The OSCP Exam is Changing!

Поділитися
Вставка
  • Опубліковано 23 гру 2024

КОМЕНТАРІ •

  • @iSgapetti
    @iSgapetti 3 місяці тому +1

    Hopefully the + version doesn’t become too mainstream (for HR specifically). Having to sit through this 48 hr exam every 3 years will not be feasible for a lot of people just to have the + version.

    • @hexdump1337
      @hexdump1337  3 місяці тому

      Yeah noway, it is way too big of an investment.
      I think it only makes sense in specific scenarios where the company needs you to have this cert for compliance and they are willing to pay you to renew the cert everytime.
      And I have no clue how common these cases are.

  • @tigerx2069
    @tigerx2069 13 днів тому

    Ciao hex, fra poco vorrei acquistare il ticket per l esame oscp+, dopo mesi di preparazione, solo che ho paura di buttare 1600€, sapresti per caso indicarmi macchine di hackthebox simil oscp da provare prima? Grazie mille in anticipo

    • @hexdump1337
      @hexdump1337  12 днів тому

      Una lista famosa è quella di TJ Null, disponibile qui: docs.google.com/spreadsheets/u/1/d/1dwSMIAPIam0PuRBkCiDI88pU3yzrqqHkDtBngUHNCw8/htmlview?pli=1#
      Detto questo, considera che quando compri il corso hai anche accesso ai challenge labs (sono sei, 3 di simulazione esame e 3 generali), e quelli sono molto utili per capire il proprio livello di preparazione.
      Concentrarsi troppo su HTB paradossalmente aiuta poco, perché in HTB le macchine sono tendenzialmente più difficili. Quindi poi provi a fare cose troppo complesse e ti confondi

  • @jardani-jovonovich
    @jardani-jovonovich 3 місяці тому +2

    What is the difference between the local.txt and proof.txt? Is local.txt gain the limited shell without root acces? and proof.txt is able to escalate the privilege to got the root access, Is it correct sir?

    • @hexdump1337
      @hexdump1337  3 місяці тому

      Yes, these are files present within the filesystem of the machine. The first one, local.txt, is a file that you can access with low-privileged users (say, alice), while the second one, root.txt, is only accessed with a user with administrative privileges. In linux this is the root account, in windows is the administrator, and in AD windows is the domain admin account.

  • @lebs
    @lebs 3 місяці тому +1

    Hi! If one has gained 10 bonus points already, do you recommend to schedule the exam before or after 1. Nov?

    • @hexdump1337
      @hexdump1337  3 місяці тому +1

      This is a tough call to make honestly.
      The question is: will they also make AD a bit harder, or will they keep the same difficulty for AD levels? Because if they keep the same difficulty, then it should be simpler with the new format, since they are effectively removing one step and giving u gradual points for compromise. Consider this: how confident do you feel in AD? because even if you don't feel like 100% confident, if you know a bit of it, you will most likely be able to obtain the first machine, and eventually the second, and that will be like bonus points plus another 10 points.
      At the same time, if you really feel like you can tackle OSCP now, you should not scare yourself and just go for it. Playing too many "mind games" when it comes to the exam can be dangeorus. Just prepare, study well, do a lot of practice, and you will be able to face anything that is thrown at you (also follow my guides if you want eheh)

  • @Zachsnotboard
    @Zachsnotboard 3 місяці тому +1

    I’m surprised they didn’t add cloud stuff like azure and m365 defender

    • @hexdump1337
      @hexdump1337  3 місяці тому

      Yeah feel like oscp is kinda falling behind with respect to the content iself. I mean the stuff they cover is ok, like foundational knowledge in many different contexts (web, linux, windows, AD), however I feel like as of rn it is simply not enough what they cover to actually be professional in the field.

    • @maxfrischdev
      @maxfrischdev 2 місяці тому

      At least OSCP is still WORLD'S (!!) apart from/ better than CeH...
      In the context of both having the name recognition.
      Regarding OSCP "getting old". It's at least still very much useful.
      Tho grossly overpriced 🙈