Intro:
My experience with penetration testing before taking this course was nearly nothing.
Pre-Experience:
1-2 years of system administration
Almost done with a BS in IT Security
Several years of captaining a CCDC team. (Collegiate Cyber Defense Team)
Other than that, I was comfortable with Linux, Server Administration, Python and other sys-adminy type stuffs. I would highly recommend at least getting comfortable with the following concepts before jumping into the labs:
Web Servers,Linux, Windows Servers, DNS, FTP, SMB, SMTP, POP3, SNMP, etc.
You don’t need to know everything about these concepts but you should know enough to explain what they are and how they generally work.
Exercise:
The exercises are pretty well laid out. They advance slowly and near the end of the exercises, you are required to understand earlier exercises. They skim many of the concepts needed to get through the labs and it is up to the student to expound on any given topic. If you already have lots of professional experience, you might not need to go through the exercises but if you are like me, the exercises are definitely necessary.
Labs:
The labs are pretty impressive. Lots of blogs go over the structure of the lab so I will save my characters. However, the range of concepts needed to successfully get access to most of the boxes is very broad. Only a couple boxes have repeat vulnerabilities and these typically have multiple paths to root. The notoriety of gh0st, pain, sufferance and humble is definitely well deserved. I spent lots of time with these and ended up with a low priv shell on pain and nothing on sufferance. I did end up getting root on gh0st and humble though. Had I extended my lab, sufferance would have been on the agenda.
The labs were awesome at making the student build his own toolkit and create his own methodology which is where I think its real value comes in. Figuring out what tools worked best was a huge part of the learning process.
Exam:
The exam was hard. I went in not really knowing what to expect. Even though my toolkit was proven throughout the labs, it seemed as if it wasn’t enough for the exam. I spent 18 hours on the exam and at 3 AM, when my brain wasn’t working quite well, I decided to call it a day.
Fast forward a couple days.. And I got that awesome email..
We are happy to inform you that you have successfully completed the Penetration Testing with Kali Linux certification exam and have obtained your Offensive Security Certified Professional (OSCP) certification.
Recap:
Overall, I would say I learned more from the PWK and OSCP process than I have from any one course in school. Like everyone else who took it, I would highly recommend the course! It is a very rewarding exam, it will be interesting to see how much this stuff pertains to actual penetration testing! I do wish there was more AD stuff but that was about my only thought on improvements!