- 36
- 17 970
Mike Gropp
Приєднався 25 жов 2013
Hacking away...
Pentesters, Learn WPScan!
#cybersecurity #pentesting #oscp
In this video, I share my experience with WPScan on a real-world engagement as well as how to effectively use WPScan
In this video, I share my experience with WPScan on a real-world engagement as well as how to effectively use WPScan
Переглядів: 562
Відео
How NOT to get Mad 😤 and Discouraged 😞 as a Pen Tester
Переглядів 2305 місяців тому
My personal thoughts on how I keep my head straight 😊 #cybersecurity #pentesting #oscp
OSCP: From FAIL to FULL points - My Top 20 Tips
Переглядів 16 тис.5 місяців тому
On February 4, 2024, I FAILED the OSCP with a score of 60. On March 20, 2024, I PASSED! I not only passed, I fully compromised every machine. In this video, I share my top 20 tips that helped me go from FAIL to FULL points. These are tips I slowly gathered over 6 months of studying for the OSCP, including the time between my first and second attempt #cybersecurity #oscp #pentesting
Cybersecurity awareness never ends! (Cyber Security Tip)
Переглядів 1110 місяців тому
Cybersecurity awareness never ends! (Cyber Security Tip)
Check your credit report regularly (Cyber Security Tip)
Переглядів 410 місяців тому
Check your credit report regularly (Cyber Security Tip)
Easily check if you have been compromised (Cyber Security Tip)
Переглядів 1110 місяців тому
www.haveibeenpwned.com
Use your own device (Cyber Security Tip)
Переглядів 1410 місяців тому
Use your own device (Cyber Security Tip)
Don't use unofficial software (Cyber Security Tip)
Переглядів 610 місяців тому
Don't use unofficial software (Cyber Security Tip)
Does that device need internet connectivity? (Cyber Security Tip)
Переглядів 310 місяців тому
Does that device need internet connectivity? (Cyber Security Tip)
Check & Use Social Media Privacy Options (Cyber Security Tip)
Переглядів 510 місяців тому
Check & Use Social Media Privacy Options (Cyber Security Tip)
Cover Your Webcam (Cyber Security Tip)
Переглядів 410 місяців тому
Cover Your Webcam (Cyber Security Tip)
Targeted vs Non-targeted Cyber Attacks (Cyber Secutity Tip)
Переглядів 13211 місяців тому
Targeted vs Non-targeted Cyber Attacks (Cyber Secutity Tip)
Don't use unknown cords, USB outlets, or devices (Cyber Security Tip)
Переглядів 511 місяців тому
Don't use unknown cords, USB outlets, or devices (Cyber Security Tip)
Don't Believe "It Can't Happen to Me" (Cyber Security Tip)
Переглядів 211 місяців тому
Don't Believe "It Can't Happen to Me" (Cyber Security Tip)
Listen to your gut, but don't trust it (Cyber Security Tip)
Переглядів 311 місяців тому
Listen to your gut, but don't trust it (Cyber Security Tip)
Use a firewall and antivirus (Cyber Security Tip)
Переглядів 211 місяців тому
Use a firewall and antivirus (Cyber Security Tip)
Use a throw-away e-mail account (Cyber Security Tip)
Переглядів 511 місяців тому
Use a throw-away e-mail account (Cyber Security Tip)
Use a VPN when using public Wi-Fi (Cyber Security Tip)
Переглядів 611 місяців тому
Use a VPN when using public Wi-Fi (Cyber Security Tip)
Avoid public Wi-Fi (Cyber Security Tip)
Переглядів 311 місяців тому
Avoid public Wi-Fi (Cyber Security Tip)
Backup your data (Cyber Security Tip)
Переглядів 311 місяців тому
Backup your data (Cyber Security Tip)
Your Security Can Always Be Better (Cyber Security Tip)
Переглядів 411 місяців тому
Your Security Can Always Be Better (Cyber Security Tip)
Stay up-to-date. Patch patch patch! (Cyber Security Tip)
Переглядів 511 місяців тому
Stay up-to-date. Patch patch patch! (Cyber Security Tip)
Don't share Personal Identifying Information on social media (Cyber Security Tip)
Переглядів 411 місяців тому
Don't share Personal Identifying Information on social media (Cyber Security Tip)
Use official communication channels only (Cyber Security Tip)
Переглядів 211 місяців тому
Use official communication channels only (Cyber Security Tip)
Never give out your 2FA codes (Cyber Security Tip)
Переглядів 811 місяців тому
Never give out your 2FA codes (Cyber Security Tip)
🛑STOP🛑 Using Your Cell Phone # for 2FA (Cyber Security Tip)
Переглядів 4111 місяців тому
🛑STOP🛑 Using Your Cell Phone # for 2FA (Cyber Security Tip)
Use Two-Factor Authentication (Cyber Security Tip)
Переглядів 611 місяців тому
Use Two-Factor Authentication (Cyber Security Tip)
Do NOT use a 'LAZY' Password (Cyber Security Tip)
Переглядів 3011 місяців тому
Do NOT use a 'LAZY' Password (Cyber Security Tip)
- "I want to learn these skills so I can be an outstanding pentester" - Best tip EVER!. Thanks Bro
Thank you so much
Always Thx Mike! Its video has a super positive energy! when i start to practice about OSCP study contents, I often watch this video. Maybe I almost watched this video more than 5 times!!
