When you’ve been hearing everywhere that OSCP is ‘so hard’, even by experienced people that do crazy things, and then John “oscp is just the tip of the iceberg... 😐
IMO it becomes less hard. I haven't taken OSCP or OSEP, but I hacked at least one box of every level on hackthebox before the writeups (easy: enough boxes, medium: enough boxes, hard: Zetta, Insane: PlayerTwo) and what I've noticed are two things: 1) It's still crazy hard, but since you're already used to that, it's fine. 2) Sometimes it's not much more difficult, but it just involves an entirely different skill. If you've never done that skill, it feels insanely difficult. For example, with PlayerTwo the final challenge is doing a heap overflow. All you get is the binary, so you also need to know x86-64. If you've never read C and never did x86-64, then the task feels insurmountable. I was simply rusty on C and ok on x86-64. So I knew I could do it and that it'd take me a long time as understanding C (and reading malloc.c) was the predominant skill. Understanding SQLi is completely different to understanding how to do a heap overflow. You could argue it's harder, but a part of it is simply because you've never done it before. For example, the hardest thing I've ever done was to learn x86-64 assembly and C in a course, since those 2 things were seen as prerequisites and I never have seen either of them (I knew Java, lol).
I mean we all knew it that it''s pentester beginner level right? But that what's amazing we'll never get a shortage of challenges :D (I'm on my 2nd Try OSCP) I can't wait to get through all these challenges
@@sharghaas7774 yeah well, I only recently realized that oscp is considered beginner level. I've been studying so hard, dreaming of proudly getting oscp certification, just to find that it is nothing anyway. Probably not even a problem for me, as hard as I try, I always feel like I'm just beginning. I wonder when, and if, I will find myself comfortable in this field. Sometimes I fear like I have made the wrong choice, as I will never be good enough. It is a bit depressing.
@@ShinigamiAnger you're not alone , lol , that's all I can tell you , I'm definitely way behind you , and just maybe .... Older , so you can only imagine how that looks like to me , not to compare it to music production but i remember when I used to launch all that software and see all those knobs and frequencies and dig into audio engineering tutorials and classes how it all looked to me , now ? I do that to get my mind of things , litrally how i know the back of my hand , so to me , i just keep reminding myself how much i would've missed if i quit , and how much I'd regret it , same for Muay Thai to me as well , first leg kick from a pro guy and start Wondering why am I even doing that to myself , hahaha that was harder not to quit , but i didn't , everything has a learning curve , just hang on in there , you'll know when it's too much or not your field , just make sure you're not mixing that with the frustration of the slow progress at the beginning , everything seems to get bigger as you dig in , it only means you're actually learning a lot. Good luck Hope i didn't bore you with the long comment haha it's just that your comment hit home. Had to say something
Obsidian looks very similar to Joplin which is what I've been using. I think Obsidian has a better looking interface. Congrats on getting the OSCE, and thanks for coming to speak at my college a week before your exam.
I used to use Joplin and started looking at Obsidian as a result of this post. I kind of feel like Obsidian is a bit better so far that I've had a chance to try it.
As someone who's currently studying the basics (networks, programming and such) to get in to this line of work, this channel is great. Not only do you get awesome videos like this, you also get videos with pentesting on online resources. The school I'm in prepares for the students to be able to take the CEH cert, which isn't great - but at least it allows you to see pentesting on the horizon and can be a stepping stone into getting real actual certs. Looking forward to the day where I have studied, practiced and studied some more to have OSEP and other certs.
John you have been an inspiration for people getting started! You've been educational and entertaining. Loving the new intro and outro, really been stepping up the game! Keep up the amazing content!
Spoiler alert: John Hammond is just being John Hammond, don't expect anything less. This dude is basically a genius Edit: Oh huge congrats again on the results!
I'm glad I cam across this video. Have not taken any of the offsec certifications but currently taking the ine certifications. I learned alot by just watching your video. Gotta start taking notes using obsidian.
First off, congratulations! Secondly, thanks for this. I was on my way back to OffSec for certs, and this is exactly what I was looking for in terms of what this new cert involved. I'm sold.
