.

How to prepare for PWB?

<<

Chadk

Newbie
Newbie

Posts: 6

Joined: Sun Aug 14, 2011 6:45 am

Post Wed Nov 09, 2011 5:43 am

How to prepare for PWB?

Hey,

In January I'll be doing PWB. Until then, I have 2 months(including my Christmas vacation) to basically do studying ahead of doing PWB.

What books should I be reading over the next months to prepare myself for PWB, and make my life less of a hell once I do it? Anything I should be doing?

Any advice is most welcome!

Thanks in advance.
<<

n3r

User avatar

Jr. Member
Jr. Member

Posts: 95

Joined: Wed Sep 28, 2011 1:06 am

Location: paris

Post Wed Nov 09, 2011 5:50 am

Re: How to prepare for PWB?

The more you 'll learn before the more you'll be prepared  ;D
<<

Chadk

Newbie
Newbie

Posts: 6

Joined: Sun Aug 14, 2011 6:45 am

Post Wed Nov 09, 2011 6:23 am

Re: How to prepare for PWB?

n3r wrote:The more you 'll learn before the more you'll be prepared  ;D

That's not helpful. I can read all the books in the world, but if I don't read things that's actually gonna help me over the next 2 months, then it's not worth it.

So what books should I read over the next 2 months? Or other activity that will teach me stuff, that would make PWB a bit easier?
<<

TheXero

User avatar

Full Member
Full Member

Posts: 112

Joined: Tue Dec 07, 2010 12:24 pm

Post Wed Nov 09, 2011 6:31 am

Re: How to prepare for PWB?

Last January I decided I was going to start PWB roughly in April (this year) so I decided to try and get some experience in developing exploits to try and get me up to speed before starting the course.

When I started the course in April, I realised that I'd already done probably about 80% of the course material on my own for several years and felt that I was at an advantage on the course material, but the lab time is really where the course pays for itself.

With the exploit development module, try to make sure that you know before hand about the CPU registers on the x86 architecture before you start the course and even try developing some exploits.

If you need some help with this I am happy to assist or alternatively you can view the video and write-up hosted on my website at http://www.thexero.co.uk/exploit-development/ or on SecurityTube.net here http://www.securitytube.net/video/2377

Good luck with pwb ;)

Regards,
TheXero
<<

Chadk

Newbie
Newbie

Posts: 6

Joined: Sun Aug 14, 2011 6:45 am

Post Wed Nov 09, 2011 7:18 am

Re: How to prepare for PWB?

I already went through the first couple of exploit development guides at corelan, and have exploited a number of targets(Including freefloat). So I'm pretty up to speed on buffer overflows(No SEH/Stack cookie exploiting so far though) :)
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Wed Nov 09, 2011 8:12 am

Re: How to prepare for PWB?

Exploit development is just a tiny part of PWB. OSCE on the other hand is 90% exploit dev.

There really isn't too much you can do do prepare yourself for the lab, but I would definitely familiarize yourself with the syllabus http://www.offensive-security.com/docum ... ktrack.pdf

You'll get ideas on the content of the course there and possibly begin researching based on that.
<<

TheXero

User avatar

Full Member
Full Member

Posts: 112

Joined: Tue Dec 07, 2010 12:24 pm

Post Wed Nov 09, 2011 8:35 am

Re: How to prepare for PWB?

A point I forgot to mention, have you ever looked at the De-ICE.net pentest live cd's before?

Hopefully they will help you on your way to getting the correct mindset, but also have a look at some methodologies as well such as the OSSTMM or ISSAF.  They are pretty boring to read, but they will make sure you don't miss anything during a pentest.

Regards,
TheXero
<<

Darktaurus

User avatar

Full Member
Full Member

Posts: 181

Joined: Thu Sep 03, 2009 8:48 am

Post Wed Nov 09, 2011 9:03 am

Re: How to prepare for PWB?

cd1zz wrote:Exploit development is just a tiny part of PWB. OSCE on the other hand is 90% exploit dev.

