CompTIA CySA+ Cybersecurity Analyst (CS0-001) - Any good in SA?

[Jet-Fighter7700]

so the S+ is not worth much these days?

interesting, as I am on the udemy course for that right now, and it seems to be quite thorough about everything,

not as practical as I thought it might be, but I suppose that comes later on when you understand more about security.
before being tossed the keys and asked to drive yourself, and potentially break something expensive by accident.

 

[PPLdude]

haha looks like you using someone else's invite code. Go generate your own.

I thought I did though.

I saw it used POST, to the api link.

Decoded the message from whatever encoding it gave.

 

[initroot]

Yes I have done OSCP. How is the studying going? Free tips for you is to enumerate, enumerate and enumerate some more lol. Do all the exercises and then get root and NT SYSTEM on all the hosts without using metasploit. If you can do that, I think you will be ready for the exam.

Couldn't have said that better myself.
[MENTION=5923]qDot[/MENTION] if you get stuck during the exam, move over to another one. Consider every piece of information.
What would be beneficial is to keep proper documentation while you are playing around on hackthebox, have a look at dradis framework.

 

[qdada]

Couldn't have said that better myself.
[MENTION=5923]qDot[/MENTION] if you get stuck during the exam, move over to another one. Consider every piece of information.
What would be beneficial is to keep proper documentation while you are playing around on hackthebox, have a look at dradis framework.

Thanks, i will remember this, busy with UNISA exams for now.

 

[ActivateD]

I thought I did though.

I saw it used POST, to the api link.

Decoded the message from whatever encoding it gave.

Restart the session and create a new invite code then follow the steps you took. You are close to getting it.

 

[qdada]

Couldn't have said that better myself.
[MENTION=5923]qDot[/MENTION] if you get stuck during the exam, move over to another one. Consider every piece of information.
What would be beneficial is to keep proper documentation while you are playing around on hackthebox, have a look at dradis framework.

Well, I should have remembered this thread.

Will my confidence obliterated having faltered on BO which I thought I understood, I only moved to a 10 pointer only after ...ahem..6-hours...not proud at all. After 12 hours my mind was porridge. I 'slept' a bit and at around 4 am started again, after 2 hours i knew i was toast.

I am trying again end of July but now that I have perfected BO, I will take any day that becomes available before then. This time, BO or not, I am moving to the next machine after 2 hours.

 

[ActivateD]

Well, I should have remembered this thread.

Will my confidence obliterated having faltered on BO which I thought I understood, I only moved to a 10 pointer only after ...ahem..6-hours...not proud at all. After 12 hours my mind was porridge. I 'slept' a bit and at around 4 am started again, after 2 hours i knew i was toast.

I am trying again end of July but now that I have perfected BO, I will take any day that becomes available before then. This time, BO or not, I am moving to the next machine after 2 hours.

Good luck with the next exam. Remember that they like to throw curve balls to see if you can adapt to slight changes even on the buffer overflow exam.

While you wait for the exam slot I suggest you create enumeration scripts so while doing the BO exercise your scripts are running and getting you as much information about the other systems that you must do. This will allow you to concentrate on BO while not "wasting time" getting information on the other systems.

Have your various exploits for Windows and Linux compiled so you do not waste time during the exam trying to compile.

Lastly try not to over complicate things. Keep it simple.

 

[qdada]

...
Have your various exploits for Windows and Linux compiled so you do not waste time during the exam trying to compile.
...

You probably wrote before MS17-010 and the emergence of eternalblue.
It should be obvious to me that that tool should not be disallowed, except it isn't that obvious to me.
One Reddit user thinks it should be allowed and I am almost too scared to ask any admin from oscp forums, lest I ask a potential examiner.
You probably have access to other pentesters who did OSCP, how was the use of that tool treated if u or others used it in the exam ?

 

[ActivateD]

You probably wrote before MS17-010 and the emergence of eternalblue.
It should be obvious to me that that tool should not be disallowed, except it isn't that obvious to me.
One Reddit user thinks it should be allowed and I am almost too scared to ask any admin from oscp forums, lest I ask a potential examiner.
You probably have access to other pentesters who did OSCP, how was the use of that tool treated if u or others used it in the exam ?

Yes I did my OSCP 2014 so way before MS17-010. Read your exam pack properly and carefully. It will tell you what you can and cannot do. I do suggest that you stay away from tools that do a lot of the work for you because they might rate them as "automated" for example SPARTA is just a tool that basically uses other tools but I would recommend that you just python script everything that SPARTA would do. You will learn while you doing it and might allow you in the future to start creating your own tools.

That is why I said try exploit as many machines in the lab without automated tools to hone your skills and to identify entry vectors. I do not know how much time you got in the lab but also try different ways to get access or different exploits to get root so you build up a repo.

Never be scared to speak to the admin and I know of 2 admins that are South African. So speak to the admins when in doubt. I do not know if SPARTA was around but I didnt use automated tools and just did everything manually myself.