In the last week I watched through the first module of the AWS CCP training. It was fairly straight forward and reiterating on things I already knew. There were some AWS specific things that I learned such as pricing model. But otherwise the module was mostly “this is what the cloud is”.
I also finished all of the free boxes in the HTB starting point. Starting out these were pretty simple and I had no issue going through them, but the last section had a couple of boxes that stumped me.
Responder
This box took me a bit longer than the others (and yes I know it’s a “VERY EASY” machine). I hadn’t used responder before and I wanted to make sure I actually understood what was happening before copying and pasting commands.
Once I had that down it was a pretty simple step through but it gave me a good base knowledge of the responder tooling.
Unified
The other box that took me a bit was Unified. In this case the part that slowed me down was interfacing directly with a MongoDB instance. I hadn’t done that before outside of basic NoSQL auth bypasses so it was interesting and a good learning moment to go through Mongo documentation to be able to read and modify data inside of a DB the way it was intended to be done.
I want to hear from you
If you have any recommendations on HTB boxes or other trainings I should try. Feel free to leave a comment on this post or submit a form on the contact page.
In my last post I gave a potential outline for how I want to spend the next two years, gaining certs and knowledge to eventually obtain the OSCP certification. Today I spent time determining where to actually start.
The first thing I had to consider was cost. Looking through HackTheBox’s pricing options I determined that subscribing to the Labs (for about $20 a month) would fit my goals. This will get me access to the different boxes, challenges, sherlocks, etc.
To supplement the Academy I will be leaning on YouTube and other free options for stepping through the specific environment based on the enumeration conducted.
AWS Cloud Practitioner
To begin my journey of obtaining the AWS Cloud Practitioner I will spend the first month (and a half, I have a trip during September and will be away from my lab at that time) splitting time between the free courses offered by AWS, YouTube videos, and other recommended materials.
This will give me more than enough time to learn the required material for the certification as I do have hands on experience in AWS environments, while also allowing me time to do labs to keep me from getting reading/watching AWS video burnout.
Summary
I will be spending my personal development time from now until the beginning of October studying for the AWS Cloud Practitioner certification and digging in to the HTB Labs. Any helpful resources I will link in another post, this will be true for any certification, lab, etc.
Support Me
This is something that I’ll tack onto the end of my monthly update posts, it’s a small way to support my journey. It’s above and beyond and there is not ANY posts or content that are paywalled. The only benefit that you get is good karma and (if you do $3 a month) your username on the Supporters page.
My name is BK. I am a web application and external network penetration tester looking to grow in my career and within the public facing cybersecurity space.
To do that I am leveraging this site to post my goals, reviews, pitfalls, and updates on my learning journey. I am a big proponent of being a lifelong student, especially in the cybersecurity space.
I will be balancing the huge prices of training and certifications as well as time commitment the best I can, using this blog to help keep me accountable in my journey.
Why OSCP?
The OSCP certification is my main target as a penetration tester. There will be others before and others after, but this is what I am shooting for in the meantime. This cert specifically because of its industry recognition and its hands-on exam that shows that I can do more than guess A,B,C, or D correctly (no hate on multiple choice exams, they have their place too).
My Current Roadmap –
My current roadmap is set to run about 2 years (when I can hopefully get a rotating to access enterprise content through Offensive Security). This is subject to, and will absolutely change during this time as I will learn what works and what doesn’t.
This roadmap has an expected OSCP exam time of 15 months, I put it here because I am unsure of when I’ll get access to the training material and it may need to be pushed back if I am covering costs myself. After that there is room for a potential OSEP (wishful thinking, I know) and more personal career based moves.
Again, I am writing this as a way to keep myself organized and disciplined in my endeavors.
I don’t have security+ or THM on here because I already have the sec+ certification and have paid my dues in THM.
Year 1: Building Range and Depth
Month
Focus
Certifications
Labs
1
Planning & Setup
—
HTB Starting Point
2
Cloud Fundamentals
AWS Cloud Practitioner
AWS labs
3
Azure Fundamentals
AZ-900
Azure sandbox
4
Active Directory & Enumeration
—
HTB Easy Boxes, Proving Grounds
5
CRTP Prep
CRTP
Pentester Academy labs
6
CRTP Exam
CRTP
BloodHound, PowerView
7
eJPT v2 Prep
eJPT v2
HTB Medium Difficulty
8
eJPT v2 Exam
eJPT v2
HTB Web Challenges
9
PNPT Prep
PNPT
TCM labs
10
PNPT Exam
PNPT
External/Internal labs
11
OSCP Prep Begins
—
PWK lab setup
12
OSCP Lab Work
—
PWK labs
Year 2: OSCP Grind & Career Building
Month
Focus
Certifications
Labs
13
OSCP Lab Work
—
PWK labs, HTB Hard Boxes
14
OSCP Lab Work
—
PWK labs, custom setups
15
OSCP Exam Attempt
OSCP
PWK exam
16
Recovery & Reflection
—
HTB, Proving Grounds
17
Advanced Web & AD
—
HTB Hard Boxes, AD labs
18
Red Team Foundations
—
C2 frameworks, evasion labs
19
OSEP Prep
OSEP (maybe?)
OffSec labs, HTB Insane Boxes
20
OSEP Exam Attempt
OSEP
Custom attack chains
21
Cloud Security
AWS Security Specialty (optional)
AWS labs
22-24
Future Planning
—
—
Contact
Please feel free to leave a comment under this post (moderated) or go to the contact page to let me know your thoughts, if you have any tips, or pitfalls you may have found when pursuing certifications or in the industry in general!