Thank you John. I applied recently to OSEP course and I wanted to listen from who already experienced this path. First off, congratulations for how fast you passed this huge challenge. Then I would like to say that I love the passion that transpires from your words and your eyes when you talk about pentesting and hacking. It just makes me want to get up from my bed again and keep studying after a long day passed over the course. And also you well said: the coolest thing that comes out from these experiences are that everything is tangible, security is done effectively, and not spoken in a seminary (thing that I hate). This is in my opinion the biggest value of being a pentester. Thanks again for your valuable contents, my best wishes from Italy 🇮🇹
Big Congratulations to you John ! You walk the talk.. There are not too many people who are knowledgeable, Hands-on, accredited and also Share the knowledge ! InspiringCyberLeader !
Thanks for the insight! I've felt like the OSCP is great for getting your feet wet with pentesting tools and techniques, but isn't a substitute for real-world experience. It's nice to know there's a more advanced course that accounts for the type of security and configurations found in enterprise environments.
I seriously can't tell how much i have learned from this guy. He is extremely talented and more importantly a good person we all got to know. Thank you john and congratulations for the result
That outro volume blew my ears off haha. Amazing video John, I love your passion for security it's encouraging and inspirational. Great job on the review and passing the OSEP. I'm taking the OSCP in May and have been studying too (notes, notes, and more notes). Your suggestions tools/techniques are helping a lot.
Great video! I love how representative this course is for a wide range of different cyber-security roles (started to apply what I've learnt during OSEP in my day-to-day job straightaway). Thanks for the great content and pieces of advice! Will definitely put them in practice soon for my own exam.
Really great video. I learn something every single time I watched your video. You doing a lot for the community. I really appreciate and admire your work. Thank you
This was great! - can you do a video with you doing a quick CTF and how you were taking notes, how you documented what you did etc... I'm curious to see the flow... thank you!
Great review, thanks. If you ever do a follow-up or something with more questions here is one: it is commonly said that the right strategy for OSCP is to go in once you already have some good knowledge in order not to waste the timelab on learning theory (knowing how to exploit basic BoF for instance, or the basics or privesc in linux and windows). As OSEP is also based on lab time that costs money, what are the technical fields to already be comfortable with, in order to not spend 1month just getting to grips with theory rather than live practice ?
John You the best mentor for penetration tester but with the request could you make a series of training "Python for Hacker" because your explanation is awesome.
First of all congrats!!! what a great review! Now OSEP vs ecptxv2? I'm starting the ecptxv2 course, from what I can see many things overlap. OSEP seems to have more Linux.
@John Hammond. I had some questions regarding the Offensive Security Certs. First are you open to answering a couple questions? If so where do I direct them? Thank you as always sir.
A quick question as a beginner while taking certification exams(specially during the exam) what are you allowed and not allowed to do. Is there any video about it?🤔🤔
Sir I have an problem regarding my pc in which any c compiler program is not working can u help me with it even my html file is not responding please help me
Ahh, the old “I hardly used any of my lab time” spiel. Ive known several people who while prepping for these exams spent countless hours in the labs/range, complained about how tough it was, said it was next level but magically once they passed the exam their story changed to “it wasnt that hard,” “i only spent about 3 weeks studying,” “the course is entry level stuff.” Classic hindsight memory distortions or ego stroking. Not sure which but it’s annoying af. Otherwise good video.
Nice video!! I want to start OSCP course but I don't have a lot of money to begin on the official site. Is-it possible to stat with free ressource and just take abonnement for 3 months and passe? I have basic notion on security and i have attempt the UDACITY Nano degree - Security Enginneer. Thanks
Hii sir...after oscp which certficstiin should be next? OSEP OR OSWE....i know one is for source code and other one is on network based exploitation..so wts learning path? Where sould i go first ?...OSEP OR OSWE
John one question if you don't mind ☝🏻 Is there any benefits in you getting more certifications at this point or are you only looking at it from a challenge perspective?
Thank you for this video. I watched it all. Today marks day one on my journey to the OSEP, I love this hands on learning and getting better everyday
Just wanted to leave a big Thank You here John. Amazing guy with amazing content!
