You’re Getting Your OSCP

Back to Back to Back

Hi everyone!

Where do I even begin?

I was wrapping up a web application penetration testing internship the last time I posted. Before that, I was an intern as a Cloud Security Associate. My goal this year was to take a few months off to decompress and focus on getting the OSCP.

Well, that didn’t pan out, and I’ve landed another internship.

What’s different this time? Well, to begin, it’s paid! So I’m feeling good about that aspect. However, it doesn’t align with my goal of getting a penetration tester/red teamer position. But, here’s the thing — it does do something called compounding, which exposes me to various fields in Cybersecurity, and keeps building what matters the most. Experience.

So, here I am, an intern in the Consultant Development Program at Tevora, working in PCI Compliance. For those unfamiliar with the term, the Payment Card Industry handles all credit card transactions from the point of sales devices you’ll find at your local merchants. You swipe your card, and there’s a process that happens in a matter of seconds to confirm you have funds available in your account, then approve your transactions.

What I’ve been doing is getting trained on how the payments industry works, reading through many technical reports, and learning how to write them. It’s a meticulous process that requires attention to detail and willpower to push through all the technical documentation. It’s my second week, and I have several projects to work on.

My eyes are strained, and I’m lost like a mother fucker. I guess that’s how things usually are when you start something new.

My time is dedicated to my current job, with very little time contributing to the OSCP. My lab time will run out in about two weeks from today. I’ve been focusing my energy on learning Active Directory because of the new exam format.

I’ve built a lab using TCM’s ethical hacking course. That gave me a general idea of what to expect however the Offsec labs have a much different approach. I find their material to be vague and difficult to digest. I don’t feel prepared at all, and I’m likely to fail because it’s all or nothing on the AD portion of the exam.

My goal for the 6 Mar 2022 (exam date) is to focus entirely on Active Directory and get the 40 points since it’s an all-or-nothing challenge. I know I won’t pass on my second attempt, but I’m looking forward to getting the most out of the experience.

Next on my agenda is to get the eCPPT. I have unlimited lab time and will take the exam this Summer. I’ve also been reading some really great reviews about the PNPT, so I think I may follow up with that certification.

Yeah, that’s pretty much it for now.

I just want to say Happy New Year to everyone out there. Thanks for following my journey into penetration testing and Cybersecurity!

--

--

--

Short stories about my journey in Information Security | Penetration Testing and perspective of a Neuro Divergent Hacker.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Governance arrives: “House of Degens”

{UPDATE} 【ひっぱりパズル】ズキュ〜〜〜〜ン! Hack Free Resources Generator

How to Add Password Strength Meter in WooCommerce?

How to Add Password Strength Meter in WooCommerce?

Stop saying VPN’s will protect your internet searches from being seen.

3 Reasons your email server is a ticking time bomb!

Shib Coin Daily 5/29/2022

7 Most Common Type Of Cyber Attacks

Most Common Type Of Cyber Attacks

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
THE NEURO DIVERGENT HACKER

THE NEURO DIVERGENT HACKER

Short stories about my journey in Information Security | Penetration Testing and perspective of a Neuro Divergent Hacker.

More from Medium

Week 1: Introduction

PNPT Writeup/Review

Learning How To Ethical Hack: Step 4 — Sign up for PEN-200 OSCP Certification Course

Cyber Security, IT and Other Success Stories