“I know not how to aid you, save in the assurance of one of mature age, and much severe experience, that you cannot fail, if you resolutely determine, that you will not. “ ~Abraham Lincoln

“Effort only fully releases its reward after a person refuses to quit.” ~Napoleon Hill

“Ask and keep on asking and it will be given to you; seek and keep on seeking and you will find; knock and keep on knocking and the door will be opened to you” ~Jesus Christ

Why?

In the fall of 2018, I decided to teach myself the art of pen testing. No…I don’t mean sitting at a desk all day, testing BICs, Pentels and Sharpies LOL! I mean: “the practice of testing a computer system, network or web application to find security vulnerabilities that an attacker could exploit.”1 I also elected to test my skills by undertaking the grueling 48hr OSCP exam offered by Offensive Security Inc2 That “48hr” was NOT a typo! A valid question: WHY? Well, to be honest, I needed a challenge after obtaining the coveted CISSP designation the summer before and I heard that the OSCP was hard…so I took it!

How?

I had read that it would be beneficial to get a basic grasp of a programming language and that Python was the best place to start as most exploits3 were written in Python. So, I took a Cybrary course, “python for Security Professionals” by Joe Perry4, followed by “Advanced Penetration Testing” by Georgia Weidman5. On completion of these invaluable courses, I started to look around for a course that would help me prepare for the OSCP. Now, there are a number of other excellent pen testing courses available from vendors such as Virtual Hacking Labs6 , Elearnsecurity7 and Pentester Academy (formerly SecurityTube)8, but I felt that if I wanted to be successful in the exam, I needed to get used to the OSCP way of doing things, so I took the plunge on November 18th 2018 and signed up for the OSCP course9. I joined a couple online forums, asked some preliminary questions and got started. Now, truth be told, I wanted to get fingers to keyboard asap, so I skipped through the course manual and didn’t do the exercises…I found it boring (I heard the February 2020 update is better) and TBH, I just wanted to get to hacking 😁 Well, let’s go see how that worked out for me! 😉

Learning Experience #1

I booked my first exam attempt for April 16th 2019 01:00! Please don’t ask me why…this was sooooooo NOT aligned with my sleep cycle. I got hopped-up on three cans of Red Bull (The last time I’d touched the stuff was Y2K night, 20 yrs ago!) and went for it. It DID NOT go well. I was wired, jumpy, agitated, scatter-brained and definitely NOT in optimal test-taking form! I got paid in kind for skipping the “boring” stuff. I needed 70 points to pass…I got 45. Lessons learned:

  1. Getting wired on three cans of Red Bull…❌don’t do that!

  2. Not paying heed to warning signs that your PC is overheating…until your 9yr-old CPU cooling component fails a half-hour before your exam, causing you to have to resurrect a standby machine…❌don’t do that!

  3. Not excluding your virtual machine folder from your antivirus software… ❌don’t do that!

Eish! It’s a wonder I made it to the end of the exam without resorting to banging my head against a wall! Anyways, 23hrs and 45mins later, I collapsed at the finish line, on the “learning end” of the first exam attempt. 45 wasn’t bad for a first attempt, but I was hungry for that “pass”. I waited out the cooling-off period, determined to give it another shot.

Learning Experience #2

I booked attempt No.2 for 5/21/2019 08:00. I earned a resounding ZERO points! I am not ashamed to say that I cried. How did I achieve such an excellent score? To coin a phrase, I “fell down a rabbit hole”. Something that seemed to be right, wasn’t. I then spent so much time trying to fix the issue that I was too mentally exhausted to concentrate on the remainder of the exam…❌don’t do that! When you’re working through a problem and you hit something that should work but isn’t working, go AFK10, take a break (rest, walk, eat , nap/sleep, play a game etc.) and return to the problem. Anyways, in sports lingo, we’re now Zero for Two.

Learning Experience #3

I booked attempt No.3 for 10/15/2019 12:00. You may have noticed by now that I’ve taken the exam at three different times in the day…❌don’t do that! Find the timeslot that works for you, particularly with regards to your sleep/wake cycle; mine turned out to be between 11AM and 2PM…but I digress. I took some of the lessons from the previous attempts and the thing I got wrong on the 2nd attempt, I got right third time around. However, I’d spent so much time (again) getting it right, I was burned out, scraped half-marks on another item and stumbled out of the ring with 35 points and …yah…Zero for Three.

I really thought I was going to pass this time so I was totally bummed out…OK…depressed. I told friends and family that I was done, that this obviously wasn’t for me and I quit…❌don’t do that! They wouldn’t have any of it! They encouraged me to rest…and go back again! ✔️ Do this! Now I had eight weeks to cool off but now I’m tapped-out financially. A thought dropped into my head, which I took to my wife and then acted upon it. I started a GofundMe campaign and reached out to family, friends and the hacker community to ask if they would consider contributing to cover the costs of my next exam attempt. By God’s grace, I raised enough to fund attempt No.4! Special shout-out to Marcus J Carey (author of Tribe of Hackers), “Darktheli” and my parents for their “above and beyond” support…and thanks to everyone who’s reading this who I forgot supported the campaign. Heck…here’s a nod to those naysayers who said, “Really, dude???”…even you helped! (nod)

