The OSCP has been the suggested “go to” certification for penetration testers since I have been in the infosec field; almost been six years as of this writing. At one time, it was the only pen tester certification around. We used to call it the “hacker high school diploma.”

To this day, I still suggest this to budding practitioners. But the question is, with so many other fish in the pen tester certification pond, is the OSCP still worth the effort or are there better options?

This post will examine the OSCP to determine if it is still the most viable entry-level certification for breaking into the ethical hacking field.
​
*Fun fact, the certification was release in 2006 under the name “Offensive Security 101.” 

Server Message Block (SMB) is a service often overlooked by new penetration testers. An unfortunate result given the valuable information and opportunity for a quick initial foothold on a network. Do yourself a favor and don’t make this mistake as a budding hacker.
​
This blog will act as the first part in the SMB series to cover avenues for enumeration and paths to getting initial access, both applicable to the world of CTF boxes and to real-life penetration testing. Null sessions are one piece that pops up in CTF's consistently and in the real-world every so often.  Regardless, many of the techniques demonstrated here can be used alone or with a limited account. 

Enjoy the blog and let me know your favorite technique to pair with a Null Session.

​The attacker methodology is a fantastic framework for thinking about how attackers go about hacking stuff. You will use it whether you would like to or not during the OSCP process.

The methodology consists of many steps. The first of which is to figure out what you are attacking, aka enumerating ports and services. Many people approach this phase with half-heartedness, jumping on the first clue they find. Contrary to your giddy ego, you probably will not find your way into a system within the first five minutes. Maybe. But chances are slim. 

In this blog post, we will discuss tools and techniques used to gather data on your targets to set up a avenue for additional recon. Another blog posts will cover other types of recon including web applications specifically.

​The OSCP is an animal indeed but it most certainly can be conquered. This blog will be an overview of the methodology I used during the labs not necessarily for pen testing projects. I have simplified some of the commands for better understanding. Keep in mind that this is just what I found useful for my style of testing, you can use parts or the whole thing but feel free to color outside the lines with this. Have fun and please send feedback with any improved commands or tricks you find helpful.