I'm so glad to hear that! Let me know when you pass so I can wish you congrats!
Nice information ❤
Dude once I have a daughter or a son I'll call them Enumerate. So I never forget do Enumerate over and over again. Enumerate ! did you do your home work? Enumerate ! I said no already. Enumerate! I told your mon you were grounded 😂
😂😂😂 If it's a boy a Scottish first name 'Euan' and middle name 'Nate?' It's not 'enumerate', but it sounds close enough, it may remind you 😉
@@mikegropp kkkkkkkkkkk cool idea hehe
Bang on
Thank you!
Guys, if anyone is currently practsing OSCP labs, pls connect let's learn together
....or do you have like notes you follow with step by step "if this doesnt work try this" that you could and wouldnt mind sharing now that ur done with the OSCP
I wish some of this advice was more practical rather than mindset related, like can you record urself beating a OSCP-level machine, seeing your whole methodology and process in realtime would help a billion
congrtz buddy, I just purchased the exam and preparation goin on. This video really felt useful and motivating me af
You got this!
Thanks for the guidance. Appreciate the candid feedback.
You've earned a sub sir. I have a request: please make a video about note-taking during practice and exams, and how to write an exam report. It would be helpful if you use a machine to demonstrate. Thank you.
Hey mike, I am preparing for OSCP. I have a doubt regarding 10 bonus points; It says "To receive ten (10) bonus points, you must submit at least 80% of the correct solutions for every lab in the PEN-200 course and submit 30 correct proof.txt hashes from challenge labs". But for the 30 correct proof.txt hashes which challenge labs we have to use ? PG Practice, PG Play or anyone ?
The 30 correct proof.txt hashes are from the Challenge Labs only. OSCP A, B, C, Medtech, etc.
@@mikegropp Got it. Thanks a lot.
Your video is a great motivation for me. Thank you so much for creating such motivating and informative
Thank you!
Thank you very much for sharing this valuable Information, I have my OSCP exam on 12th july , I hope i will exploit all the machine. This video was very helpful 🙂 for me.Thanks for sharing your experience and mistakes. It's true we learn from our mistakes and others experience may be give us some more good ideas to tackle the problem in different ways. Overall I will come back in the video after passing my OSCP, wish me best of luck 🤞.
Good luck! Let me know how you do!
Finally it happened, I successfully passed the OSCP exam on the first attempt. Thank you for your amazing video, it's really helped me in hard times. ❤️
@@Cybernixlabs Congrats!! Well done! 🎉🎉🎉🎉
Hey Mike! I was looking for last minute tips to practice for next 15-20 days and then I found your video which is absolute gem!! Thank you so much for this well described video, this will be really helpful for my exam which I have booked for 13th July and I'll practice as you advised for the remaining days. Also congratulations to you, you have done a great job! I want to ask a small doubt regarding report, did you prepare your own report format or have used the one provided by offsec?
Thank you! To keep it simple I used the Offsec format as the format for my report. Best of luck on your exam in a few weeks! Let me know how you do!
@@mikegropp Cool! I’m also thinking to use their given report template. I’ll definitely let you know the result.
Video is honest, sincere and (in my opinion) one of the most helpful UA-cam content on the topic of [mindset & attitude calibration] + [tips on physical preparation] for the OSCP exam. Thank you Mike for the creation of this amazing video!!🎉
Wow, thank you!!!
