Hi there, My name is Ben and I have worked as a Systems Engineer consistently for 10+ years.
It's always been my interest and intention of moving into Cyber Security, It was around 2016 I reached out to my connections on LinkedIn and asked the basic question.. What do I need to get into this Cyber? I recieved a flurry of responses, majority of which were: "Get your OSCP".
Since then I have worked in different areas of Cyber Security, Mostly within Active Directory, Azure and more across Privileged Identity Management and Governance.
In 2021, I started my journey to OSCP by becoming a member of Hack The Box, TryHackMe and HackerOne. I also began blogging on Medium when I wanted to confirm my understanding of the concepts I was working with. I love to teach and I understand that if I can't teach it, then I don't understand it enough.
For anyone intersted in my experience and areas of study prior to OSCP, I hold the following certifications: CCNA, MCSE, VCP-DCV-20, Sec+, Pentest+ & AZ-500 (Azure Security Engineer)
I have watched and read countless videos and articles on best preparation and even experiences and through my own experiences, I have identified the following areas that I believe I need to develop further in:
- Linux OS (I am a Windows guy but have been using Linux for 12m roughly now)
- Programming (I have a basic understanding of various programming languages that stem from studying Java at uni combined with my experiences in using Powershell)
- Privilege escalation in Linux and Windows.
For this I have recently enrolled into TCMs Practical Network Penetration Tester learning path. I'm unsure if I'll take the exam yet but this course covers alot of the areas I have identifed above and go into great depth, I would recommend this highly.
I have a combined study plan amongst HackTheBox, HackerOne, TryHackMe, PortSwigger
Below are the pages of the machines completed and also highlighted as 'like OSCP machines updated for '21'
| Updated Boxes for December 2021: |
|---|
| ScriptKiddie [Linux] |
| BreadCrumbs [Windows] |
| Armageddon [Linux] |
| Love [Windows] |
| Knife [Linux] |
| Pit [Linux] |
| Monitors [Linux] |
| Dynstr [Linux] |
| PivotAPI [Windows] |
| Seal [Linux] |
| Intelligence [Windows] |
| Pikaboo [Linux] |
| APT [Windows] |
| Monteverde [Windows] |
I will be attempting to complete as many of these boxes as possible, along with any others currently Active in Hack the box. You can follow my progress here hack-the-box
For experience in Web Applications, I completed 11/26 rooms in the Hackerone CTF program.
I often reference to gain a better understanding of XSS, SQLi and other forms of Web application vulnerabilities and exploits.
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent