Most of you will remember that I wrote a post not so long ago that was called "Why I FAILED OSCP" http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,6315.msg33820/topicseen,1/
But here is a better one: How I PASSED GPEN!!!
It's gonna be quite short: I studied OSCP like crazy then I registered for the GIAC Certified Penetration Tester exam. I tried the first practice exam (it comes with two, like all GIAC exams) just to see where I was. I got 79% without studying! So I went on and read about US, Canadian and UK laws, look at the most popular hacking tools in Windows (Cain and the others), tried a few "pass the hash" attacks. Two weeks after, I wrote the exam and got 89% !!!
Ok, I am not braging right now. I was just astonished that by doing the OSCP course, I would be ready for GPEN in less than 3 weeks with minimal study. And the GPEN exam was in no way easy, but when you have manually done multiple times 85% of the content of GPEN, you are off for a good start!!
So I am happy because I know I am not a complete waste!! But I am also happy that I didn't have to pay almost $5000 for the SANS course to get ready for GPEN. Although I would have love to take it, my budget is happy I didn't...
So the next one will be CISSP, just to help me get contracts and learn more about "the other stuff" that we, pen testers, don't have to deal with everyday. I will tackle OSCP again next year...