When you’ve been hearing everywhere that OSCP is ‘so hard’, even by experienced people that do crazy things, and then John “oscp is just the tip of the iceberg... 😐
IMO it becomes less hard. I haven't taken OSCP or OSEP, but I hacked at least one box of every level on hackthebox before the writeups (easy: enough boxes, medium: enough boxes, hard: Zetta, Insane: PlayerTwo) and what I've noticed are two things:
1) It's still crazy hard, but since you're already used to that, it's fine.
2) Sometimes it's not much more difficult, but it just involves an entirely different skill. If you've never done that skill, it feels insanely difficult. For example, with PlayerTwo the final challenge is doing a heap overflow. All you get is the binary, so you also need to know x86-64. If you've never read C and never did x86-64, then the task feels insurmountable. I was simply rusty on C and ok on x86-64. So I knew I could do it and that it'd take me a long time as understanding C (and reading malloc.c) was the predominant skill. Understanding SQLi is completely different to understanding how to do a heap overflow. You could argue it's harder, but a part of it is simply because you've never done it before.
For example, the hardest thing I've ever done was to learn x86-64 assembly and C in a course, since those 2 things were seen as prerequisites and I never have seen either of them (I knew Java, lol).
I mean we all knew it that it''s pentester beginner level right? But that what's amazing we'll never get a shortage of challenges :D (I'm on my 2nd Try OSCP)
I can't wait to get through all these challenges
@@sharghaas7774 yeah well, I only recently realized that oscp is considered beginner level. I've been studying so hard, dreaming of proudly getting oscp certification, just to find that it is nothing anyway.
Probably not even a problem for me, as hard as I try, I always feel like I'm just beginning. I wonder when, and if, I will find myself comfortable in this field. Sometimes I fear like I have made the wrong choice, as I will never be good enough. It is a bit depressing.
@@ShinigamiAnger you're not alone , lol , that's all I can tell you , I'm definitely way behind you , and just maybe .... Older , so you can only imagine how that looks like to me , not to compare it to music production but i remember when I used to launch all that software and see all those knobs and frequencies and dig into audio engineering tutorials and classes how it all looked to me , now ?
I do that to get my mind of things , litrally how i know the back of my hand , so to me , i just keep reminding myself how much i would've missed if i quit , and how much I'd regret it , same for Muay Thai to me as well , first leg kick from a pro guy and start Wondering why am I even doing that to myself , hahaha that was harder not to quit , but i didn't , everything has a learning curve , just hang on in there , you'll know when it's too much or not your field , just make sure you're not mixing that with the frustration of the slow progress at the beginning , everything seems to get bigger as you dig in , it only means you're actually learning a lot. Good luck
Hope i didn't bore you with the long comment haha it's just that your comment hit home. Had to say something
@@analactica not bored at all, very appreciated, sincerely. I wish you all the best.
Obsidian looks very similar to Joplin which is what I've been using. I think Obsidian has a better looking interface. Congrats on getting the OSCE, and thanks for coming to speak at my college a week before your exam.
I used to use Joplin and started looking at Obsidian as a result of this post. I kind of feel like Obsidian is a bit better so far that I've had a chance to try it.
As someone who's currently studying the basics (networks, programming and such) to get in to this line of work, this channel is great. Not only do you get awesome videos like this, you also get videos with pentesting on online resources. The school I'm in prepares for the students to be able to take the CEH cert, which isn't great - but at least it allows you to see pentesting on the horizon and can be a stepping stone into getting real actual certs. Looking forward to the day where I have studied, practiced and studied some more to have OSEP and other certs.
How's it going so far?
John you have been an inspiration for people getting started! You've been educational and entertaining. Loving the new intro and outro, really been stepping up the game! Keep up the amazing content!
John bro, the world is a better place with you doing all of this free help to the ones in need. Keep inspiring man, much appreciate everything!
Sir, you're just not a content creator, you're a great teacher, a true inspiration. Thank you! I have a little bit more courage for taking OSCP.
Spoiler alert: John Hammond is just being John Hammond, don't expect anything less. This dude is basically a genius
Edit: Oh huge congrats again on the results!
I'm glad I cam across this video. Have not taken any of the offsec certifications but currently taking the ine certifications. I learned alot by just watching your video. Gotta start taking notes using obsidian.
