Guest post contributed by Samuel Whang, OSCP. Originally published on Medium and has been republished with consent from the author.
Offensive Security’s flagship course, Penetration Testing with Kali (PWK), recently went through a welcomed update to their course material and lab environment. A lot of topics were added to the course while some pre-existing topics were expanded upon. Some of these topics include Windows Privilege Escalation, Active Directory, and client-side attacks. Of course, these are not the only changes. You can find the full list here: https://www.offensive-security.com/offsec/pwk-2020-update/.
For those who are currently on the journey towards OSCP, I argue that the decision to upgrade isn’t a difficult one to make; but, what about those who currently hold the OSCP? Is it worth investing in the upgrade and getting into the new PWK lab? For me, the answer is absolutely — let me explain why.
OSCP Is Just The Beginning
Previously, I’ve written a blog advocating that becoming an OSCP holder isn’t necessarily a goal, but rather a by-product of becoming a solid penetration tester (https://medium.com/@klockw3rk/my-oscp-guide-a-philosophical-approach-a98232bc818). I’ve advocated that penetration testing is a lifestyle and that it requires constant practice and research. This new PWK lab is a fantastic opportunity to fine-tune and improve methodologies, workflows, and techniques.
After spending some time in the new PWK lab environment, I am very pleased with the changes that I’ve come across. The number of machines in the lab increased dramatically which introduced challenges that are more dynamic than before. Just like in real commercial enterprises, not all systems can be attacked directly. Although this was also true in the previous PWK lab, the additional machines amplify the level of realism that opens up the necessity to practice looting, post-exploitation, client-side attacks, and navigating multiple subnets and Active Directory environments, all of which requires robust methodologies and workflows. This environment provides more opportunities to develop techniques to better understand the enterprise and its users, which is critical to compromising all the machines in the lab. The new PWK lab is an amazing environment that’s designed to teach a wide range of lessons, regardless of if you are an OSCP holder or not.
Expand Your Focus
One of the benefits of approaching the new PWK lab as an OSCP holder is that the pressure is off, which allows you to focus on more advanced techniques. When I was going through the PWK lab prior to obtaining my OSCP, my focus was generally limited to establishing a fundamental methodology and enumeration process. This is an important foundational skill-set, but it isn’t enough.
In the past, I spent most of my cycles approaching machines in a vacuum rather than in the context of a wider enterprise. It’s much easier to manage notes and workflows with one or two machines concurrently, but it becomes exponentially more difficult when you need to manage multiple shells, both local and domain, persistence, notes, and loot from multiple machines across the enterprise. This new lab environment provides opportunities for OSCP holders to increase the scope of our workflows and develop techniques and competencies to manage larger sets of data.
New Machines = New Lessons
It’s important to understand that our hard earned OSCP represents a snapshot of our skill level at the time of passing the exam. Skills are perishable and need to be updated constantly. In the same way we learned lessons from each machine in the previous lab, the updated environment is a great opportunity to solidify the lessons we’ve already learned and to learn new lessons from both new and updated machines.
Read about Samuel’s experience with and philosophy for OSCP prep in My OSCP Guide: A Philosophical Approach.