Thanks for your video can you tell how to start preparation?
The PEN-200 course is a great place to start.
Man, The way you explain things is so awesome. Thank you for this amazing video. ❤ I am preparing for the OSCP , one question is in my mind is that what platform u used to make notes? I have passed the CEH Master and for that I took my notes on Github.
Thank you! I use Obsidian. Good luck!
@@mikegropp Thank you Mike
Do you think it might be a good idea to go for the OSCP as my first cert? Is it a good goal, or would it be better to get some entry level cert first?
Depends on your background. If you have no IT or cybersecurity background, but are dead-set on becoming a pen tester, the PEN-100 course is a good start. I think you get access to it along with PEN-200.
Do you think learning material from CCNA is necessary? Or how much networking is actually good to know?
It depends on your background. I am mostly self-taught. I have not taken any official courses or acquired any official certs related to networking but I have done a lot of self-study.
those tips are a treasure i can see experience in between them and not only specific for OCSP it for pentest , Buy bounty if use those tips 100% you find something , thank you so much
Thank you, Yassine!
This is one of the Best OSCP Tips videos I have seen. Thanks!
Thank you! I'd be honored if you shared it with your network 🛜
24 min kinda long for WPScan
any tips on finding those discord channels?
The official Offsec discord channel is a good place to start.
Loved the video! I was in the same boat, I failed with 60 points. I got the 10 bonus points. I completed the AD set and got a shell on 1 stand alone. BUT!!! because I sucked at priv esc I spent way too long on trying to move forward before trying something else. I started on another machine and after hours of trying other things I found the path forward...so to speak. I found how it was vulnerable but the method I was using to exploit it were wrong...but close. After failing I've been doing almost nothing but priv esc and trying to get better at different web app attacks. I re-organized my notes BECAUSE the way to exploit the machine was actually buried in my 1GB note file. I felt kinda dumb for not even looking but I'm fixing it now and I feel pretty confident about my next attempt, especially after watching this. This helps!
Thanks for sharing! Good luck on your next attempt!
Which level did you solve in pg labs? intermadiate, easy etc?
I did a mix of easy, intermediate, and hard. Google "TJ Null list" for a list of most of the labs I did.
But honestly did you sell a kidney to get a exam like that twice? I mean the reason i don't take it is because of the insane price.
It's all perspective on what you will do with what you learn. I made more on my first pentest after the OSCP than I spent on the OSCP, so it's already worth it for me.
Love the videos I’m always looking to learn. Have been using Wpscan a lot in ctf’s lately
Thanks! Yes, WP is pretty common in the wild and on CTFs.
Very cool thanks.
Cheers!
Thank you. How long did you spend time for studying on tutorials? Or focus on labs?
I spent about 3 months to study all the materials and get ~37 flags from the challenge labs for my first attempt. After my first attempt, I did ~25 PG Practice labs as well as the Tiberius Windows + Linux Privesc micro courses.
Can you let me know how's tcm Security Courses are?? compared to other certifications.
I haven't taken a TCM course yet so I can't comment.
@@mikegropp I see. Thank you for carving out some time for replying me back
Excellent video bro 👌
Thank you!
Loved it!
Thank you!
Thank you
Thank you, starting the OSCP 90 day course at the end of the month
Good luck!
Me too. Study buddy?
I work in support IT but this was fascinating! Nice video Mike!
Cool, thanks!
Great video
Thanks!
Waiting for that new series !!!
really great tips. many of these are good tips for hacking in general or other cert exams like CRTP
Thank you! Definitely!
Thank you, I’m working on becoming a pen tester hope to be on your level in the future.
THANK YOU
Glad you liked it!
My exam's in a few days. Thank you for these tips
Good luck!
Please make a video on how did you practice before the exam!! All the labs that you did
best video for OSCP tips. thank you
Thank you, Mostafa!
Congratulations !! I will be giving exam in two months what about Active Directory is it easy or difficult ??
Not easy, but very doable if you prepare well.
@@mikegroppthanks I will prepare very well !!!❤
AHAHAHHAHAHAH BERLIN
Great video. I'm preparing for OSCP at present.
Thank you! Good luck on the OSCP!
congratulations! Im taking mine this coming friday... and I'm feeling unprepared. =/
You got this!
What is the result now?
@@alihussainzada3392 I failed🤣