Toru

Master's in Cyber Security, CompTIA's Security+, CEH, OSCP(in progress)

My OSCP Journey

Like everyone else, I started watching walkthrough videos and reading blog posts in the beginning to familiarize myself with methodologies while taking detailed notes and follow along with them with my Kali Linux machine.

– Hack the box write-ups

PEN-200 Labs

–

18 boxes completed as of 03/26/2022
–

Besides working on lab machines, I've learned some core penetration testing methodologies. Below is not the complete list but the summary of the learning progress.

Port scanning with Nmap
Directory busting with gobuster/dirsearch
HTTP enumeration with Nikto and CMS scanning tools such as WPscan
SMB enumeration
Active Directory enumeration and attacks using popular tools like mimikatz and powerview, obtaining domain controller's kerberos tickets and cracking them offline to access it.
Cracking passwords with patator/john
Creating malicious executables with msfvenom
PHP command injection
Exploitation with Powersploit
SQL injection (Union attacks, login bypass)
LFI/RFI
Using Burpsuite to observe network traffics and brute force logins
Privilege Escalation techniques such as spawning a tty shell/utilizing GTFO bins to get root shells/cross compiling exploits/modifying and exploiting cron jobs)
Various Antivirus evasion techniques
Finding public exploits for vulnerable services, modifying them if needed to exploit machines
Buffer Overflow exploitation
Transferring files between Kali and the Target using different techniques

Web Application Penetration Testing

While getting ready for OSCP, I discovered that I was interested in the particular filed. Here's some of the resourced I've used to educate myself on the topic.

PortSwigger's Academy

SQL injection (login bypass, UNION attack for different database types)
XSS(Reflected, Stored, DOM)
CSRF

The WAHH

I'm in the middle of going through The Web Application Hacker's Handbook while I go through PortSwigger's web academy.

Bugcrowd University

Bugcrowd has youtube videos on some basic Web App pentesting methods.
Some topics covered were Burp Suite, Broken Access Control Testing, XSS, How to make a good bug submission.

Udemy Courses Completed

I understand taking courses is not the same as having experience, but I do believe you have to start from somewhere.

1. Heath Adam's Practical Ethical Hacking - The Complete Course

I learned the basics of Penetration Testing with this course. It covered

Effective Notekeeping for pen testing.
Linux & basic of bash scripting
5 stages of Penetration Testing
10 vulnerable boxes walk through with Hack The Box.
Active Directory exploitation (built my own lab environment)
Web application penetration testing(SQL injection, XSS. etc.)
Wireless attacks
Buffer Overflow basics

learn more

2. z Security's Learn Python & Ethical Hacking from Scratch

Programs built with this course on Python:

mac_changer - changes MAC Address to anything we want.
network_scanner - scans network and discovers the IP and MAC address of all connected clients.
arp_spoofer - runs an arp spoofing attack to redirect the flow of packets in the network allowing us to intercept data.
packet_sniffer - filters intercepted data and shows usernames, passwords, visited links ....etc
dns_spoofer - redirects DNS requests, eg: redirects requests to from one domain to another.
file_interceptor - replaces intercepted files with any file we want.
code_injector - injects code in intercepted HTML pages.
arpspoof_detector - detects ARP spoofing attacks.
execute_command payload - executes a system command on the computer it gets executed on.
download_execute_and_report payload - downloads a file, executes it, and reports result by email.
reverse_backdoor - gives remote control over the system it gets executed on, allows us toAccess file system.
Execute system commands.
Download & upload files
keylogger - records key-strikes and sends them to us by email.
crawler - discovers hidden paths on a target website.
discover_subdomains - discovers subdomains on target website.
spider - maps the whole target website and discovers all files, directories and links.
guess_login - runs a wordlist attack to guess login information.
vulnerability_scanner - scans a target website for weaknesses and produces a report with all findings.

3.Other Coding Related Courses

BLOG

I post CTF Walkthroughs and OSCP Preparation Content.

Check out my blog!

Cyber Security Projects

I believe in learning by doing.

Created a PiVPN with a Raspberry Pi
Overthewire's Bandit(Learned Linux Commands)
Directory busting with a dirbuster
Created Windows Firewall Rules
Wrote a Password Generator Program with Python
The information Gathering Project

I want to stay in touch with you! Follow me on social media!

Toru

Master's in Cybersecurity and Information Assurance

Class of 2021

Obtained Skills Through the Degree

Certifications

My OSCP Journey

Check out the CTF boxes I've completed so far here

My extensive Pentesting notes can be found here

Web Application Penetration Testing

PortSwigger's Academy

The WAHH

Bugcrowd University

Udemy Courses Completed

BLOG

Cyber Security Projects

I believe in learning by doing.

Toru

Master's in Cybersecurity and Information Assurance

Class of 2021

Obtained Skills Through the Degree

Certifications

My OSCP Journey

​Check out the CTF boxes I've completed so far here My extensive Pentesting notes can be found here

Web Application Penetration Testing

PortSwigger's Academy

The WAHH

Bugcrowd University

Udemy Courses Completed

BLOG

Cyber Security Projects

I believe in learning by doing.

Check out the CTF boxes I've completed so far here

My extensive Pentesting notes can be found here