Lubinski wrote:I see a course from elearnsecurity but It does not look as good or come as highly recommended.
This is like the saying "opinions are like..." Here are a few things I'd like to throw out to you - for you to ponder.... Certification ... Learning... Which do you prefer?Certification
- overrated at times especially when one is seeking to "dump" - I need to pass this class!!!. You're likely to retain little and not learn at the end of the day.Learning
- always in fashion
There is no "wrong
" course to learn from. I haven't taken eLearnSecurity's course because I don't need it - and I'm not saying this to be arrogant. I'd actually LOVE to take it for the sake of learning something
, but at the end of the day, it doesn't benefit me so I choose to focus my money and time elsewhere. I would STILL learn from it I'm sure though. There are plenty of people here who have taken it and liked it alot. There were some who didn't.
As for the OSCP, you state you have little Linux experience (based off your statement: I'm not a huge Linux person atm but I have been working more and more with Backtrack lately.
) so my perception/interpretation is, you will find the OSCP difficult and likely fail the first, second and perhaps the third time around. You WILL LEARN doing the OSCP but it might be akin to jumping into trigonometry without understanding basic algebra.
Back in 06/07 I started a "Pentesting 101" write up (http://infiltrated.net/pentesting101.html
) where I laid down what I felt was a STRONG 52 week step-by-step to become a decent/well rounded pentester. It includes understanding the entire gamut of operating systems, networking, applications, etc.. There will NEVER be an "all inclusive" course to become a "ninja pentester" as there are too many variables (web applications, presentation layers, covert channels(networking), etc.) the key to it all is understanding as much as possible.
E.g., when I did my RWSP, I was completely on all their machines and was completely stumped on MSSQL syntaxing. Guess what? I come from a Linux/BSD/Solaris world. Postgres (check), MySQL (check), Oracle (check)... MSSQL? Nah, not my cup of tea. Had I taken the time for a refresher, I'd of not wasted time - in the end, I ran out of time. Anyhow, because of what you mention (minor *nix) experience, I suggest you start with ELearnSecurity, get comfortable with it, then aim for the OSCP only AFTER you're extremely comfortable with not only Linux, but a variety of topics.