I’ve been working through Georgia Weidman’s book, Penetration Testing: A Hands-On Introduction to Hacking, in preparation for starting the Penetration Testing with Kali course and the OSCP Certification that follows. Educating myself and honing my skillset will be my full-time career for the next few months as I attempt to knock out the OSCP and whatever other certifications I require in order to get a solid foot-hold into the Penetration Testing career field.
So far, my biggest hurdle has been dealing with all the changes in the various tools and environments that have been released since the publication of Weidman’s book. It’s an excellent resource, and I’m learning a great deal… But part of what I’m learning is to always check the manual pages for each of the tools I’m using, as many of them have changed syntax and functionality.
Some of the techniques in the book no longer work, and as a result I’ve had to get creative and find my own ways around some of the road-blocks I’ve encountered. I’ve already encountered two or three situations where the attacks and exploits outlined in the book no longer work, but each time I’ve managed to find another route by which to achieve the same ends. In my opinion, that’s one of the beauties of working with the book: it’s teaching me to be resourceful and dynamic.
While I won’t be able to share any specific details of the PWK/OSCP labs, I’ll be trying my hand at a number of CTFs from HackTheBox and VulnHub, and I hope to post some solid write-ups as I work my way through each challenge. So stay tuned, and perhaps we can learn something together!