I have been working on becoming a Security Engineer for two years and have two solid certifications under my belt that I either paid for or got a scholarship for. I also have one year of Security Analyst experience. I have worked hard, but not hard enough, and plan to do even more this year to continue moving forward.
My main goal for the first half of this year is to achieve the OSCP Certification. It is hard, and I feel not at all ready, but I loved pen testing the most from all my work last year, so I know it is the direction I need to go to move forward toward my personal goal. The ultimate goal for me, I believe, is a full time pen tester or pen testing consultant. I want to be remote (work from home) and I want some freedom to pick and choose my clients.
My plan is heavily based on Ramkishan Mohan’s great guide, A Detailed Guide on OSCP Preparation – From Newbie to OSCP. First, I will work on Linux and Python, by finishing my Udemy class Learn Python & Ethical Hacking From Scratch. Next, I will work on really learning the ins and outs of both Windows and Linux Enumeration. After that, I will fill in all of the random holes in my hacker knowledge. Buffer Overflows and Shell Exploitation is next, most of that I expect to get from finishing my Penetration Testing book by Georgia Wildman. I will end by re-reading Metasploit Unleashed over at Offensive Security.
Once I have a solid background in these skills, which I hope will only take a couple of months, I will finish my pre-prep with some actual testing of vulnerabilities and then sign up for a three month lab. Finally, on to the test and hopefully certification by July or August. Wish me luck. I have been pretty successful thus far in laying out these plans and then finishing training and testing, so I am hopeful this will all work out. I will certainly keep you posted. Wish me luck!
I
Computer Pooh 