About one year ago, my colleague Trevor O’Donnal wrote a blog post, “Why a 17-Year Veteran Pen Tester Took the OSCP,” which detailed his experience with the certification, why he pursued it, how it works, and his thoughts on it. Trevor and I are very similar in some ways and very different in others. We are both members of the “Moose Dojo,” or the Rapid7 penetration testing team. We consider ourselves the, well, more life-experienced members of the team. If that’s not clear, we’re both older than most members of the team (even 20 to 25 years older, in some cases).
The main way that Trevor and I differ is that he has 18 years of penetration testing experience, while I am a relative newcomer to the field. I’ve been a minor league baseball athletic trainer, a Java instructor, and a PHP developer, and have done some incident response work. My pentesting career will be four years old as of this coming April. I don’t have the same experience as Trevor, and virtually everything I’ve learned about penetration testing has been through my teammates at Rapid7. So, taking Offensive Security’s Penetration Testing with Kali (PWK) class to get the Offensive Security Certified Professional (OSCP) certification was a pretty new challenge for me.
Learning how to enumerate targets
In Trevor’s blog post, he wrote about how the methods he’s always known and used in his career were challenged and how he had to learn new techniques as he pursued the OSCP. In my experience ..
Support the originator by clicking the read the rest link below.
