Abstract image of a woman sitting on books and studying on a laptop

My pwk & oscp journey

M.Syarifudin, ST, OSCP, OSWP , profile picture
M.Syarifudin, ST, OSCP, OSWP

This document outlines the author's journey to obtain the OSCP (Offensive Security Certified Professional) certification. It discusses completing the PWK (Penetration Testing with Kali Linux) training course, which includes learning materials, lab exercises, and penetration testing internal labs and exam servers. The author emphasizes focusing on each step, never giving up, and finishing the internal labs and exercises before taking the exam. The certification process involves penetration testing targets in the exam environment within a 24-hour period to achieve a minimum of 70 points.

Education
1 of 14
Downloaded 173 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
PWK & OSCP JOURNEY OF MINE Created by : Syarif | @fl3xu5 August 27, 2015 1
What’s That ? ★ About PWK & OSCP ★ The Online Training Workflow ★ My Journey to Obtain the OSCP ★ Lesson learned / Tips 2
About PWK & OSCP • PWK ( Penetration Testing with Kali Linux) is a Penetration Testing Course created by Offensive Security • OSCP ( Offensive Security Certified Professional ) is The Certification for PWK • More information : • https://www.offensive-security.com/information-security- training/penetration-testing-training-kali-linux/ • https://www.offensive-security.com/information-security- certifications/oscp-offensive-security-certified-professional/ • https://www.offensive-security.com/faq/ 3
The Online Training Workflow Register & Download PWK Materials Connect to the Offsec Labs The OSCP Certification 4
My PWK & OSCP Journey Learning the PWK Materials 5 Doing the Lab Exercises Writing the PWK Report Penetration Testing the Exam Servers Penetration Testing the Internal Labs
Learning the PWK Materials • PWK Materials Contain of : • 149 PWK Videos • 350 Pages of PWK .pdf Guide • Learn the Materials ( Videos .pdf ) • Practice them ( Hands-on ) • Write a “Study Notes” on the Keepnote 6
Doing the Lab Exercises • Do all of the Lab Exercises Correctly • Write the Results on the Keepnote 7
Penetration Testing the Internal Labs • Offensive Security Team will give : • A Lab Connectivity Guide + a VPN Credential • Kali Linux VM Image • PWK Report Template • Connect to the Labs through VPN • Use that VM to Pentest the Internal Lab • ONLY for Penetration Testing • Don’t Update the Metasploit / others Software 8
Penetration Testing the Internal Labs • Hack all of the Target Machines • Write the Walkthrough Completely • Take the Screenshot and Grab the Proof files • Write the Pentest Report on the Keepnote 9
Penetration Testing the Exam Servers • About the Challenge ( Exam ) : • 24 Hours Exam Time • Minimum 70 Points Total to Pass • Submit “PWK Report” within Next 24 Hours • Read the Exam Guide Carefully 10
Penetration Testing the Exam Servers • Connect to the OSCP Exam Lab through VPN • Hack the Target machines with the Highest Points first • Write the Walkthrough Completely • Take the Screenshot and Grab the Proof files • Write the Pentest Report on the Keepnote 11
Writing the PWK Report • Compiling the Report ( Keepnote PWK Report ) • The PWK Report contains of : • All of the Lab Exercises • Internal Lab Pentest Report • Exam Pentest Report 12
Lesson Learned & Tips • Always Praying to the God • Focus on Each Steps of the Journey • Keep Calm & Never Give Up • Use Offensive Security Motto : “Try Harder” • Finish the Internal Labs & the Lab Exercises Report before Taking the Exam 13
References : • https://www.offensive-security.com/information- security-training/penetration-testing-training-kali-linux/ • https://www.offensive-security.com/information- security-certifications/oscp-offensive-security- certified-professional/ • https://www.offensive-security.com/faq/ • https://www.offensive-security.com/offsec/say-try- harder/