First off, congratulations! Secondly, thanks for this. I was on my way back to OffSec for certs, and this is exactly what I was looking for in terms of what this new cert involved. I'm sold.
Thank you John. I applied recently to OSEP course and I wanted to listen from who already experienced this path. First off, congratulations for how fast you passed this huge challenge. Then I would like to say that I love the passion that transpires from your words and your eyes when you talk about pentesting and hacking. It just makes me want to get up from my bed again and keep studying after a long day passed over the course. And also you well said: the coolest thing that comes out from these experiences are that everything is tangible, security is done effectively, and not spoken in a seminary (thing that I hate). This is in my opinion the biggest value of being a pentester.
Thanks again for your valuable contents, my best wishes from Italy 🇮🇹
Big Congratulations to you John ! You walk the talk.. There are not too many people who are knowledgeable, Hands-on, accredited and also Share the knowledge ! InspiringCyberLeader !
Thanks for the insight! I've felt like the OSCP is great for getting your feet wet with pentesting tools and techniques, but isn't a substitute for real-world experience. It's nice to know there's a more advanced course that accounts for the type of security and configurations found in enterprise environments.
I seriously can't tell how much i have learned from this guy. He is extremely talented and more importantly a good person we all got to know. Thank you john and congratulations for the result
This was very enlightening, I plan to take this course because it seems like a great deal of knowledge can be gained.
i remember last year when they announced it, i said i would sign up with a friend. I only just signed up this week. Im so excited to get in.
Congratulations dude and congratulations in advance if you actually are the first person to clear the exam. Good start for this year.
I liked the "What's up" intro
Basically John said "gg2ez who's next"
Been waiting for this... taking the OSWE in March, trying to get it out of the way so I can get to this!
I just got my OSWE. Tackling this in a couple of months.
@@dochood1966 Passed! I've been working on the PEN-300 now for about a month.
You rock John! Thanks for being a best friend! =) Congratulations 1000!!
That outro volume blew my ears off haha. Amazing video John, I love your passion for security it's encouraging and inspirational. Great job on the review and passing the OSEP. I'm taking the OSCP in May and have been studying too (notes, notes, and more notes). Your suggestions tools/techniques are helping a lot.
congrats!
id love a separate video just about Obsidian and Latex and your note taking process
Awesome work John. Great info. Aiming for OSCP before summer starts
Thanks alot for the review. I already registered the course 2 days ago. Can't wait to start
Production quality is lookin sharp
Thank you for taking the time to tell us about OSEP !
Congratulations John for this amazing new cert 👍. You are the man 👍👍👍
John Legend right here. Man, congrats!
Awesome. Congratulations. I plan on taking the OSCP after I finish my degree in summer
Great video! I love how representative this course is for a wide range of different cyber-security roles (started to apply what I've learnt during OSEP in my day-to-day job straightaway). Thanks for the great content and pieces of advice! Will definitely put them in practice soon for my own exam.
Thanks for the great review as always! and of course Grats.
welp I found you because I was eyeing this course. now I'm subscribed, great video.
Thanks for the Obsidian commercial.
You are incredible John ❤️
Really great video. I learn something every single time I watched your video. You doing a lot for the community. I really appreciate and admire your work. Thank you
That’s a great video! Thank you John! You’re a live reminder that everything is possible. Thank you.
Gosh I'm excited hearing about this course already!
Thank you for sharing! You are definitely a certification killer! Congratulations John!
Sold! I'll try to load some C# into my smooth brain and then register for the course!
Congratulations and thank you for inspiring so many!
great video John. Hope you're doing well
Really awesome video, such genuine advice, such detailed content, we need more like you John! Thank You.
Just one word after watching this:
Fire 💥💥💥
Thank you for sharing! Congratulations John! I'm curious when you do OSED :) I love exploit development. I'm waiting to see your video about OSED.
Big win. You inspire me John
Congratulations 🎉
You're Amazing Sir Hammond, (Subscribed), Most definitely my role-model/online mentor. Thanks for your time, knowledge and inspiration!!!!
Congratulations! You are an inspiration!
Congrats John!
@15:20 Maybe the hacker you were tracking was mid-way through their OSEP, and was trying out some of the stuff they had learnt.
Congratulations, I am Happy for you.
