Since doing the Advent of Cyber 2 event on TryHackme in December 2020, my interest in cybersecurity was well and truly sparked. In the following year I spent countless hours learning about various different skills, exploits and techniques in an effort to become proficient at penetration testing. My main goal eventually is to achieve the Offensive Security Certified Professional, or OSCP certification. This certification is an entry-level one that seems to be the industry standard for anyone looking to get into ethical hacking or penetration testing.
The resources I've used the most to help hone and improve my skills have been TryHackMe, HackTheBox and more recently the Offensive Security proving grounds.
At the time of writing I have completed a total of 175 rooms on TryHackMe and am currently ranked 1781 on the site, which is in the top 1%. The rooms I've completed on TryHackMe have been a mixture of tutorial style rooms where I've learned techniques such as enumeration, privilege escalation, buffer overflow exploits and web application vulnerability testing, and also capture the flag (CTF) rooms where I've successfully managed to hack into and gain administrator/root privileges on various servers without any guidance.
These rooms have been a fantastic starting place and have helped me learn the basics and the overall methodology behind basic penetration testing.
I have been less active on HackTheBox than TryHackMe. I signed up to HTB with a more specific purpose. There is a list of HTB boxes that are said to be really good practice for the OSCP exam. I signed up to HTB with the goal of completing these boxes.
Of these boxes I have completed the following:
My goal for next year is to have a go at some of the more difficult boxes on HTB and to improve my enumeration skills. I have found the HTB boxes to be a tad more difficult than the rooms found on TryHackMe, or at the very least a little more realistic.
In December of 2021 I signed up to the Offensive Security Proving Grounds in order to get an idea of how ready I am to sit the OSCP exam. The proving grounds contain some retired former OSCP exam machines, so this is a really valuable resource.
Unfortunately my experience with the product has been less than ideal, with VPN issues and web GUI performance problems. That being said, when it has worked it has been very eye-opening.
I have learned that my enumeration skills need to be improved. I feel like the proving grounds have much more realistic machines available and it will really help me level up before I take the plunge and go for the OSCP.
Capture the Flag (CTF)
I attended the Norway Developer Conference (NDC) in Oslo in December last year and took part in a Where's the Flag (WTF) event hosted by DNB. I was in the lead after the first day, but ended up in 2nd place overall. This event was really good fun and contained a lot of different types of challenges. There was encryption, web, exploits, coding and physical challenges. I became a bit obsessed with it and spent a lot of time trying to find the necessary 300 points to get the lead, but in the end I just ran out of time. It still bugs me a little bit that I never found out what I was doing wrong with the 3 challenges I focused on.
I did actually manage to find a weakness in the sign-up process for the event itself though, which was not part of the challenge. This allowed me to create any number of fake users on the leaderboard, with any name, valid or not. The event was supposed to allow sign-up only with a valid Google account, however I found a way to buypass this. I of course notified the creator of the event, who was thankful for my feedback.
It's difficult to know what the future may hold but I'm hoping to find enough time this year to at least have 1 attempt at obtaining the OSCP certification. That is my goal for 2022 anyway. I also hope to take on more security related responsibilities at my current project at work.
If anyone has any advice or guidance on a better way to approach practicing for the OSCP exam, please feel free to get in touch with me on twitter, @GarethOates.