More Related Content

PDF
Oscp preparation
Manich Koomsusi
 
PPTX
Oscp - Journey
Vandana Verma
 
ODP
Automating OWASP ZAP - DevCSecCon talk
Simon Bennetts
 
ODP
2014 ZAP Workshop 2: Contexts and Fuzzing
Simon Bennetts
 
PDF
When the internet bleeded : RootConf 2014
Anant Shrivastava
 
PDF
Intro to DefectDojo at OWASP Switzerland
Matt Tesauro
 
ODP
OWASP WTE - Now in the Cloud!
Matt Tesauro
 
PPTX
The OWASP Zed Attack Proxy
Aditya Gupta
 
Oscp preparation
Manich Koomsusi
 
Oscp - Journey
Vandana Verma
 
Automating OWASP ZAP - DevCSecCon talk
Simon Bennetts
 
2014 ZAP Workshop 2: Contexts and Fuzzing
Simon Bennetts
 
When the internet bleeded : RootConf 2014
Anant Shrivastava
 
Intro to DefectDojo at OWASP Switzerland
Matt Tesauro
 
OWASP WTE - Now in the Cloud!
Matt Tesauro
 
The OWASP Zed Attack Proxy
Aditya Gupta
 

What's hot (20)

ODP
2014 ZAP Workshop 1: Getting Started
Simon Bennetts
 
ODP
BSides Manchester 2014 ZAP Advanced Features
Simon Bennetts
 
PPTX
Zap vs burp
Tomasz Fajks
 
ODP
OWASP 2015 AppSec EU ZAP 2.4.0 and beyond..
Simon Bennetts
 
ODP
OWASP 2013 APPSEC USA Talk - OWASP ZAP
Simon Bennetts
 
PDF
Automated Security Testing
seleniumconf
 
ODP
JavaOne 2014 Security Testing for Developers using OWASP ZAP
Simon Bennetts
 
ODP
BlackHat 2014 OWASP ZAP Turbo Talk
Simon Bennetts
 
PDF
Virtual Security Lab Setup - OWASP Broken Web Apps, Webgoat, & ZAP
Michael Coates
 
PDF
Owasp tds
snyff
 
ODP
JoinSEC 2013 London - ZAP Intro
Simon Bennetts
 
ODP
OWASP Zed Attack Proxy Demonstration - OWASP Bangalore Nov 22 2014
gmaran23
 
PDF
“Sensu and Sensibility” - The Story of a Journey From #monitoringsucks to #mo...
Puppet
 
PDF
[OWASP Poland Day] Security knowledge framework
OWASP
 
ODP
OWASP 2014 AppSec EU ZAP Advanced Features
Simon Bennetts
 
ODP
OWASP 2013 APPSEC USA ZAP Hackathon
Simon Bennetts
 
ODP
OWASP 2013 AppSec EU Hamburg - ZAP Innovations
Simon Bennetts
 
PDF
The Final Frontier, Automating Dynamic Security Testing
Matt Tesauro
 
PDF
N Different Strategies to Automate OWASP ZAP - OWASP APPSec BUCHAREST - Oct 1...
gmaran23
 
PDF
[OWASP Poland Day] A study of Electron security
OWASP
 
2014 ZAP Workshop 1: Getting Started
Simon Bennetts
 
BSides Manchester 2014 ZAP Advanced Features
Simon Bennetts
 
Zap vs burp
Tomasz Fajks
 
OWASP 2015 AppSec EU ZAP 2.4.0 and beyond..
Simon Bennetts
 
OWASP 2013 APPSEC USA Talk - OWASP ZAP
Simon Bennetts
 
Automated Security Testing
seleniumconf
 
JavaOne 2014 Security Testing for Developers using OWASP ZAP
Simon Bennetts
 
BlackHat 2014 OWASP ZAP Turbo Talk
Simon Bennetts
 
Virtual Security Lab Setup - OWASP Broken Web Apps, Webgoat, & ZAP
Michael Coates
 
Owasp tds
snyff
 
JoinSEC 2013 London - ZAP Intro
Simon Bennetts
 
OWASP Zed Attack Proxy Demonstration - OWASP Bangalore Nov 22 2014
gmaran23
 
“Sensu and Sensibility” - The Story of a Journey From #monitoringsucks to #mo...
Puppet
 
[OWASP Poland Day] Security knowledge framework
OWASP
 
OWASP 2014 AppSec EU ZAP Advanced Features
Simon Bennetts
 
OWASP 2013 APPSEC USA ZAP Hackathon
Simon Bennetts
 
OWASP 2013 AppSec EU Hamburg - ZAP Innovations
Simon Bennetts
 
The Final Frontier, Automating Dynamic Security Testing
Matt Tesauro
 
N Different Strategies to Automate OWASP ZAP - OWASP APPSec BUCHAREST - Oct 1...
gmaran23
 
