Recently I signed up for the Penetration Testing with Kali Linux training offered by Offensive Security. The course itself details various penetration testing concepts and consists of a training PDF, hours of guided video, technical exercises to complete, and a robust lab environment to practice different types of exploitation. I already have a career in IT and the security space, but I wanted to ensure my skillset remains up to date and the PWK course seemed to be a perfect candidate.

The Good

The Penetration Testing With Kali Linux training course and OSCP **certification is unlike any I’ve pursued prior. While most IT training courses consist of “study for two weeks and take an exam in a shared testing room”, the PWK course is a different beast entirely. Going in to the course I had my Security+, Certified Ethical Hacker certification, and a strong ITIL background in system administration and architecture. Despite my prior learning, the technical skills and methodology taught in the course is something I wish I had 20 years ago — when I was just a young man hacking away in Visual Basic 6 (vb6.exe!).

The lab network itself is a robust amalgamation of exploitable software, web applications, a well-thought out corporate narrative, and even a few easter eggs. While some low hanging fruit is offered in the form of Windows 2000 and Windows XP boxes, harder challenges persist on lab servers aptly named as SUFFERANCE, PAIN, and HUMBLE. After completing the PDF exercises and watching all the video content I can say the lab network itself is where the course shines. Techniques like local and remote file inclusion, SQL injection, pivoting through networks, privilege escalation, and simple buffer overflow are all covered in depth.

One thing I feel that has been the most beneficial to me through out my training is learning the difference between the types of shells, staging policies, and how different code bases may affect desired results. With the skillset I’ve gained from the training I feel that I can approach any penetration test and feel relatively comfortable writing my own scripts, enumerating, and exploiting servers.

The Bad

The training course requires a great deal of time, effort, and self-dedication. I purchased 60 days of lab time and it’s been a great effort on my part to feel like I’m putting in the time and research needed — all while progressing my career, operating as a Director for two separate IT departments, maintaining a healthy relationship, taking care of two pets, looking for a new residence to live, and whatever other issues of the day/week occur.

I’ve heard war stories from fellow students that have had to re-up their lab time due to life commitments and others that have had to attempt the final exam multiple times. Depending on your pace you may root 3 or 4 boxes in one night, but spend the next 3 days with your head on the desk chipping away at a single server.

Sometimes you’ll think all is lost, but then something like this happens

The Other

The final exam for the course itself is a 24 hour hack session in a totally new network. I’m not looking forward to the lack of sleep and increased consumption of sugary energy drinks, but I’ve pulled all nighters working on code and problems prior and I feel that I can still do it while approaching middle age. I will definitely miss the lab network and the challenges I pursued while taking this training.

I have to say hats off to Offensive Security for designing a course that’s fun, challenging, and reinforces a lot of the penetration testing methodology that one should know. I’ll be taking my final exam in a few weeks at which point I’ll post another review detailing the last half of my experience in the course.

Note This content was originally posted at https://medium.com/@forwardsecrecy/oscp-half-way-review-c27f3e04bcbb and is being re-hosted here for archival purposes.