Insane I was just doing forest (HTB) and using bloodhound and your tip came sooooooo handy!!!
Congrats ! Very interesting and instructive like all your content. Thank you so much !
Thanks @John and congratulations
John congratulations 🔥
Congrats John!
How you're so good at this🙏
@John Hammond i would love to learn more how exciting ThankQ for sharing your work
This was great! - can you do a video with you doing a quick CTF and how you were taking notes, how you documented what you did etc... I'm curious to see the flow... thank you!
NVM I actually found a video you did - lol thanks! :-)
Legend is back
I also want to take the OSEP course!! Rn on OSCP journey ...long way to go tho lol! Many things to learn...
Another motivated video:) Tanks!
Well done John 👍
This guy rt here makes me feel good
Great review, thanks. If you ever do a follow-up or something with more questions here is one: it is commonly said that the right strategy for OSCP is to go in once you already have some good knowledge in order not to waste the timelab on learning theory (knowing how to exploit basic BoF for instance, or the basics or privesc in linux and windows).
As OSEP is also based on lab time that costs money, what are the technical fields to already be comfortable with, in order to not spend 1month just getting to grips with theory rather than live practice ?
Nice studio bro!..willing to get this course
Amazing video ❤️... Can you make a video on a journey of oscp or how to prepare for oscp ... That would be amazing for us newbies
John You the best mentor for penetration tester but with the request could you make a series of training "Python for Hacker" because your explanation is awesome.
Now time to review OSED :)
First of all congrats!!! what a great review! Now OSEP vs ecptxv2? I'm starting the ecptxv2 course, from what I can see many things overlap. OSEP seems to have more Linux.
Oha, reporting in markdown. Nice
Goodluck for your Summer try
Congrats man.
I was here when it was live for the first time. 👀
Hey John, thanks for the video that's some great info! How does this compare in terms of difficulty to the eCPPTv2?
it's definitely more difficult. It seems to be above ecptxv2
Congratulations very inspiring
Congratulations
Great video. Thanks John..
@John Hammond. I had some questions regarding the Offensive Security Certs. First are you open to answering a couple questions? If so where do I direct them? Thank you as always sir.
A quick question as a beginner while taking certification exams(specially during the exam) what are you allowed and not allowed to do. Is there any video about it?🤔🤔
Hi John did you adapt PoshC2 or did you go with something else
we want osep course 🤗🤗 Do it for us
Can you post a video on how to use/download obsidian on kali linux? I'm struggling to get mine running.
Sir I have an problem regarding my pc in which any c compiler program is not working can u help me with it even my html file is not responding please help me
Ahh, the old “I hardly used any of my lab time” spiel. Ive known several people who while prepping for these exams spent countless hours in the labs/range, complained about how tough it was, said it was next level but magically once they passed the exam their story changed to “it wasnt that hard,” “i only spent about 3 weeks studying,” “the course is entry level stuff.” Classic hindsight memory distortions or ego stroking. Not sure which but it’s annoying af. Otherwise good video.
Congratulations :D
Nice video!! I want to start OSCP course but I don't have a lot of money to begin on the official site. Is-it possible to stat with free ressource and just take abonnement for 3 months and passe? I have basic notion on security and i have attempt the UDACITY Nano degree - Security Enginneer. Thanks
Hii sir...after oscp which certficstiin should be next? OSEP OR OSWE....i know one is for source code and other one is on network based exploitation..so wts learning path? Where sould i go first ?...OSEP OR OSWE
Can you do a review on any free certifications?
I haven’t found anything that is free. I am particularly focused on web application and API security.
John one question if you don't mind ☝🏻
Is there any benefits in you getting more certifications at this point or are you only looking at it from a challenge perspective?
A Quick question: Where is a good point to start in this cybersecurity domain Johns
is there any possible ways to get a jobs in cyber security without any degree and certificates but have more knowladge skills and experiences.
If I don’t have OSCP but I have experience with HTByou think I should take the challenge? OSEP?
Hell no bro. OSCP is the stepping stone
Can i go directly to this certification
😁 Thanks for review
Thanks John.
sir, which is best one osep vs oscp?
Awesome video
i have all course pen300
Awsome video, can we get review of oswe certification