Learning Experience #4

Roll on February 6th 2020 14:00 and attempt No.4. I really, really felt like I had it this time…and I did…almost! My wife sat with me for 12hrs of this attempt to ensure I stayed positive, stayed on task, took breaks and stayed hydrated…✔️do this! 24hrs later? 62.5 points, plus 5 bonus points for the lab and exercises (which I completed during the eight-week cooling-off period); 67.5 points in total. 2.5 points away from passing! Dang! 😞

I thought getting ZERO on the 2nd attempt was tough…I’d gotten low marks before on exams, but I’d NEVER EVER got ZERO! However, being 2.5 points short of the mark really sucked. To make matters worse, when I looked back over my exam notes and did some research, I found that I could have gotten the full 100 points, let alone a passing mark of 70! All I needed to do was to find the solution to one problem that I found a half hour AFTER the exam ended and the typo that I found 12 weeks later (when I wasn’t watching the clock and stressing)! Meh. 😞

Well, I’m now Zero for Four BUT I’m determined more than ever to pass! Recent changes in the retake policy doubled the next cool-off period to twelve weeks. I ended up “cooling off” (but definitely not “goofing off”) for twenty-one weeks. The wait was tough but once I stopped whining about it, I leaned into it and invested the time targeting my weaknesses (technically and mentally); preparing to stare down the dragon Kali again.

Learning Experience #5

During the run-up to round 5, I joined Virtual Hacking Labs6; a game-changer! I took out a 6 month subscription on February 25th 2020 and got busy! I also joined @Rowbot’s Discord server, where I currently help out as a co-Admin. I can’t say enough good things about the server. Great community of folks who are eager to shape the future of the game by stretching themselves in new directions, helping others along the way. Check it out! The preceding link was an invite 😁. With much determination, late nights, early mornings and nudges from my compadres when my brain was farting (you know who you are), I completed the VHL Advanced (Red) cert on April 17th. On May 14th, I booked my exam for September 2nd 2020 14:00. With the date set, I turned my attention back to VHL and by May 18th, I had completed the VHL Advanced+ (Blue) cert. Now to hunker down and get set for another stare down with the dragon Kali.

By the end of May, I was going stir crazy. I was so eager to face the Dragon Kali again that I brought the exam forward two months to July 2nd 2020 14:00! Now, instead of having 111 days until the showdown, I only had 49 days to wait! 😁 To be honest, that still felt too long, but it was the earliest slot available. I filled the time assimilating a new approach to a portion of the exam from which I was getting inconsistent results. Big shout out and 👊 to @ZeroDay who helped me to finally get it systematically and repeatedly right, once and for all!

Now, up until this point, I had typed up all my notes in CherryTree11 and also had a 4-inch binder, full of material from many sources. I started to experience stability and corruption issues with CherryTree (probably to do with the size of the file), so I transitioned to MS OneNote. I was had been using OneNote on a daily basis at work so there was no learning curve; it worked well for me. That being said, learning is an evolutionary journey and while listening to an audiobook, I had heard that there is something intangible, yet beneficial about writing stuff down instead of typing 12. I think it was to do with goal setting and actualization…I forget…but I did wonder if it would be helpful in my exam prep, especially with regards to retention and organized thinking. I thought, “What have I go to lose?” and began writing my exam notes by hand…again…and again…and again. Even if there was a single error, I ripped out the page and started again. By exam day, I had a succinct set of handwritten notes that were also tattooed deeply onto my brain!

On July 2nd 14:00, I stepped into the ring…again. I had my notes and I had a plan. The plan was to break the 24hrs into three sessions:

  1. 14:00 to 22:00 - tackle the “easiest” and the “hardest” machines (boxes) first; 50pts by 10PM.

  2. 22:00 to 06:00 - rest and sleep! Yes, you read that right!

  3. 06:00 to 13:45 - grab at least 20 points from the remaining boxes.

What actually happened…

  1. 14:00 to 03:00 - completed the “easiest” box and was half-way in on three others; 57.5 points.

  2. 03:00 to 06:00 - sleep!

  3. 06:00 to 12:45 - completed the three boxes from the night before and completed the 5th.

  4. 12:45 to 13:45 - reviewed 182 screenshots for my report, taking a few more where I saw gaps.

At 13:45, I staggered out, battered and bruised…with 85 points! PASSED! ✔️DO THIS! 👍

BIG Shout-outs to my wife, to @AllanChang, @Darktheli, @kaabigbosuvhl, @rowbot, @0xklaue (since day one bruh!), @Tib3rius (AutoRecon is the beast I ride into battle), @ZeroDay etc…etc…etc. 😁

Now, you can “squirrel” the links! 😁

  1. https://searchsecurity.techtarget.com/definition/penetration-testing ↩︎

  2. https://www.offensive-security.com/pwk-oscp/ ↩︎

  3. https://www.trendmicro.com/vinfo/us/security/definition/exploit ↩︎

  4. https://www.cybrary.it/course/python-security-professionals-archive/ ↩︎

  5. https://www.cybrary.it/course/advanced-penetration-testing/ ↩︎

  6. https://www.virtualhackinglabs.com/ ↩︎

  7. https://www.elearnsecurity.com/course/ ↩︎

  8. https://www.pentesteracademy.com/topics ↩︎

  9. https://www.offensive-security.com/pwk-oscp/ ↩︎

  10. https://www.urbandictionary.com/define.php?term=afk ↩︎

  11. https://www.giuspen.com/cherrytree/ ↩︎

  12. https://effectiviology.com/handwriting-vs-typing-how-to-take-notes/ ↩︎