Impression of a pentester - and his Goal.

Hi to my reader,

I got my start in InfoSec Many years ago roughly 2000 I was catapulted highly into

offensive attacks and defensive attacks, the early days there was only one way to 

learn which was to be offensive, I admittedly brought destruction to people but none of

which cost anyone any loss of income, the reason I was forced into this area was to 

defend my Web hosting company I built, back then the customers spending and everyone 

knew it, managing linux servers and hosting them was well deserved, 

how ever this was just a hobby for me being so young it was all about linux and the 

thrill of defending your empire and looking after a team of people whom you worked with.

Then I got wise from mistakes, and decided to put my interesting skills, and patience

that I never knew i had.

Years from this I kept a safe distance from being in the line of fire, and used these

skills as a server administrator, although my entire carrer has'nt been a professional 

pentester or server administrator. I never stoped keeping my personal skills and studies

"updated" I always kept my knowledge of trends and new cracks/hacks/exploits

update for personal interest.

My resume will tell you my work history, at work, i was reinventing wheels, bring idea's

options, security, discussions, to my work members.

At home I was reading learning, toying , testing.

Many more years later:

I crawled up the ladder though organizations

I finally was in a position in my life to be able to spend good money on studies 

and I had a very understanding family for my time.

So I started work on Vulnerable testing platorms designs to just hack!, I must say 

there is alot of tools out there for whom wants to learn. 

I needed more, I always have known that I have no issue with taking on a difficult

task and using research to learn, researching one topic for a week ? now that is one way

to make it stick in your head.

So  OSCP and I would highly recommend the coarse its Fantastic!
if you're new(ish) to Penetration Testing (more novice than absolute
beginner, although both are fine, one will require more personal study
though) It is by no means the only training you should get and I'd
recommend you continue your studies after the course but if you're looking
for a Pentester Bootcamp, it's really good.

The best part about the OSCP is the Lab. The Lab has about 40-50 systems if
I recall correctly, and they vary in difficulty to compromise. The easiest
would probably end up being a Windows 2003 box vulnerable to the good old
MS08-067 "netapi" exploit and the most complicated would be PAIN and
SUFFERANCE which you can enjoy for many sleepless nights.

The thing I like most about OSCP is it's not a "Here's a bunch of tools and
how to use them" course. They really do work at the bits and bytes level of
Pentesting. You will learn about Port Scanning and ARP poisoning but
learning the make up of the packets, reconstructing your own through
painful processes and in most cases, you'll need to build your own ARP
Poisoning tools and Port Scanners using Bash, Python, Ruby or Perl. Only
then should you defer to the Tools we all love. That way you get an
understanding of what's going on "under the hood" and a greater
appreciation for what the developers of your toolkits have built.

Another important rule, No Nessus,  in the Lab! The point of
the Lab is to understand how to find and identify vulnerabilities. Then
find available exploits (exploit-db, packetstorm, securityfocus, osvdb,
cve-details), modify the shellcode to make them work for you, then go after
the system.

Finally, you'll be using some impressive SSH tunneling to exploit the hosts
multiple subnets away through bridged machines you find in the Lab.

The Certification is a 24 hour exercise, you'll be given 5 machines and
asked to do your best. Normally, one of the machines will not have a listed
exploit but one you will have to research and build yourself. The rest will
be challenging machines requiring multiple exploits to achieve root.
Vulnerability Scanners and Metasploit again are not permitted in the
Certification.

One year after finishing the OSCP, I'll admit that it may not have the
biggest reputation amongst employers, but it will shape you into a
Pentester that's not reliant on his toolkit.

Why me ?

I have a vast knowledge of Infrastructure overall company wide. 

I have proven skills in research and discovery, inclusive of Infrastructure

mapping and discovery. 

I have taken different parts of infrastructure, and taken a focus on topics thru 

studies.

Networking switching / routing / troubleshooting

Unix administration

PBX administration ( including asterisk )

Web App administration

Application of many 

Server Services 

Windows administration

Advanced Virtualization experience via Linux visualization and Vmware, 

I consider my self as a virtualization professional, not just a click next expert.

I can not express the amount of interest I have when working in this field,

 particularly

Pentesting, why would anyone not want to be a hacker!

Daniel.