Hi there, My name is Ben and I have worked as a Systems Engineer consistently for 10+ years.
It's always been my interest and intention of moving into Cyber Security, It was around 2016 I reached out to my connections on LinkedIn and asked the basic question.. What do I need to get into this Cyber? I recieved a flurry of responses, majority of which were: "Get your OSCP".
Since then I have worked in different areas of Cyber Security, Mostly within Active Directory, Azure and more across Privileged Identity Management and Governance.
In 2021, I started my journey to OSCP by becoming a member of Hack The Box, TryHackMe and HackerOne. I also began blogging on Medium when I wanted to confirm my understanding of the concepts I was working with. I love to teach and I understand that if I can't teach it, then I don't understand it enough.
For anyone intersted in my experience and areas of study prior to OSCP, I hold the following certifications: CCNA, MCSE, VCP-DCV-20, Sec+, Pentest+ & AZ-500 (Azure Security Engineer)
I have watched and read countless videos and articles on best preparation and even experiences and through my own experiences, I have identified the following areas that I believe I need to develop further in:
- Linux OS (I am a Windows guy but have been using Linux for 12m roughly now)
- Programming (I have a basic understanding of various programming languages that stem from studying Java at uni combined with my experiences in using Powershell)
- Privilege escalation in Linux and Windows.
For this I have recently enrolled into TCMs Practical Network Penetration Tester learning path. I'm unsure if I'll take the exam yet but this course covers alot of the areas I have identifed above and go into great depth, I would recommend this highly.
I have a combined study plan amongst HackTheBox, HackerOne, TryHackMe, PortSwigger
Below are the pages of the machines completed and also highlighted as 'like OSCP machines updated for '21'
Updated Boxes for December 2021: |
---|
ScriptKiddie [Linux] |
BreadCrumbs [Windows] |
Armageddon [Linux] |
Love [Windows] |
Knife [Linux] |
Pit [Linux] |
Monitors [Linux] |
Dynstr [Linux] |
PivotAPI [Windows] |
Seal [Linux] |
Intelligence [Windows] |
Pikaboo [Linux] |
APT [Windows] |
Monteverde [Windows] |
I will be attempting to complete as many of these boxes as possible, along with any others currently Active in Hack the box. You can follow my progress here hack-the-box
For experience in Web Applications, I completed 11/26 rooms in the Hackerone CTF program.
I often reference to gain a better understanding of XSS, SQLi and other forms of Web application vulnerabilities and exploits.