[Article]-Final Course and Exam Review: Pen Testing with BackTrack

Viewing 12 reply threads
  • Author
    Posts
    • #4733
      Don Donzal
      Keymaster

      OffSec’s PWB gets a lot of chatter on this site, so I’m glad we’ve been able to bring you this insider’s look. I’m proud to be able to bring you this final installment which not only brings you an overview of the entire course but also dives into the exam process.

      And since he was too modest to put it into his review, I’m going to give him the praise he deserves. Our very own Ryan Linn got a perfect score on the OSCP exam!! Mati Aharoni of OffSec now has a personal challenge out to Ryan to take CTP, Cracking the Perimeter, a course they describe as, “The most hardcore and intense penetration testing class you will ever take.”

      So the gauntlet has been thrown down. I don’t know about you, but I’ll take off my Editor hat and simply say that as a fan, that’s a review I’d want to read.

      [align=center:27a67f1q]So Ryan… can you hack it?!?![/align:27a67f1q]

      Permanent link: [Article]-Final Course & Exam Review: Pen Testing with BackTrack

      [align=center:27a67f1q][/align:27a67f1q]

      Ryan Linn continues his insider’s look at Offensive Security’s online training course, ‘Pentesting with BackTrack.’ In Parts 1 – 4, he presented the reader with details of the training as he did it. Now in this final review (Part 5), he compiles his thoughts on the course in its entirety and then gives you an extended look at the process of preparing and taking the Offensive Security Certified Professional (OSCP) exam.  PWB is described by Offensive Security as, “An online course designed for network administrators and security professionals who need to get acquainted with the world of offensive security. This penetration testing course introduces the latest hacking tools and techniques, and includes remote live labs for exercising the material presented to the students. This course gives a solid understanding of the penetration testing process, and is equally important for those wanting to either defend or attack their network. The course can be taken from your home, as long as you have a modern computer with high speed internet.”

      Visit Ryan Linn’s Column Page for Parts 1 – 4 as well as several other contributions to The Ethical Hacker Network and our community of security professionals.

      Don

    • #29542
      Jhaddix
      Participant

      Way to go Ryan! Nice write-ups and great score!

    • #29543
      hayabusa
      Participant

      Hats off to you, Ryan!  Awesome job, and the articles have been a great read!  Looking forward to scheduling myself in for v3, shortly.

    • #29544
      Ketchup
      Participant

      Wow, that’s impressive Ryan!  Great work, and great articles.

    • #29545
      rattis
      Participant

      Very impressive Ryan, way to go. Wonder if you can do it again.

    • #29546
      j0rDy
      Participant

      congratulations Ryan! way to go on the perfect score!

      i have read your articles with great pleasure! however, i got a question: depending on your pre-knowledge, how do you compare the CEH certificate to the OSCP regarding to difficulty? and how does this allign with GPEN?

    • #29547
      zeroflaw
      Participant

      Congrats Ryan! Interesting article. PWB seems well worth the time.

      Installing BackTrack 4 now  8)

      So can anyone with an internet connection take this course? And get the certificate if you pass the exam?

    • #29548
      impelse
      Participant

      Good article

    • #29549
      apollo
      Participant

      @j0rDy wrote:

      i have read your articles with great pleasure! however, i got a question: depending on your pre-knowledge, how do you compare the CEH certificate to the OSCP regarding to difficulty? and how does this allign with GPEN?

      Excellent question.  I have updated my signature with my list of certifications, but unfortunately I don’t have CEH.  I have only formulated thoughts based on what I know from other people and from reading the curriculum and browsing through the course materials. 

      The CEH appears to be a mile wide and inch deep in some places, and a foot deep in others.  You will get a lot of exposure to the whole world of security, but very little of it will be deep enough on its own.  If you are brand new to computer security, then this course should give you a crash course in the things that you will need to know along the way.  My personal view on the course, having never taken it and only talked to others, is that this is the course that should tell you how much you don’t know.  That is very valuable in that it’s hard to figure out where to go until you know what information you don’t know yet. 

      The GCIH is a good starting point in my opinion.  This course is really 1/2 incident response, 1/2 pen testing.  The two are linked in my mind in that unless you really understand what is going on, it’s hard to figure out what happened.  This course also provides a good Linux intro which will prove positive for any of the next courses you take.  Netcat, Nmap, Metasploit, and other tools are covered sufficiently that you should be able to go home and start exploring.  I already knew some coming into this class, but after this course I understood Nmap and Metasploit much better and started writing Nmap NSE scripts right after I left the course.

