This is the year that I'm finally going to conquer the OSCP.
I've talked about my plan for studying for the OSCP in a YouTube video, but I'll rehash it a bit here on the blog as well. The plan is to study up for the PNPT, or the Practical Network Penetration Tester certificate offered by TCM Security, and obtain the certification. After that, I'm going to enter a long phase of more independent self-study: HackTheBox, bug bounty readalongs, more HackTheBox... etc. Finally, I'm going to make another go at the OSCP, conquering some lab time and taking the certification late in the year.
So, I'm currently in the first phase: studying up for the PNPT. I've started the coursework, which is taught by Heath, better known as The Cyber Mentor. Thus far, I've only completed the networking section, which is, frankly, one of the more boring parts of the coursework it seems. It's also one of the most important, foundationally, because you really don't want to try to hop into the more advanced stuff without understanding the tech that it's built on top of.
It's also just plain useful to understand networking.
Heath does a great job of breaking down the OSI model, explaining different protocols and how they interact with ports and other hosts and how subnetting works. A lot of this was review for me, which is expected since I've been in tech/cyber security for a while, but the bit on subnetting was pretty helpful since I don't have as much IT specific experience. One of the best parts about this being a self-paced course is you can kinda skim the bits that you already know a good bit of and repetitively play the parts that are confusing.
I've also been working on a free YouTube course by PhDSecurity on bug bounty hunting which has been pretty good thus far. He explains things in a really clear way and focuses on teaching via practical application instead of just theory, so that's super useful.
I'm keeping this blog short, mainly because I haven't gotten into the real meat and potatoes of my studies. I'm going to make this series of blogs episodic so you can kinda follow the journey from start to finish. Be on the lookout for more blogs on my OSCP studies and feel free to subscribe on Ghost for free to get updates in your inbox when I release something new.