Jump to content
robzxb1

just a general question on the right path and way to study.

Recommended Posts

robzxb1

Hello all I'm hoping anyone with experience in this situation can give me advice. I am getting ready to take my pts exam and once I pass this one I will go and continue the  route of ptp, and then  the new version of ptxv2. Can anyone give me advice  on the right  way to study for this field in pen testing? As  it can be quite overwhelming I'm asking should I just study from these three courses one at a time pass them and then branch out to...for example the oscp and other certs or take other courses at the same time  like udemy or just stick to the elearn path , so I don't miss something in this field , maybe that elearn does not have in it's courses? I know this is a fast pacing field and don't wanna feel as if i'm missing out on anything . I just feel like when i study for the elearn courses which to me personally are amazing  and others at the same time it becomes overwhelming. I'm really hoping that just taking the pen testing courses pts,ptp,and the ptxv2 is enough. Any advice would be of great help. Thank you all for your time.

Share this post


Link to post
StefanWAustin

Your question is not that easy to answer. Each certification has advantages and disadvantages. At the moment, we as customers can not pick a perfect matching certification. Penetration testing is massive, PTP will give you the basics to do your job. 

After taking the certification, you are still a baby but you know a lot as a solid basement. For actual life purposes, PTP will you prepare better than OSCP (PWK). You will learn to pivot, see proper environments and more. PTP has 6500 slides to learn but lacks in Active Directory, web application and Privilege Escalation. Add this three missing things before you apply for a job. If you pay for PTP you have 6 months’ time or with elite unlimited. You can learn much more compare to OSCP and it is stress free. Until now, I spend over 600 hours for PTP (and additional things) and I will take the exam in 6 weeks. 

OSCP is different, it has 750 slides, and the exam is a CTF exam with 5 single machines (no pivoting, no proper environment). Some people say that OSCP is easier than PTP, but it is stronger in Priv Esc and in using manual tools. You will miss out on many relevant skills for the first job, but OSCP is well known. If you have it, you will get interviews. OSCP(PWK) is a timed course, you pay for 30, 60 or 90 days and if you need more time, you pay more.

11 hours ago, robzxb1 said:

I'm really hoping that just taking the pen testing courses pts,ptp,and the ptxv2 is enough.

That is true to get a first job, but to work as pentester you have to add much more. PTX will add Active Directory and brand new things, but in 3 years, the knowledge is at least in some things outdated again.

If you look thru the job descriptions you see that web application is a requested skill, add it and know at least OWASP 10 things very well. PTP is not enough and I guess WAPT is an entry level cert and gives you a good foundation. Technically, you can learn web application for free, because the bug bounty program and OWASP is very active. OWASP juice shop is one excellent thing to start with web applications.

To become a penetration tester is very difficult. People are unique, but I will need 15 months’ full time studying to get ready for the first job. Every person has a unique background and different goals. Maybe you are much faster or slower.

Share this post


Link to post
robzxb1

Thank you for your advice and if you want another good course on active directory and privilege escalation with windows and Kali and web applications to help fill in the gaps I would advice  Heath Adams. His courses are great.

Share this post


Link to post
StefanWAustin

Yes TCMs courses are great. Yesterday he released the Linux Priv Esc course and I will do it. I did two of his udemy courses and watched some of his youtube videos.

Share this post


Link to post
robzxb1

yea i also purchase that course today well worth it but my issue is I think the best thing to do is past all three of the ecerts first then take his udemy classes i bought all three but I find it easier to do one thing at a time because it gets overwhelming with note taking and going back and forth.

Share this post


Link to post
StefanWAustin

If you do PTX first, you do not need the udemy courses, because PTX is much much higher than TCMs courses. It is good to have a structure; I did PTP until I did each lab at least one time, took 10 days off and did the udemy courses and now I am doing the PTP part again.

PTX is one of the most difficult pen test exams in the world... it is good to have more material to get a better point of view. 70% of the people fail their first try and PTX people are smart. I guess I need at least 800 hours study time to get the certification. PTX is a crazy difficult course... but it is good to have it.

Share this post


Link to post
robzxb1

Thank you . I'm gonna stick to the three courses from elearnsecurity to have a great foundation and then I'll check other courses to brush up on anything the course didn't teach.

Share this post


Link to post
StefanWAustin
1 hour ago, robzxb1 said:

to have a great foundation

PTX is hopefully more than a foundation. ;)

Share this post


Link to post
robzxb1

Also anyone know if having a back ground in knowing about server maintenance and support help out in the cyber security field?

Share this post


Link to post
StefanWAustin

Moving from a server admin to a cybersecurity specialist is a logical move. To "help out" you need a lot of knowledge.

 

Share this post


Link to post
robzxb1

Has anyone ever had this problem while installing seclists?did google research and found some videos but nothing to erase the package issue.

image.png.9d9f9553e6410ac5debd86ffe1061165.png

Share this post


Link to post
StefanWAustin

I never saw this error, but I think the error tells you to install / upgrade desktop-schemas. 

Share this post


Link to post
robzxb1

image.png.85161f0eb437573d8661d04e0d2bae9a.png

Tried but nothing ... started doing hack the box and I'm stuck on breaking into an ftp port 21 was hoping if I was able to use seclists if with hydra I that I might get a user name and password. Have a week left to take my exam again so I'm hoping hack the box can help on hands-on practice.

Share this post


Link to post
robzxb1

nothing ???? does anyone have advice? I'm MEAN IT  IS WHAT IT IS I HAVE MY LINUX COMPTIA AND MY NETWORK. AND CEH, BUT I FAILED THIS COURSE WHICH IS FINE BUT IM TAKING THE EAM SOON AND USING HACK THE BOX  AND HAD THE SAME PROBMEL WITH FTP 21 I'VE USED HYDRA AND NOTHING NCRACK AND  NOTING. DOES ANYONE HAVE A BETTER WAY LET ME KNOW IF NOT THAT'S FINE IF  NOT A BIG DEAL. DID HYDRA NOTHING. BUT WOULD BE GREAT IF ANYONE HAD SOME ADVICE.

V'

Share this post


Link to post
StefanWAustin
12 hours ago, robzxb1 said:

DOES ANYONE HAVE A BETTER WAY LET ME KNOW I

The error message indicates your problem.

Unable to locate package means: you have to add another repository. You have CEH (a $2,800 course), you should know how to do it.

I do not know more than you, I am a student.

Share this post


Link to post
robzxb1

Yea I figured it out already Thanks Sometimes Having a full-time job with a family and being in intel Divison sometimes the answer can be right in front of you. Thanks again.

  • Like 1

Share this post


Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
×