      From here, there are 3 ways that you can go, and they each have separate benefits.  There are more than these 3 certs, but these are the ones I have so I feel like I can speak more authoritatively on them.

      The GPEN starts off with the business side of pen testing and making sure you don’t find yourself in trouble along the way.  The CEH covers some of the legal things as well, so the legal part isn’t unique, but I think that this course does an excellent job of laying out things like scoping, requirements, business purpose and other things that are real world problems but people coming in may not think about as much.  This course goes a lot deeper into each of the different penetration testing stages and focuses on the goal of each stage and provides tools, thoughts, and some Ed Skoudis ninja skills  along the way.  You should walk out of this course of a better understanding of how to think about a pen test from a business standpoint, what types of recon you need to do, how to perform them, and a better understanding of many pen testing tools.  After this course, I went and wrote Metasploit modules and did some other fun things with Metasploit.  There is a final day capture the flag with good challenges for everyone and exposure to many technologies.

      The GWAPT is the Web Application Pen Testing certification.  Many things are moving in the direction of the web and this course by Kevin Johnson of Inguardians addresses this new trend.  You should read my review of this course to find out more, but overall, if you want to get stronger in web stuff, this is the class.

      The PWB/OSCP takes a different point of view.  It doesn’t cover a lot of the business stuff, but instead takes the skill portion and really expands on it.  It’s less formal than the SANS or EC-Council classes, but if you do well on the exam then I would think that’s a good indication that you have skills that can be directly applied to network penetration testing.  It really focuses on, here are the steps, here are the tools, here is how you use the tools, and here is what you do with the output.  If you don’t get those concepts by the end of the course, you will probably not do well on the final test.  The other area where this course concentrates on where the others really don’t as much is explaining the how/what/why of exploit development.  This isn’t something that most people will use in penetration tests.  The time when this is useful, and will really set someone apart is for some exploits you may have a working exploit that isn’t written for your target platform, for instance Windows XP Home instead of Pro and you need to have it run on Pro, you should have the basic knowledge to know what you are looking for in order to make the changes to have it work.  You will probably even be able to do basic buffer overflow exploits without much problem, but you won’t be able to do more of the advanced exploits.

      Again, these are the certs/classes I’ve taken, so I can speak only to them.  Hopefully at this point you know what you will get out of each one.  I will say this, I learned a lot in each of these courses. 

      I’m looking forward to taking the Cracking The Perimeter class.  My understanding is that the beginning of the next review may start off with “I have been defeated”.  The informality of the PWB class made it incredible fun, and even though it was somewhat stressful, the OSCP was the most fun exam I have ever taken.  Most places you get multiple choice, with OSCP, there is no multiple choice, you either get it, or you have to try harder. 

    • #29550
      UNIX
      Participant

      Great write-up and congratulation on passing. Nice comparison as well. Keep it up. 😉

      @zeroflaw wrote:

      So can anyone with an internet connection take this course? And get the certificate if you pass the exam?

      Yes. 😉

    • #29551
      MicroJay
      Participant

      Excellent job and well written!  🙂
      Congrats!

    • #29552
      zeroflaw
      Participant

      @awesec wrote:

      @zeroflaw wrote:

      So can anyone with an internet connection take this course? And get the certificate if you pass the exam?

      Yes. 😉

      Sweet! I better start saving some money then ;D

    • #29553
      j0rDy
      Participant

      @ zeroflaw: break open that piggybank!

      @ Ryan:

      thanks for explaining the differences between the certificates. i must say according to my experience youre right about CEH, however it does cover some thinks like snort, so it isnt completely 100% offensive. i think CEH and GCIH will be pretty close information wise.

      i really like the part you wrote about where to go next after CEH/GCIH. i believe web application will be hot in the next few years. the focus will be shifted from network/os to (web)application. maybe this is the best step after getting your basics.

      you wrote you had prior knowledge about writing scripts for nmap and metasploit, and writing simple buffer overflows. how did this help in studying for OSCP? i’m trying to get a feel how technical you have to go for this cert. i have little knowledge of programming but understand the concepts of writing for example buffer overflows. i’m afraid my lack of (good) programming skills will slow me down during the training. what do you think?

      last but not least: good luck with the CTP cert, although i think you will do just fine  😉

Viewing 12 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?