Last month, we resumed our journey through the treasure trove of skills and techniques that are required to gain the internationally recognised Offensive Security Certified Professional (OSCP) certification.
The OCSP training and exam typically covers the below topics:
- Kali Linux Intro (inc command line, common tools and bash scripting)
- Passive and active recon methods
- Finding and understanding vulnerabilities
- Web application attacks (inc OWASP Top 10)
- Buffer overflow attacks
- Client-side attacks
- Working with exploits
- Defence evasion
- Privilege escalation
- Password attacks (inc cracking and brute forcing)
- Port redirection and tunnelling
- Exploitation frameworks
In our November meeting we explored Reconnaisance in all its forms and looked at some typical vunerabilities that can be easily identified. Our cunning plan was to cover both the Passive forms of recon and the more Active forms. However, we were having so much fun and the group was so interactive that we didn't really have a chance to do as much as we wanted.
This month, we will pick up where we left off with active recon and continue into the next topic, which is finding and understanding vulnerabilities.
So, if you are thinking of using your CTF skills and knowledge to gain some industry qualifications, such as OSCP, then feel free to join in with the next Cyber Wales CTF Cluster session.
Link to the event - https://global.gotomeeting.com/join/361623893