Offensive Security ‘s Certified Expert (OSCE) Notes.

This post is not a write up per se. It is a list of short notes helped me learn most from both course and the exam and not noted in popular write-ups.

Preparation

-Learn Assembly : 1.5x Speed, Do all exercises.

-Install Kali32bit-Rolling in Vmware. Provided Backtrack5 is bad for your sanity. Use Both in case of bug.

-Join netsecfocus mattermost server #OSCE Channel.

-Everything not mentioned here.

Course

-Learn using Hex-Rays (IDA Pro) Decompiler AND/OR Snowman. Though not covered, Static Analysis teaches you connecting the dots.

-Use rdesktop with -g parameter i.e. “rdesktop -g 80% 127.0.0.1”

-Spike works, Use Wireshark to doublecheck. If you don’t like it for some reason, Use Boofuzz.

-Do all exercises.

-Use Offsec Forums and Support. Those are there to teach you without spoiling the content.

Exam

-Use Immunity & Mona.py. Never “Open”, Always “Attach”. Second part cost me 100$ and 2 Weeks.

-Sleep and take breaks.