There really isn't too much you can do do prepare yourself for the lab, but I would definitely familiarize yourself with the syllabus http://www.offensive-security.com/docum ... ktrack.pdf

You'll get ideas on the content of the course there and possibly begin researching based on that.


I would agree 100%.  Just be ready to learn everything they teach you and more.  The only thing you can do to prepare is open up Backtrack and take a look at every tool that is there.  Get familiar with most of the tools and look over the PDF.  Also, figure out the best way for you to take notes.  I never knew how important the note taking process would be in a pentest till I took that course.  Lastly, prepare the family. You might be missing sleep some nights. :) My 2 cents.  Oh yeah, and have fun!
OSCE, OSCP, OSWP, CISSP, GPEN

www.agoonie.com
<<

th3d0ct0r

User avatar

Newbie
Newbie

Posts: 2

Joined: Wed Feb 08, 2012 1:35 pm

Post Wed Feb 08, 2012 1:41 pm

Re: How to prepare for PWB?

Hey I am kinda new to Info Sec. I wanted to know if I might be good to start the OSCP course. I have strong knowledge of tcp/ip, my linux skills are still at a beginner level but not to bad. I have been playing around with Backtrack and metasploit intensely for about a year now. What do you guys think should I be ok?
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Wed Feb 08, 2012 2:15 pm

Re: How to prepare for PWB?

th3d0ct0r wrote:Hey I am kinda new to Info Sec. I wanted to know if I might be good to start the OSCP course. I have strong knowledge of tcp/ip, my linux skills are still at a beginner level but not to bad. I have been playing around with Backtrack and metasploit intensely for about a year now. What do you guys think should I be ok?


You might want to beef up your Linux skills and learn a bit of Python first. You can always purchase more lab time if you feel like you need it, and you can schedule the test whenever you're ready. There's really no harm in starting the course when you feel like you're close to being where you need to be, even if you may not be prepared for everything.
The day you stop learning is the day you start becoming obsolete.
<<

th3d0ct0r

User avatar

Newbie
Newbie

Posts: 2

Joined: Wed Feb 08, 2012 1:35 pm

Post Wed Feb 08, 2012 7:35 pm

Re: How to prepare for PWB?

Thanks dynamik. I will study up on Python and start beating myself to work on my linux skills.  ;D
<<

eterjack

Newbie
Newbie

Posts: 2

Joined: Thu Feb 09, 2012 6:56 pm

Post Mon Feb 13, 2012 6:39 am

Re: How to prepare for PWB?

Hello,

It is possible make the lab and exam with virtual machine backtrack ? Or you guys recommend to install backtrack on the same physical PC.

Which book would you recommend for reading before the OSCP training?
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Mon Feb 13, 2012 9:18 am

Re: How to prepare for PWB?

VM is fine for the BT box. If possible, try to use a host that can give at least 1gb of ram to your BT box.

As far as books go, I wouldnt worry about it since the material you'll be covering, will cover specific sections out of like 5 books. Brush up on your scripting/bash skills,
<<

pharmerjoe

Newbie
Newbie

Posts: 14

Joined: Sun Jan 29, 2012 1:45 pm

Post Fri Feb 17, 2012 2:56 pm

Re: How to prepare for PWB?

Would it be enough to just learn from whatever course material Offensive Security give you? Or is a lot of outside reading required? (aside from programming skills)
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Fri Feb 17, 2012 3:12 pm

Re: How to prepare for PWB?

You can ALMOST survive on what they give you, but you WILL need to do outside research on some things, in order to 'pop' some of the targets, both in the lab, and in the exam.  That said, though, they give you enough info to pretty much guide you where to FIND what you need, in the wild.

But one thing that makes it very realistic training, is that just like in a real-world pentest, you will run into things you don't know, and have to do some research on your own.  That's one BIG reason I like the way Offensive Security puts their stuff together.  It prepares you, not only to pass a certification exam, but for what to expect, in the real world.
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH

Return to OSCP - Offensive Security Certified Professional

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software