OSCP Intro Letter

OSCP Intro Letter

Dear Applicant,
Thank you for your interest in Penetration Testing with Kali Linux. Please read this entire email carefully as it contains very important information.

Course Prerequisites

To be successful, you must have basic Linux skills – meaning you need to be able to navigate through the Linux filesystem, run simple commands, edit files, and be comfortable at the command line in general. We also recommend being familiar with Bash scripting with basic Perl, Python, or Ruby skills being considered a plus. A solid understanding of TCP/IP including addressing, routing, and subnetting basics are required as well.

Course Information

The Penetration Testing with Kali Linux (PWK) online course is comprised of downloadable videos totaling over eight hours in length and an approximately 350 page PDF lab guide. If you haven’t already done so, you can view the course syllabus and objectives at the following link:

Penetration Testing with Kali Linux Syllabus [1]

In addition to these study materials, you will receive access to our online labs where you can practice various attack techniques safely and legally. You can purchase VPN lab access for 30, 60, or 90 days in duration. The lab time begins when you receive your course materials as the content is intended to be practiced as you progress through the course. Based on previous student experiences, we recommend you begin with the 60 day option. Please note that once purchased, lab time is non-refundable.

The cost for this course with 30 days of labs is: 800$ USD
The cost for this course with 60 days of labs is: 1000$ USD
The cost for this course with 90 days of labs is: 1150$ USD

The certification exam is included in the fees above.


We only accept payment via major credit cards, debit cards, and e-wallets.

The time required to complete the course exercises depends on your technical background however, the average reported time by our students is a minimum of 100 hours. Note that this estimate only reflects the time to complete the course exercises and does not include the time needed to attack the various lab systems, which can vary from weeks to months depending on background, aptitude, and available time. Generally we find that 60 days of lab time is suitable for the average student.

You will be able to watch the videos and read the lab guide offline, however the VPN labs require a solid Internet connection – high speed ADSL or cable connection (512/256 minimum). Our labs contain various configurations of Windows and Linux machines with specialized software packages and pentesting applications.

Online Lab Access

Our online VPN lab environment is a critical component of the course and you are provided access along with your course materials on your start date. You may not receive your course materials prior to your lab access as you are expected to work through the course exercises in the lab environment.

Lab access is provided as a consecutive block of time and is non-refundable. You may only pause your lab account under exceptional circumstances and only with valid, written justification. When lab time is paused, resources are still allocated in our lab which remain idle that prevent other students from being able to occupy your position in the labs.

Support Terms

Please note that Penetration Testing with Kali Linux is a self-paced and self-directed course that does not have any official support. In order to be successful, a great deal of independent study and research beyond the presented materials is required. You are expected to conduct extra research in order to compromise various hosts or complete the course exercises.

Our student administrators are available primarily to assist with technical issues related to the online labs but can also provide occasional hints or guidance after a student has demonstrated that they have already put in substantial effort before asking for assistance. We do however have active student forums where help might be found if needed. To get a better understanding of the effort and level of work required in the course, we recommend you refer to our Course Reviews [2] page where you will find numerous unsolicited reviews written by our alumni.

The typical administrative hours for the orders department are 1400 – 2200 GMT and our student administrators are typically online from 0800 – 0300 GMT.

Certification Information

The Offensive Security Certified Professional (OSCP) [3] certification challenge is an online exam. You will connect to our exam VPN lab remotely and have 23 hours and 45 minutes to complete the challenge and an additional 24 hours to submit your documentation by email. In addition to meeting the certification exam objectives, you must submit an exam penetration test report in order to be awarded your OSCP designation.

You must schedule the challenge within 90 days of the expiration of your lab time.

Penetration Testing with Kali Linux may qualify you for 40 ISC2 CPE Credits. This applies to students who submit their exercises and documentation at the end of the course or pass the certification challenge. CISSPs can register the Offensive Security training at the ISC2 website. Please note that we cannot register the CPEs on your behalf.

Continue Registration

We open a course every Sunday and recommend that students begin the registration process 15 – 30 days before their desired start date. If you would like to sign up for the Penetration Testing with Kali Linux course, please follow the link below in order to continue your registration. It is very important that you register with your legal name. You will have the opportunity to change this after passing your certification if you would like your certificate to read differently.

Our students usually provide us with a corporate email address or an address that can somehow help provide proof of identity. Email addresses from Internet Service Providers (ISP) or free email providers such as Hotmail or Gmail (including paid versions), are not accepted without a scanned ID.
If you are unable to provide an alternate non-free address that allows us to get basic verification, we will require a scanned copy of your valid government issued ID in color, such as a driver’s license or passport. For IDs in the form of a card, please include a scan of both the front and back of the card.

We need to be able to see your photo, full name, address (if applicable), year of birth and the expiration date of the ID. You may blur the ID number. Expired IDs are not accepted.

You may also send a photo of your ID if a scanner is not available as long as the image is clear and not blurry.

If you choose to send a scanned ID, you may blur the ID number and send it to registrar@offensive-security.com (please do so only after you use the link below and provide the required information).
Note that a registration request with a free email address will be ignored.

Register for Penetration Testing with Kali Linux [4]

The above registration link will be valid for the next 72 hours. You will be required to submit a new request in the future via our website if you do not use this link in the allotted time.

Do not hesitate to contact us with any questions.

