Hello, internet person,
The time to write my first post here on Dev.to has come! After struggling to think of an idea or really cool and worthy project to start writing some things down, I finally decided to try and write something that was almost done: My write-ups.
A bit of context first: HackTheBox is this awesome platform in which you can try your pentesting skills with some virtual machines - or boxes - packed with some vulnerabilities ready to be exploited. Sounds nice, huh? As a cybersecurity student, it's a must for me to experiment with those labs, especially in order to pursue the OSCP - Offensive Security Certified Professional - a very important cybersecurity certification.
To be quite honest, I still don't know if I want to take the OSCP as of now... but I understand how taking it and the Advanced Web Attacks Exploitation certification's exam can be really useful to my main goal of developing my developer skills with a good base in Security. So, why not start preparing for it right now, even if in a slower pace?
That being said, after a lot of research and this awesome story from Rana Khalil about her journey to get her OSCP Cert, I finally had a roadmap. Now, time to follow it.
The targets were finally there, since I decided to follow her footsteps and also try to hack all the machines from TJ_Null's OSCP-Like VM's list. Important to note that those machines are always being updated, which makes this list relevant at all times. Also, he has a list for VulnHub machines, which I might consider every now and then when my HackTheBox subscription gets expired (since I'm not in an automatic subscription, leaving it for when I decide to focus on Retired Machines, only accessible with the VIP account).
Now I have the roadmap and the targets, but... something is still missing: I need to learn how to walk it. Gladly, I found really good tutors in University, but I was a total, complete noob in all things related to pentest, and I still needed a nice place to start. That's where I found Heath Adam's Practical Ethical Hacking course at Udemy. His methodology just clicked with me. It was way easier to understand the basic concepts, even though I still didn't finish the course - It's paused right now while I write this - because his way of explaining things just inspired me to start this post and all this plan to document my way through TJ_Null's list.
Without further ado, let's go hack some things!
Top comments (0)