​This morning I was in TryHackMe trying out the Wonderland series for the first time. I came across a common use case with web enumeration and thought that it would make a great blog post. Directory bruteforcing is what I’m talking about. It’s a common task we come across when testing web applications. But how many times have you been like I wish I could do this recursively? I know I feel this way every time I use my favorite tool, GoBuster. The tool is just so fast I can’t imagine using anything else. Well the good news is there are a couple of other tools on the block you should consider. In this post I will be talking about Feroxbuster. 

Tons of stuff going on in the last couple of months. Here is my monthly(ish) update.

The OSCP has been the suggested “go to” certification for penetration testers since I have been in the infosec field; almost been six years as of this writing. At one time, it was the only pen tester certification around. We used to call it the “hacker high school diploma.”

To this day, I still suggest this to budding practitioners. But the question is, with so many other fish in the pen tester certification pond, is the OSCP still worth the effort or are there better options?

This post will examine the OSCP to determine if it is still the most viable entry-level certification for breaking into the ethical hacking field.
​
*Fun fact, the certification was release in 2006 under the name “Offensive Security 101.”