[OWASP Poland Day] A study of Electron security
OWASP
 
Ad

Viewers also liked (7)

PDF
Pentest with Metasploit
M.Syarifudin, ST, OSCP, OSWP
 
PDF
Information gath
M.Syarifudin, ST, OSCP, OSWP
 
PDF
Social Network Security & Backdooring email
M.Syarifudin, ST, OSCP, OSWP
 
PDF
Wireless LAN Security-Bimtek Kominfo
M.Syarifudin, ST, OSCP, OSWP
 
PDF
Prepare Yourself to Become Infosec Professional
M.Syarifudin, ST, OSCP, OSWP
 
PDF
IPTV Security
M.Syarifudin, ST, OSCP, OSWP
 
PDF
iCrOSS 2013_Pentest
M.Syarifudin, ST, OSCP, OSWP
 
Pentest with Metasploit
M.Syarifudin, ST, OSCP, OSWP
 
Information gath
M.Syarifudin, ST, OSCP, OSWP
 
Social Network Security & Backdooring email
M.Syarifudin, ST, OSCP, OSWP
 
Wireless LAN Security-Bimtek Kominfo
M.Syarifudin, ST, OSCP, OSWP
 
Prepare Yourself to Become Infosec Professional
M.Syarifudin, ST, OSCP, OSWP
 
IPTV Security
M.Syarifudin, ST, OSCP, OSWP
 
iCrOSS 2013_Pentest
M.Syarifudin, ST, OSCP, OSWP
 
Ad

Similar to My pwk & oscp journey (20)

PDF
Quality Management Introduction
Duy Tan Geek
 
PDF
Introduction to the DevNet Sandbox and IVT
Cisco DevNet
 
PPT
Introduction to the DevNet Sandbox
Cisco DevNet
 
PDF
Continuous Integration, Deploy, Test From Beginning To End 2014
Clever Moe
 
PDF
Ten Steps To Success
Mohan Dutt
 
PPTX
Istqb foundation level day 1
Shuchi Singla AKT,SPC4,PMI-ACP,ITIL(F),CP-AAT
 
PDF
PAC 2019 virtual Bruno Audoux
Neotys
 
PPTX
Getting started with Octopus Deploy
Karoline Klever
 
PDF
we45 DEFCON Workshop - Building AppSec Automation with Python
Abhay Bhargav
 
PDF
Lars Wolff - Performance Testing for DevOps in the Cloud - Codemotion Amsterd...
Codemotion
 
PDF
Use Jenkins For Continuous Load Testing And Mobile Test Automation
Clever Moe
 
PDF
Deployment automation framework with selenium
Wenhua Wang
 
PPTX
Selenium Automation at Incapsula
adamcarmi
 
PPT
Continuous Delivery Agiles 2014 Medellin
Diego Garber
 
PDF
Atlassian's Mystique CLI, Minimizing the Experiment Development Cycle
Optimizely
 
PPTX
Automated testing on steroids – Trick for managing test data using Docker sna...
Lucas Jellema
 
PPTX
DEVNET-1102 Introduction to the DevNet Sandbox and IVT
Cisco DevNet
 
PPTX
AppSec DC 2019 ASVS 4.0 Final.pptx
Josh Grossman
 
PPTX
AppSec DC 2019 ASVS 4.0 Final.pptx
TuynNguyn819213
 
PPTX
CMG imPACt2016 - Mobile performance testing - Vendor training - Federico Tole...
Federico Toledo
 
Quality Management Introduction
Duy Tan Geek
 
Introduction to the DevNet Sandbox and IVT
Cisco DevNet
 
Introduction to the DevNet Sandbox
Cisco DevNet
 
Continuous Integration, Deploy, Test From Beginning To End 2014
Clever Moe
 
Ten Steps To Success
Mohan Dutt
 
Istqb foundation level day 1
Shuchi Singla AKT,SPC4,PMI-ACP,ITIL(F),CP-AAT
 
PAC 2019 virtual Bruno Audoux
Neotys
 
Getting started with Octopus Deploy
Karoline Klever
 
we45 DEFCON Workshop - Building AppSec Automation with Python
Abhay Bhargav
 
Lars Wolff - Performance Testing for DevOps in the Cloud - Codemotion Amsterd...
Codemotion
 
