Phillip Wylie

Forum Replies Created

Viewing 15 posts - 1 through 15 (of 102 total)
  • Author
    Posts
  • #53766
     Phillip Wylie 
    Participant

    I am currently taking the course and I am enjoying it. I was assigned an mobile app to pentest at work and this course has helped me a lot.

  • #53677
     Phillip Wylie 
    Participant

    Cool site, thanks for sharing!

  • #53510
     Phillip Wylie 
    Participant

    I look forward to the launch and learning more about the course.

  • #53402
     Phillip Wylie 
    Participant

    Congrats!

  • #53373
     Phillip Wylie 
    Participant

    Congrats!

  • #53333
     Phillip Wylie 
    Participant

    They might cover the material, but an important part of preparing for the OSCP is the practice you get from the lab. You still have to sign up for the Pentesting With BackTrack course to take the exam, which would give you 30 days of lab time.

  • #53259
     Phillip Wylie 
    Participant

    Congrats, David!

  • #53051
     Phillip Wylie 
    Participant

    @batz21 wrote:

    Not Good at all… πŸ™

    Seems I don’t have the proper foundation for the OSCP. Still struggling and learning the stuff. My Count is only 3 and I am 15 days into the lab.

    Lets see how things advance…

    regards
    batz21

    You just need experience and the labs will give you that. Enumeration is key and the more the better. Some helpful tools for systems in the lab running web servers and web based apps are;

    Nikto (web vulnerability scanner) – This helped me a lot. Nikto works well at finding vulnerabilities.

    Dirbuster (web crawler) – This is a great tool for discovering files and directories.

    Burp Suite (web proxy) – Burp is an awesome tool. You can crawl/spider like in Dirbuster, but you can modify http requests and send them to the web server, as well as a lot of other things. You can brute force html forms.

    HTTPrint – This tool is good for fingerprinting the web server. This is good to double check nmap results.

  • #53229
     Phillip Wylie 
    Participant

    You have a good plan for your pentesting training and once you are finished with the eLearnSecurity courses, you should be ready for Offsec’s PWB course.

  • #53208
     Phillip Wylie 
    Participant

    Welcome, Justin! Good to see you here. You will get a lot more out of this forum. There are some sharp people that are good to learn from.

  • #53093
     Phillip Wylie 
    Participant

    @the_hutch wrote:

    I feel like I’ve seen this discussion elsewhere, lol.

    Deja vu! LOL!

  • #53187
     Phillip Wylie 
    Participant

    I also like Evernote for keeping general notes, but I also don’t use it for client info during pentests.

    I used Keepnote during the OSCP course and it did work well, so it would be a good solution for stuff you don’t want in the cloud. But with stuff like general notes that you don’t mind storing in the cloud Evernote is a better choice in my opinion. You can access it with a smartphone, PC or Mac.

  • #53182
     Phillip Wylie 
    Participant

    I think a good way to explain whether somebody could be an ethical hacker/pentester, is to compare it to other areas of IT. You have varying levels of technical skills. You have the people that everyone goes to, that always have the answers, and the people that have a hard time getting it, then you have various levels between the gurus and the technically challenged. I have seen some people that just didn’t have what it took to excel in IT and the help desk would be the best they could hope for. I think most people fall somewhere in the middle. I myself don’t fall into the guru category, but I have done OK. Over the years I have spent a lot of time learning new things outside of work. I started my IT career as a system engineer doing server support. I taught myself Linux right around the time I got into IT and now that skill is paying off now in my current roll as an ethical hacker/pentester. I taught myself web design and I took a couple hacking courses over the years. Those skills have helped me in my career. I think anyone can do it, but the level they achieve depends on how much work they are willing to put in. There are a lot of skills needed to be an ethical hacker and starting in other areas of IT will help you gain the skills needed to be an ethical hacker. Having an analytical mind and being a good problem solver are helpful. Those can be gained from other areas of IT. It all depends on how hard a person is will to work, that determines the level they will achieve. The really smart and talented people will get there faster, but anyone willing to put in the work and the effort can do it at some level. Once you have the prerequisite skill, a course like Pentesting With BackTrack (OSCP) will help you develop a hacker’s mindset.

  • #53091
     Phillip Wylie 
    Participant

    @zeebee wrote:

    Congratulations rockman!
    Your experience (and that you shared it with the community) is of extreme value for someone like me who is pursuing the second attempt at OSCP πŸ™‚

    -zeebee

    Thanks, zeebee! I am glad you got some value from my experience.

  • #53159
     Phillip Wylie 
    Participant

    Great review! I am currently taking the eLearnSecurity Web App Pen Testing course and I am enjoying it. It’s a very good course and I highly recommend it.

Viewing 15 posts - 1 through 15 (of 102 total)

Copyright Β©2019 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?