My Journey On Achieving The OSCP Certification

Image for post
Image for post
Jerry

Introduction

Welcome to my third article. Today we will be looking at Jerry from HackTheBox. This is a realistic and very easy box. The article will again be similar to my first and second article, because I will provide some more information on the Box and why it is vulnerable. However, the following articles will not give as much information on the different tools that I will be using. You can look this up in my first article of the series. You can find cheat sheets and helpful information on the tools that Kali has to offer. …


My Journey On Achieving The OSCP Certification

Image for post
Image for post
Bastion

Introduction

Welcome to my second article here on Medium. Today we will be looking at Bastion from HackTheBox. This is a rather realistic box in my opinion and it made a lot of fun. This article will be similar to my first article, because I will provide some more information on the Box and why it is vulnerable. However, the following articles will not give as much information on the different tools that I will be using. You can look this up in my first article of the series. You can find cheat sheets and helpful information on the tools that Kali has to offer. This will save some time. …


My Journey On Achieving The OSCP Certification

Image for post
Image for post
Popcorn

Introduction

Some of you must be thinking, not another HTB writeup. But that’s not the case here. Let me elaborate:

My goal is to document my journey on achieving the OSCP Certification. This Medium blog is not the place where you can find a quick writeup for a box. That’s why I don’t want to call this blog series a “writeup”. It’s more of a pentest. You see, as a penetration tester, my regular assessments are different from hacking boxes. The focus does not lie on cracking e.g. a server in the shortest amount of time, using metasploit. It’s much more thorough. Every little abnormality and finding is being noted. Don’t get me wrong, this blog will show you how to exploit the target to get the user.txt and root.txt but it will offer much more information about the target, what vulnerabilities led to root and how to fix these vulnerabilities. A very important part of penetrationtest reports are the recommendations for the client. …

About

Marvin Gerlach

IT Security Consultant at EXXETA AG

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store