Penetration Testing mailing list archives

Re: OSCP ?

From: "Saif El Sherei" <SSherei () npcegypt com>
Date: Thu, 4 Nov 2010 22:19:20 +0200

The best thing you learn dueing the course is you leaen how to thunk out of the box and try harder. I took the course 
its amazing the material teaches you everything you need to know about the subject of pentesting if u finish the final 
challenge before entering the certoficate challenge you should be fine. The thing abouy the exam is that you need tp 
think out of the box a little. And isnt this what's security all about.  the whole idea behind pentesting and 
vulnerability research and exploitation is thinking out of the box. Thats the whole concept. 

Also IMHO if they exam was like the material then where is the challenge?  

The best advice you can have during the course is 'Try Harder' :D

Regards,

Saif El-Sherei
OSCP


Sent from my iPhone

On Nov 4, 2010, at 10:08 PM, "Yiannis Koukouras" <ikoukouras () gmail com> wrote:

It is a really meaningful certification, but I was surprised to see
that the study material was not corresponding to the exam. e.g. There
is whole chapter dedicated on metasploit and you are not allowed to
use metasploit during the exams!!!

IMHO, the reading material should describe things that are in scope of the exam.

Other than, it is the only cert who's ownership actually means that
you are pretty good on the subject.

P.S. I am talking about v2.6. I hope that v3.0 has a different structure.

Ioannis (Yiannis) Koukouras
CISSP, CISA, CISM
MSc in Computer Systems Security
BEng in Electronic Engineering
http://www.linkedin.com/in/ikoukouras
---
The information contained in this communication is intended solely
for  the  use  of the individual or entity to whom it is addressed
and others authorized to receive it.  It may  contain confidential
or legally privileged information.  If  you  are  not the intended
recipient you are hereby notified that  any  disclosure,  copying,
distribution  or  taking any action in reliance on the contents of
this  information  is  strictly  prohibited  and  may be unlawful.

If you have received this communication in error, please notify the
sender immediately  by  responding  to this email and then delete
 it from your system.


On Wed, Nov 3, 2010 at 10:39 AM, Enis Sahin <enis.c.sahin () gmail com> wrote:


I am thinking about enrolling to the course but I'm curious about one
thing. Everybody keeps saying that it is a very challenging course
with a tough exam and especially the chapter about buffer overflows
seem intimidating. Is the course material enough to get past those
parts during the exam? If not how much extracurricular activity should
I perform?

I bought the Gray Hat Hacking book to study about buffer overflows
before the course starts because I'm worried that the lab time won't
be enough to learn enough assembly and debugging to start writing
exploits and practice other chapters covered in the course.

How was your experience with it?

Enis

On 1 November 2010 19:22, Onken, Skyler <onk08001 () byui edu> wrote:

Anybody taken the eLearnSecurity course? I would be interested in seeing how it compares to the PWB/OSCP online 
version.  I am guessing that most of you took the PWB live course?
________________________________________
From: listbounce () securityfocus com [listbounce () securityfocus com] on behalf of Chad Uretsky [curetsky () 
yahoo com]
Sent: Tuesday, October 26, 2010 10:38 PM
To: Dan Crowley; pen-test () securityfocus com
Subject: Re: OSCP ?

Phil,

I agree with Daniel.  The curriculum is very well done, the labs really help
solidify the understanding of the material, and the cert exam is probably the
most challenging and practical that I've taken to date.

Kind regards,
Chad Uretsky

----- Original Message ----
From: Dan Crowley <dcrowley () coresecurity com>
To: pen-test () securityfocus com
Sent: Tue, October 26, 2010 2:49:29 PM
Subject: Re: OSCP ?

Hi Phil,

In my opinion, the OSCP certs are one of the few infosec certifications
out there that actually means anything. It's very hands-on, and the
material is deep and at times can be brutal for the inexperienced.

Highly recommended.

Cheers,
--
Daniel Crowley
Technical Specialist
Core Security Technologies
Direct: +1 (617) 695-1151
Fax: +1 (617) 399-6987

"All the forces in the world are not so powerful as an idea whose time
has come." - Victor Hugo

On 10/22/2010 12:45 PM, Phil wrote:

Hello-

First post here,.... Looking for opinions of, or experience with the OSCP
(Offensive Security Certified Pentester) curriculum.

Thanks!
Phil

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do
a proper penetration test. IACRB CPT and CEPT certs require a full practical
examination in order to become certified.


http://www.iacertification.org
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do
a proper penetration test. IACRB CPT and CEPT certs require a full practical
examination in order to become certified.


http://www.iacertification.org
------------------------------------------------------------------------




------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB 
CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB 
CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

Current thread:

Re: OSCP ? d3vil (Nov 01)
- <Possible follow-ups>
- RE: OSCP ? Onken, Skyler (Nov 01)
  - Re: OSCP ? Enis Sahin (Nov 04)
    - Re: OSCP ? Yiannis Koukouras (Nov 04)
    - Re: OSCP ? Saif El Sherei (Nov 04)
    - Re: OSCP ? DaKahuna (Nov 05)
- Re: OSCP ? tic (Nov 08)
  - Re: OSCP ? Geoff Galitz (Nov 08)
    - Re: OSCP ? Scott (Nov 08)