.

Finally took the plunge, started 08/05/12

<<

DragonGorge

User avatar

Jr. Member
Jr. Member

Posts: 86

Joined: Wed Feb 08, 2012 6:30 pm

Post Mon Aug 27, 2012 12:03 pm

Re: Finally took the plunge, started 08/05/12

Jamie.R wrote:Offensive course always seem to get great reviews I guess that why so many people want to jump in and do them.


At the risk of being branded for heresy, I have to say this...I don't understand the overwhelmingly positive reviews of the OSCP. IMHO, the OSCP training is far from perfect - there is plenty of room for improvement.

I've finished the core modules of the OSCP and am working through the labs at the moment. I would have to say that, instructionally speaking, the quality level could best be described as uneven. There are some excellent modules (BoFs to name one) but there are also some modules that fall short.
<<

shadowzero

User avatar

Full Member
Full Member

Posts: 120

Joined: Sat Jun 02, 2012 10:03 pm

Post Mon Aug 27, 2012 1:41 pm

Re: Finally took the plunge, started 08/05/12

DragonGorge wrote:
Jamie.R wrote:Offensive course always seem to get great reviews I guess that why so many people want to jump in and do them.


At the risk of being branded for heresy, I have to say this...I don't understand the overwhelmingly positive reviews of the OSCP. IMHO, the OSCP training is far from perfect - there is plenty of room for improvement.

I've finished the core modules of the OSCP and am working through the labs at the moment. I would have to say that, instructionally speaking, the quality level could best be described as uneven. There are some excellent modules (BoFs to name one) but there are also some modules that fall short.





Elaborate further please. A negative critique can be just as valuable as positive ones.
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Mon Aug 27, 2012 1:49 pm

Re: Finally took the plunge, started 08/05/12

I'm sure it depends on your frame of reference. If you're an experienced pen tester when you go through OSCP, you'll likely notice issues that others with less experience will not notice.
<<

DragonGorge

User avatar

Jr. Member
Jr. Member

Posts: 86

Joined: Wed Feb 08, 2012 6:30 pm

Post Mon Aug 27, 2012 4:58 pm

Re: Finally took the plunge, started 08/05/12

shadowzero wrote:Elaborate further please. A negative critique can be just as valuable as positive ones.


The manual is far and away my biggest complaint. There are errors in it which detract from the overall polish of the course. Not anywhere near as bad as CEH's but still. Some of the errors were small, like *this* code not matching *that* output. But there were some that were enough to throw me off for an hour or so. I could see how it would be difficult to regularly update the videos, but a PDF? Also, I don't expect them to have the latest BT R# syntax/path/etc in the manual, that'd be ridiculous, but couldn't there at least be some form of errata? My suggestion would be to create a web page where students could submit errata which the offsec folks could then confirm. OSCP students are the best people to review the material.

And while the videos are great, I'm disappointed that they serve to supplement the manual rather than complement it. If I'm trying to look something up, a printed manual is much easier than scanning through multiple video segments.

Instructionally, some modules were great, others, not so much. The BoF module was excellent. Muts stepped through each item in the process methodically. That was followed by an exercise where you could practice this on your XP Client. Conversely, the port forwarding module - critical to the back labs - amounted to "here's some cool things...try out whatever you can on whatever lab machine you think it might work on."

I've learned enough in this class to make my head explode but I can't understand why I see not even a slightly negative review. Maybe it's just me having a low tolerance for errors in manuals. I don't want to come across as completely knocking this class. I'm not. But like I said, there is room for improvement.
<<

jjwinter

User avatar

Jr. Member
Jr. Member

Posts: 80

Joined: Mon Mar 05, 2012 10:33 pm

Post Mon Aug 27, 2012 6:10 pm

Re: Finally took the plunge, started 08/05/12

Thanks for sharing, I am considering the PWB course and its good to hear many views. Oh, and you are sooo branded. ;)
<<

sternone

Full Member
Full Member

Posts: 129

Joined: Tue Aug 07, 2012 1:31 am

Post Mon Aug 27, 2012 6:55 pm

Re: Finally took the plunge, started 08/05/12

DragonGorge wrote:
shadowzero wrote:Elaborate further please. A negative critique can be just as valuable as positive ones.


I've learned enough in this class to make my head explode but I can't understand why I see not even a slightly negative review. Maybe it's just me having a low tolerance for errors in manuals. I don't want to come across as completely knocking this class. I'm not. But like I said, there is room for improvement.


Hey hey hey !! You need to read my post more 9 days ago in my OSCP journey thread when I lost a complete DAY figuring stuff out, that made me really pissed :-)))

:-)

Thing is, I noticed that with OSCP you need to add at least 6 books that you should read before or wile doing this course.

