Great video! I've watched all of your "OSCP" series and I must say that you motivated me to take the PWK course, which I'm focused on since January. Can't wait for more videos

@c0nd4

3 жыл бұрын

That's awesome news! Good luck with it. I'd recommend doing a lot of HTB machines before starting PWK.

Really helpful thank you!

@c0nd4

3 жыл бұрын

No problem 😁

Thank you bro 🙏

Insightful

Great video, you really deserve more views/subscribers. Quick question: Do we get to know which box is the buffer overflow during the exam or do we have to figure that out on our own?

@c0nd4

3 жыл бұрын

Thank you! They make sure you know which box that is.

Hey man great video I Have one question, regarding AD scenario in the report..... For example if you have 4 machines lets say that the one machine was compromised and the with enumeration you were able to find doman admins and then you can rdp to other and the DC, how would you report it in the exam... Because the vulnerability might be one the first machine broke but I wonder how to report the other ones if they are compromised with just a login... and also if you use autorecon for info gathering just copy and pasted the output or re ran the commands?

Great advice 🙂

@c0nd4

2 жыл бұрын

Thanks!

@kandarpareddykatha1418

2 жыл бұрын

@@c0nd4 I really need help from someone to prepare for oscp exam

@c0nd4

2 жыл бұрын

Feel free to join my Discord and ask questions there!

@kandarpareddykatha1418

2 жыл бұрын

@@c0nd4 Thanks alot🤗

I’m planing on starting my OSCP journey by the end of the year after finishing my Masters Degree. Do you recommend getting the 90 days package ? I wanna make sure I can go to the course carefully, without worrying about killing all my lab time.

@c0nd4

3 жыл бұрын

Yes I would recommend getting the 90 day then. Also, I would highly recommend rooting 20-30 HTB machines before starting. That will give you a really good foundation to work off of.

@DavidAlvesWeb

3 жыл бұрын

@@c0nd4 I'll do that for sure! HTB and some VulnHub machines as well :) Thank you for responding! :D

@tomschwab3111

3 жыл бұрын

They now have a 365 day lab. Recommend that.

How long did you mean by break?

How would you say is the best way to narrow down what exploit to use after finding a bunch of exploits. Sometimes most of my time gets wasted because I try ALL of them until one of them hits. I don’t have a problem with that, but for the oscp I need to be working efficiently

@c0nd4

3 жыл бұрын

Unfortunately I don't really have a great answer for that. If there are multiple exploit scripts available for the same CVE, I would usually try them until one works. Many times they will require some slight modification. Wish I had a better answer for you.

@iakashx

3 жыл бұрын

- Check for Vulnerable application / service version. - Check CVE - Use most recent / updated exploit. Sometimes 2nd version or 3rd version is mentioned (in searchsploit exploitDB) Use intersection of all the above points. Finally - Keep some exploit in ready to use state like (php-reverse-shell / eternal blue MS17-010)

@younesmohssen8158

3 жыл бұрын

@@c0nd4 haha that’s alright no worries. I really love the channel by the way! Great work

@younesmohssen8158

3 жыл бұрын

@@iakashx ahhh niceee thanks a lot akashhhh :))

@c0nd4

3 жыл бұрын

Thank you! 😁

OSCP Exam on 9th May 2021 , Wish me luck .

@c0nd4

3 жыл бұрын

That's awesome!! Good luck with it

@Itsyaboi2538

3 жыл бұрын

Same! Good luck my man!

@vipuldev1283

3 жыл бұрын

@@Itsyaboi2538 You too Bro . Let's Congratulate each other after that

@SpragginsDesigns

3 жыл бұрын

Hey buddy! How did your OSCP exam go? I hope it worked out well.

@vipuldev1283

3 жыл бұрын

@@SpragginsDesigns Failed bro . But Enjoyed the whole OSCP journey and I am on HTB now will retake it in future

I would caution against recommending scanning all ports at once. Build a list of most common ports. Scan the most common ones first. If nothing comes back, scan all of them. This way, first time exam takers won't waste time. I don't have an OSCP cert, so take it with a grain of salt.

@c0nd4

2 жыл бұрын

Missing an obscure open port is a common reason for people failing this exam, so yes I do still recommend scanning them all. Adding verbose flags to nmap will make it output open ports as they're found so it doesn't end up taking much extra time to hit common low ports.

what kind of machines we need to practise? i mean do i need to practise forensics,reverse engineering...?

@c0nd4

2 жыл бұрын

If you're curious about the topics in scope, I'd recommend looking at the course syllabus. It's public and lists everything taught, so it should give you a good idea of what to expect.

During the exam, you're aloud search things on the internet & watch like youtube PoC videos yea?

@c0nd4

3 жыл бұрын

Yep! Google is your friend

@michaelod8841

3 жыл бұрын

@@c0nd4 Thanks, i'm hoping to get my OSCP by the end of the year. January was the first time i've ever done any pentesting but i've been doing it pretty much non-stop since then. I'm currently doing Virtual Hacking Labs and have rooted 20 machines in just over 10 days. I'm then planning to move onto Proving Grounds and then get the PWK. How long had you been pentesting before you took the exam? Did you have much other experience like on VHL or HTB etc?

@c0nd4

3 жыл бұрын

Good luck! I had been doing HTB for about 2 years before starting PWK

no hair :(