Use Jenkins For Continuous Load Testing And Mobile Test Automation
Clever Moe
 
Deployment automation framework with selenium
Wenhua Wang
 
Selenium Automation at Incapsula
adamcarmi
 
Continuous Delivery Agiles 2014 Medellin
Diego Garber
 
Atlassian's Mystique CLI, Minimizing the Experiment Development Cycle
Optimizely
 
Automated testing on steroids – Trick for managing test data using Docker sna...
Lucas Jellema
 
DEVNET-1102 Introduction to the DevNet Sandbox and IVT
Cisco DevNet
 
AppSec DC 2019 ASVS 4.0 Final.pptx
Josh Grossman
 
AppSec DC 2019 ASVS 4.0 Final.pptx
TuynNguyn819213
 
CMG imPACt2016 - Mobile performance testing - Vendor training - Federico Tole...
Federico Toledo
 

Recently uploaded (20)

PPTX
pharmaceutics-1unit-1-221214121936-550b56aa.pptx
zonuntluangimph
 
PDF
M.Tech in Aerospace Engineering | BIT Mesra
BIT Mesra
 
PDF
Farming Based Livelihood Systems English Notes
Akhil Agriculture
 
PDF
Chevening Scholarship Application and Interview Preparation Guide
Leneka Rhoden
 
PPTX
Diploma pharmaceutics notes..helps diploma students
zonuntluangimph
 
PPTX
Climate Change and Its Global Impact.pptx
vaishalidobhal148
 
PDF
Disorder of Endocrine system (1).pdfyyhyyyy
[email protected]
 
PDF
Laparoscopic Colorectal Surgery at WLH Hospital
mohitsuren827
 
PDF
African Communication Research: A review
AgathaMashindano1
 
PPTX
ACFE CERTIFICATION TRAINING ON LAW.pptx
Godwin Emmanuel Oyedokun MBA MSc PhD FCA FCTI FCNA CFE FFAR
 
PPTX
4. Diagnosis and treatment planning in RPD.pptx
rakshasb
 
PDF
faiz-khans about Radiotherapy Physics-02.pdf
FrancisKazoba
 
PDF
LIFE & LIVING TRILOGY - PART (3) REALITY & MYSTERY.pdf
sureshkumarsoni26
 
PPTX
Macbeth play - analysis .pptx english lit
helenamistry
 
PPTX
PLASMA AND ITS CONSTITUENTS 123.pptx
sweet2th18
 
PDF
Fun with Grammar (Communicative Activities for the Azar Grammar Series)
JohanaWulandari2
 
PDF
Health aspects of bilberry: A review on its general benefits
Open Access Research Paper
 
PDF
The TKT Course. Modules 1, 2, 3.for self study
Aydelina Medina
 
PDF
0520_Scheme_of_Work_(for_examination_from_2021).pdf
SankariNandakumar
 
PDF
fundamentals-of-heat-and-mass-transfer-6th-edition_incropera.pdf
gloryjsingh
 
pharmaceutics-1unit-1-221214121936-550b56aa.pptx
zonuntluangimph
 
M.Tech in Aerospace Engineering | BIT Mesra
BIT Mesra
 
Farming Based Livelihood Systems English Notes
Akhil Agriculture
 
Chevening Scholarship Application and Interview Preparation Guide
Leneka Rhoden
 
Diploma pharmaceutics notes..helps diploma students
zonuntluangimph
 
Climate Change and Its Global Impact.pptx
vaishalidobhal148
 
Disorder of Endocrine system (1).pdfyyhyyyy
[email protected]
 
Laparoscopic Colorectal Surgery at WLH Hospital
mohitsuren827
 
African Communication Research: A review
AgathaMashindano1
 
ACFE CERTIFICATION TRAINING ON LAW.pptx
Godwin Emmanuel Oyedokun MBA MSc PhD FCA FCTI FCNA CFE FFAR
 