Sincerely,
The Offensive Security Team
www.offensive-security.com

[1]: https://www.offensive-security.com/documentation/penetration-testing-with-kali.pdf
[2]: https://www.offensive-security.com/testimonials-and-reviews/
[3]: https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/
[4]: https://www.offensive-security.com/signup.php?md=2cf4fd5e2380e823a225d78c56cf5cc3&ver=1dssv65332

Advertisements

PenTesting / Scanning Cached/Load Balanced Targets

PenTesting / Scanning Cached/Load Balanced Targets

 

As part of the PCI Certification process, external facing application that are in scope of the PCI environment require a PCI ASV scan. If these external facing applications are using load balancing and/or caching, please be aware of the following; (Examples of Load Balancers include; F5 LTM, AWS Elastic Load Balancer/ AWS CloudFront.)

Any load balancer using a full proxy architecture will establish a TCP connection to the virtual load balanced IP or VIP and the load balancer will proxy your scans and connection requests to a pool of backend applications servers. The rules on your load balancer determine which member of the pool gets that second connection. This means that you have no way of knowing which pool member you have scanned. The IP of the backend server will not be returned to the initial host, the one from which you established the initial TCP connection (to the VIP). To allow a PCI ASV scan, please add scanning origin to temporarily allow direct scans of your servers.

Please consider the following when determining the number of IP address required for External Scan;

  1. There are no load balancers in front of any in-scope servers:
    • External IP address / URL counted as individual IPs.
  2. All servers behind load balancers are identical and synchronized:
    • The external facing VIP or load balanced URL/IP is counted as an individual IP  (Allow scanning origin to temporarily allow direct scans of your servers.)
  3. Servers behind load balancers not identical and not synchronized:
    • Need to scan each individual IP instead of the VIP. (Allow scanning origin to temporarily allow direct scans of all servers.)

Mailware analysis

Mailware analysis

Kali Cheatsheet

Kali Cheatsheet

The following is a list of improvements to the Kali distro to turbo charge your Pen Test tool kit.

Fresh Install

  1. Setup Kali on AWS – https://www.alienvault.com/blogs/security-essentials/configuring-kali-linux-on-amazon-aws-cloud-for-free
  2. Use Generation 1 in Hyper-V
  3. Install VM Guest Tools – http://docs.kali.org/general-use/install-vmware-tools-kali-guest
  4. sudo su
  5. apt-get update && apt-cache search kali-linux-full
  6. apt-get update && apt-get upgrade -y && apt-get dist-upgrade -y
  7. sud dpkg –configure -a
  8. apt-get autoremove
  9. reboot

Install Applications

Staying anonymous

  • proxychain use socks5 only
  • update dns to opendns and in nertherlands
  • Disable webrtc
  • Use OpenVPN
  • use duckduckgo.com for searching
  • spoof mac address

DDoS for Research Only

DOS Attacks and Free DOS Attacking Tools

DDoS for Research Only

“In order to protect one must understand how to exploit” – me just now

Disclaimer: Most countries have very stick Telecommunications and Computer Abuse laws. Just running these commands against anyone could put you in jail for 99 years. These tools are easily detected.

Cyber Security

Cyber Security

 

Running a WebSite is a PAIN

Running a WebSite is a PAIN

Just some things, i am doing to optimise my website and stop it getting DDOS.


RewriteCond %{HTTP_USER_AGENT} ^.*(Ahrefs|Baidu|BlogScope|Butterfly|DCPbot|discoverybot|domain|Ezooms|ImageSearcherFree).*$ [NC,OR]

RewriteCond %{HTTP_USER_AGENT} ^.*(ips-agent|linkdex|MJ12|Netcraft|NextGenSearchBot|SISTRIX|Sogou|soso|TweetmemeBot|Unwind|Yandex).*$ [NC]

RewriteRule ^/?.*$ "http\:\/\/127\.0\.0\.1" [R,L]

  • Install ZBBock
  • Country Block rouge nations that are not your customers. (Ukraine,etc.)
  • Reduce Crawl rate for known bots

User-agent: msnbot
Crawl-delay: 1

No crawl delay set – Normal
1 – Slow
5 – Very Slow
10 – Extremely Slow
  • Sent Rouge Bots back home

RewriteCond %{HTTP_USER_AGENT} ^$ [OR]
RewriteCond %{HTTP_USER_AGENT} (bot|crawl|robot)
RewriteCond %{HTTP_USER_AGENT} !(bing|Google|msn|MSR|Twitter) [NC]
RewriteRule ^/?.*$ "http\:\/\/127\.0\.0\.1" [R,L]


<Limit GET HEAD POST>
order deny,allow
deny from all

allow from 103.51.61.0/24

</Limit>

  • Disable Joomla User registration
<p class="p1"></p>
<p class="p1"><span class="s1">administrator/index2.php?option=com_users&task=view&limit=1000</span></p>
<p class="p3"><span class="s1">DELETE FROM `sgj_users` WHERE </span><span class="s2"><b>WHERE</b></span> <span class="s4">`name`</span><span class="s3"> <a href="https://secure290.sgcpanel.com:2083/cpsess2361581801/3rdparty/phpMyAdmin/url.php?url=http%3A%2F%2Fdev.mysql.com%2Fdoc%2Frefman%2F5.6%2Fen%2Fstring-comparison-functions.html%23operator_not-like&token=ef685e82a572e349ffa84ebb4a973a89"><span class="s2"><b>NOT</b></span> <span class="s2"><b>LIKE</b></span></a> </span><span class="s4">'Administrator'</span></p>