I think we must not forget that OSCP is all about the labs, not so much about the pdf and the videos...
Try harder....hmpf!!
<<

S3curityM0nkey

User avatar

Jr. Member
Jr. Member

Posts: 89

Joined: Mon May 16, 2011 6:47 pm

Post Mon Aug 27, 2012 7:24 pm

Re: Finally took the plunge, started 08/05/12

sternone wrote:
Thing is, I noticed that with OSCP you need to add at least 6 books that you should read before or wile doing this course.



What are the 6 books you are reading?
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Mon Aug 27, 2012 8:26 pm

Re: Finally took the plunge, started 08/05/12

@DragonGorge I can certainly understand your frustration. The reality is though, that in a pen test, lots of things don't work perfectly. An exploit you find might be broken, a PoC might display the wrong output, this stuff happens all the time.

Now, whether or not this was done on purpose by Offsec is up for debate. I think it makes you learn to be very resourceful. This is a key skill to develop because a lot of the time during a pen test you're going to have figure out of new stuff you've never seen before....just like in the OSCP labs. Compare it to boot camp, if they made it all very easy, you'd never be ready for the real deal.

I also think the reason you don't find many negative reviews is that most people review the course when they are done and have passed the exam challenge. Usually they're riding a big time high and they've already forgot about all the minutia that drove them crazy during the journey. Hang in there, I'm sure you'll be one of these people writing a glowing review :)
Last edited by cd1zz on Mon Aug 27, 2012 8:28 pm, edited 1 time in total.
<<

Jamie.R

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Mon Aug 06, 2012 9:57 am

Location: UK

Post Tue Aug 28, 2012 2:45 am

Re: Finally took the plunge, started 08/05/12

This has some really good feedback and some great points.

@cd1zz Putting errors in the mateial to make you think that would not surprise me if they done that. And cant agree with you more things dont alway work and you have to deal with that.

I would also like to know the 6 books you think people should read before hand??
| OSWP | eCPPT Silver and Gold | eWPT |

I'm an InterN0T'er
<<

sternone

Full Member
Full Member

Posts: 129

Joined: Tue Aug 07, 2012 1:31 am

Post Tue Aug 28, 2012 8:08 am

Re: Finally took the plunge, started 08/05/12

It's in my thread about the OSCP

JMP http://www.ethicalhacker.net/component/ ... ic,9115.0/

:-)
Try harder....hmpf!!
<<

azmatt

User avatar

Full Member
Full Member

Posts: 103

Joined: Sun Jul 29, 2012 2:11 pm

Post Tue Aug 28, 2012 10:15 am

Re: Finally took the plunge, started 08/05/12

Telling people "you need to figure this out on your own" is 100% cool.

Giving incorrect information causing some people to lose an entire day is far from cool. Even a very vague errata would be a nice place to check for future students.
GCFA, GCIH, GCIA, GWAPT, CISSP, CEH, GSEC
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Tue Aug 28, 2012 11:19 am

Re: Finally took the plunge, started 08/05/12

They also run an IRC channel, and there's almost always someone that'll respond to legitimate questions / concerns. If you come across an error that you can't correct easily, just go ask a question. There's no need to waste an extended amount of time struggling with it. I don't think erroneous materials are intended to be part of the experience.
The day you stop learning is the day you start becoming obsolete.
<<

YuckTheFankees

User avatar

Sr. Member
Sr. Member

Posts: 332

Joined: Fri Apr 08, 2011 3:07 pm

Post Wed Aug 29, 2012 1:25 pm

Re: Finally took the plunge, started 08/05/12

Update: I have taken a 3-5 day break from the course because I've been researching so much but not making any strides in the lab. It's a little disheartening but I know it's part of the course.

I have currently compromised 6 systems but I have used Metasploit for each one. Over the past week, I have been doing outside research on: buffer overflows, sql injections, what to look for once I'm in the computer, and learning the network topology. There is so much too learn, it's a little overwhelming but still a lot of fun..I'm learning so much everyday.

My goal for the next week is to root my 1st system without using metasploit, that will definitely be a good day  ;D.

After get a taste of the OSCP, I can't wait to finish this course and move onto the OSCE. A man can dream, can't he  :D.
OSCP in progress
<<

Jamie.R

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Mon Aug 06, 2012 9:57 am

Location: UK

Post Wed Aug 29, 2012 1:28 pm

Re: Finally took the plunge, started 08/05/12

I am sure if you TRY HARDER you will get there :P
| OSWP | eCPPT Silver and Gold | eWPT |

I'm an InterN0T'er
<<

satish.lx

User avatar

Newbie
Newbie

Posts: 36

Joined: Thu Jun 17, 2010 1:15 pm

Post Wed Aug 29, 2012 2:51 pm

Re: Finally took the plunge, started 08/05/12

is it possible to root all box in OSCP Lab without metasploit?  or there are some limitation of manually exploit?
PreviousNext

Return to OSCP - Offensive Security Certified Professional

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software