4. Diagnosis and treatment planning in RPD.pptx
rakshasb
 
faiz-khans about Radiotherapy Physics-02.pdf
FrancisKazoba
 
LIFE & LIVING TRILOGY - PART (3) REALITY & MYSTERY.pdf
sureshkumarsoni26
 
Macbeth play - analysis .pptx english lit
helenamistry
 
PLASMA AND ITS CONSTITUENTS 123.pptx
sweet2th18
 
Fun with Grammar (Communicative Activities for the Azar Grammar Series)
JohanaWulandari2
 
Health aspects of bilberry: A review on its general benefits
Open Access Research Paper
 
The TKT Course. Modules 1, 2, 3.for self study
Aydelina Medina
 
0520_Scheme_of_Work_(for_examination_from_2021).pdf
SankariNandakumar
 
fundamentals-of-heat-and-mass-transfer-6th-edition_incropera.pdf
gloryjsingh
 

My pwk & oscp journey

  • 1. PWK & OSCP JOURNEY OF MINE Created by : Syarif | @fl3xu5 August 27, 2015 1
  • 2. What’s That ? ★ About PWK & OSCP ★ The Online Training Workflow ★ My Journey to Obtain the OSCP ★ Lesson learned / Tips 2
  • 3. About PWK & OSCP • PWK ( Penetration Testing with Kali Linux) is a Penetration Testing Course created by Offensive Security • OSCP ( Offensive Security Certified Professional ) is The Certification for PWK • More information : • https://www.offensive-security.com/information-security- training/penetration-testing-training-kali-linux/ • https://www.offensive-security.com/information-security- certifications/oscp-offensive-security-certified-professional/ • https://www.offensive-security.com/faq/ 3
  • 4. The Online Training Workflow Register & Download PWK Materials Connect to the Offsec Labs The OSCP Certification 4
  • 5. My PWK & OSCP Journey Learning the PWK Materials 5 Doing the Lab Exercises Writing the PWK Report Penetration Testing the Exam Servers Penetration Testing the Internal Labs
  • 6. Learning the PWK Materials • PWK Materials Contain of : • 149 PWK Videos • 350 Pages of PWK .pdf Guide • Learn the Materials ( Videos .pdf ) • Practice them ( Hands-on ) • Write a “Study Notes” on the Keepnote 6
  • 7. Doing the Lab Exercises • Do all of the Lab Exercises Correctly • Write the Results on the Keepnote 7
  • 8. Penetration Testing the Internal Labs • Offensive Security Team will give : • A Lab Connectivity Guide + a VPN Credential • Kali Linux VM Image • PWK Report Template • Connect to the Labs through VPN • Use that VM to Pentest the Internal Lab • ONLY for Penetration Testing • Don’t Update the Metasploit / others Software 8
  • 9. Penetration Testing the Internal Labs • Hack all of the Target Machines • Write the Walkthrough Completely • Take the Screenshot and Grab the Proof files • Write the Pentest Report on the Keepnote 9
  • 10. Penetration Testing the Exam Servers • About the Challenge ( Exam ) : • 24 Hours Exam Time • Minimum 70 Points Total to Pass • Submit “PWK Report” within Next 24 Hours • Read the Exam Guide Carefully 10
  • 11. Penetration Testing the Exam Servers • Connect to the OSCP Exam Lab through VPN • Hack the Target machines with the Highest Points first • Write the Walkthrough Completely • Take the Screenshot and Grab the Proof files • Write the Pentest Report on the Keepnote 11
  • 12. Writing the PWK Report • Compiling the Report ( Keepnote PWK Report ) • The PWK Report contains of : • All of the Lab Exercises • Internal Lab Pentest Report • Exam Pentest Report 12
  • 13. Lesson Learned & Tips • Always Praying to the God • Focus on Each Steps of the Journey • Keep Calm & Never Give Up • Use Offensive Security Motto : “Try Harder” • Finish the Internal Labs & the Lab Exercises Report before Taking the Exam 13
  • 14. References : • https://www.offensive-security.com/information- security-training/penetration-testing-training-kali-linux/ • https://www.offensive-security.com/information- security-certifications/oscp-offensive-security- certified-professional/ • https://www.offensive-security.com/faq/ • https://www.offensive-security.com/offsec/say-try- harder/