stack overflows both in Linux and Windows. Learn the specific tools on both OS'es

Save 3, 1 and 7 for after OSCP as I think it might go to deep and you will not be able to master this in depth in time for the exam.

I am actually doing something similar but before I sign up as to save my lab time. Good luck!

@ Cyberspirit: this is how I tend to study. I try to be able to do most attacks without using any tools. Purely by scripting, abusing the shell and making use of available cmd's/tools native to the OS or API's. If this gets me stuck I use an automated tool and see if it can complete the attack. If it does I tear apart their logic until I can do it by hand myself. This cost a tremendous amount of time but allows me to perform even when tools are blocked.

The materials from Open Security Training might also help to better understand some of the exploit development basics.

Just got another one. Ok, I have the 3 most easy servers of the 50.

:-( That leaves me with 47 hard ones 

Great read to OP.  I'm on day 25 and wish I was alot further ahead then where I am.  I've gotten into 3 machines in the last 2 days with many more to go.

Great course so far, just hope I have enough lab time left to get through everything.  (bought the 90day package).

I understand what you're saying, to an extent. It's important to learn the fundamentals, so you're not just flailing about, but you're never going to be in a pen test where everything's routine and transparent. You're going to find custom applications, security controls you haven't encountered before, admins paying attention to the network for the first time in a year and changing things as you're trying to work, etc. Being able to adapt and think critically are enormous pieces of the puzzle, maybe even more so than preexisting knowledge. You can't acquire those skills by reading.

Taking weeks off of a limited amount of lab time seems like a waste to me. Just dive in and experiment, even if you're only working on the 5-10 pages of the lab guide you read that day. That's what the environment is there for; you can easily revert a mistake.