So if you know me, you know that i have been taking courses and certifications as fast as i can handle/afford. Well a while back i took the PWBv3 course from After alot of pain/studying/hacking/googling and torture from Muts and Subinacls, I finished the course, and took and passed the Exam. Script Alert("Applause"); /script
Well i have finally recieved my Certification in the mail...and if you want to see what it looks like, then there will be a link at the end of the post...So i thought i should give a quick rambling of my thoughts on the course. First, coming into the course your told that you can gain help by talking to folks and fellow students on the IRC channel #offsec. This is true and false... If you have a question about how to gain a shell via XSS or which metasploit exploit to use on a particular box..then my friend you just asked in the wrong channel. You will certainly get either "google it", "try harder", or no reply at all. This can be frustrating, but if you ask for an admin, and are having issues with the course material, or cant connect to a box, etc etc. Then Bolexx, Subinacls, sickn3ss or another admin will have your issues sorted within minutes. I honestly never had to wait more than a minute or two before i was answered and back to hacking.
Also, there is a forum that is private and only open to students, where there is a ton of info, external links, downloads, videos, guides, wiki links, and general student conversation...theres even an entire topic on music suggestions.
Along with the forum/IRC channel, there are the course videos/PDF that i think is over 8 hours of video and 400 pages of offensive-security ninja-fu.
The thing that i loved about this course is simple. I didnt have to setup a pentesting lab at my house, or just learn from the theory explained in the PDFs. Offensive-security provided me with an entire network to attack. Actually a network and three sub-networks. So as i learned new things and new attacks, i had a massive amount of systems to attack. Everything from windows 2k server to win7. I have heard rumor that there are some Macs hidden about, i unfortunately cant confirm this.
The course is extremely well covered. Basically Muts takes you from boot to root. Starting from just booting up backtrack to setting up services locally, to finally taking down services remotely. I would recommend this course to everyone who wants learn a bit about security and alot about yourself. As you will find out how deep down the rabbit hole you will go.
Also, another difference between this course and say CEH. The final exam isnt a 400 question written test. Its a 24 hour, active attack pentest on a network that is totally new to you. Basically, your given 24 hours to exploit a network, and record details of your findings. Just like a real pentest... the documentation is very important. After the 24 hours, you have another 24 hours to organize your data and send in the finding for review/grading. It is said that you Offsec can take up to three days to give your results, but i knew within 14 hours. In fact, i never had to wait long at all for a response from the folks at offsec.
Final thoughts: Anyone interested in being a Pentester, security-researcher, or just want to learn how your facebook or bank account gets hacked, and how to prevent it, should check this course out. Its intense, its pricey, but 100 percent worth it. I would take it again and again. In fact, i have already taken the Wifu course offered by Offensive-security. I will be giving a review of that also, as soon as i get around to it. As promised, here is the link of the certification if you want to see it.
Now go get it for yourself if you want to see it. ^^^ That is all you need to get started.
If you want to test your skills against the offsec team for free, then check this out.
Try your hand at that. and as always, goodnight and goodluck
-g11tch-
No comments:
Post a Comment