OU blog

Personal Blogs

my face

day5

Visible to anyone in the world

Family came round, nieces  partners birthday tommorrow so lost several hours while sat outside in the sun, it was warm and everything ... how strange

Almost got the full section for web applications done, theres the final burpsuite module and the 2 accompanying practicles. I could probably read through the slides but looks like you need to follow along to get the most out of them.

So think i will pull an early night to make sure im up with the larks to crack on, in the morning.

In other news i checked out the OU HtB team, about 60% of the members dont have any owns on thier profile at all which is somewhat confusing but they are ranked in the top 20 teams (currently rank 11).

short one today, night night


Permalink Add your comment
Share post
my face

day 4 wriiten on 5

Visible to anyone in the world

This is becoming a habit, writting the day after, bu still writing so improvments have been made right?

need to update my C.V. abilities: massivley over estimates study ability and expected length of concentration.... that will help get a job right?

I did the whole networking section leaving just the web application section to go until this module/section is finished. Guess i wont be finishing the course this easter weekend.

Still work and progress are coming, also went back and finished hackthebox Lame, the metasploit shell stopped working so spent hours tryign to get in with smb and then pivot but none of the commands i could find,(even checked guides) worked but then stumbled acress the fix for metaploit.

Setting LHOSTS to ton0 instead of the leaving it at default self set or manually entering the vpn ip and hey presto it worked again. Got the user flag this time to finish the box as i got root last time and didnt realise i needed user as well.

Also the OU has a hackthebox team and cyber secuirty club thing going on will have to look into this.

More coffee and lets go learn http protocol stuf and burp suite.

Permalink Add your comment
Share post
my face

day 3... well 4 .. bit still 3

Visible to anyone in the world

Ok technically its day4, but i was tired so went to watch a film in bed instead of writting last night.

After a day full of much youtube procrastination and new episodes of "hawk and winter soldier" and "for all mankind" we managed to achieve complete the pen test section at the bottom, finishing the intro section at the top and about half of the networking section.

Also realised my youtube feed is full of 'shorts' weirdly this happened before ever looking at any of them, spiffingbrit warned us about this in one of his total fair and balanced videos .....

anyway need to go study more networky stuff, see if i can finish the pen test prerequisites today and start the actual penetration testing section tommorrow, which will leave us the scripting section to do at our leisure.

study time ^_^


Permalink Add your comment
Share post
my face

day2 ...uhh work

Visible to anyone in the world

First day back at work after nearly 2 weeks off to study.

Work was good but kinda tired today so slacked a lot, unfortunatley. Dont think i could handle any heavy technical sections of anything so covered the binary/hex maths section of INE's Penetration Testing Prerequisites.

As I'm terrible for skipping note taking as it just seems to take forever writting them, a new tract of using digital notes organsied with Cherry Tree is underway. While written notes are better for recall than typed the time differance is just to harsh a penalty. Set up the section and subsections for the pen test life cycle and have covered a chunk of that module making notes as i go. Pretty nice that you can break subjects down it to chapters and subchapters to make specific sections easy to find.

Think this will be all for today, screw around on cybersec twitter and get a few more subsections of pen test life cycle chapter done.

But 4 days off again (thanks bankholidays) so with a little effort i may be able to cover most or all of the INE pentester course and be ready'ish for the eJPT over this weekend. If time is an issue I can skip some of the programming in the middle module of the course as it is not required to pass eJPT. Bash and python will be a lot more useful than c++ in hackifying things anyway so can come back for the c++ lessons later if need be.

Early start tommorrow and see how far i can push before my brain tries escaping.


Permalink Add your comment
Share post
my face

dumbassery of all challenges

Visible to anyone in the world

Ok, i really dont like writting especially blog type deals

However i need to start getting used to it so go with something free and easy to use, hey presto thanks OU.

So having recently swapped degrees to cyber sec for the funsies i find myself with nothing to do until October. Being generally idiotic and bored I decided to jam as many cybersec course as i could into the timeframe possible. Starting with the Cisco cyber-ops associate, as open-learn has a nice free course (GICAST) that if you pass with a score of 70%+ you get a near 50% discount voucher for the 200-201 exam ^_^

Finished the course today and scored over 70%, not by a margin i'm anywhere near proud of but hey, made it and thats the important part right now. Now I have to wait for the score to come back for the practicle assesment which was full of siem work using ELSA which wasn't taught in the course >_<.

So heres where the dumbassery and challenge comes in, 6 months and 5 days until the 6th Oct start date, 6 months to pass the eJPT by INE using thier wonderful free training then with a premium account on hack-the-box a list of boxes to hack to train for the OSCP from TJ_null and the youtube channel of ippsec we are attempting to go 0 to OSCP in 6 months.

While gaining a few other needed certs for blue teaming (cybrops 200-201, splunk, ndg linux essentials) training in blueteam on rangeforce (90% discount for studnets btw go grab it) and blogging about the whole thing becasue it just might force me to try harder, can't really be typing "today i just watched random pointless stuff on youtube" that would just get embarassing fast

so yeah challenge set 6 months to do

Cisco cybrops 200-201
eJPT
OSCP
Splunk user cert
Ndg Linux essentials

and blog about the whole thing, guess I reall am an idiot ^_^


TJ_Null's OSCP style practice box list
(https://docs.google.com/spreadsheets/d/1dwSMIAPIam0PuRBkCiDI88pU3yzrqqHkDtBngUHNCw8/edit#gid=1839402159)

Permalink
Share post

This blog might contain posts that are only visible to logged-in users, or where only logged-in users can comment. If you have an account on the system, please log in for full access.

Total visits to this blog: 120