So time is now ticking down till the start of the PWK course. Looking forward to it. I have also been trying to get to grips with this whole blogging thing. Its forcing me to be very organised with my time and notes. I am currently working on a large git repo with a bunch of information in which I will add to as I go. So hopefully once I’m done that will prove useful to someone.
First prep week has been great. Been hitting hack the box this week a fair bit, managed to get 3 boxes. SwagShop, Luke and writeup, the low hanging fruit boxes so to speak, so next weeks boxes should be a bit more difficult. I have also worked through around 6 old boxes. I try to complete these without any writeups. If I get stuck I will flick over to ippsec, if he has a video for that box, get a quick nudge on the required tool or route and attempt to complete without further assistance. I am now keeping detailed notes and screenshots of every box along with throwing together a few basic scripts to generate folders and files for each box off the back of the initial nmap scan. I’m Trying to just make organisation and documentation of target information second nature, as I expect with the labs to be quite overloaded with information and targets, so trying to avoid getting swamped is a priority for me. Going from a 1 to 1 environment into a sprawling lab with, from what I gather, little direction will be a bit of culture shock I think.
I will have writeup posts prepared for all the current boxes I complete on HTB as they get retired now I will be posting them, so keep an eye out for that if your interested. Trying to target what I found and missed on each of the boxes rather than just a quick blow by blow, of one liners to completion, as I find that helps me spot patterns and hammer those new things I find into my brain.
I have also done a horrendous death by shitty colours map / plan of my prep time. Gives you a bit of an insight into what I’m doing in terms of prep work.
With the python revision I’m working with the books violent python and Black Hat Python: Python Programming for Hackers and Pentesters. Both books are great I would highly recommend them. I am working through some of the more interesting code snippets, I am then re writing them in python3 as both books are python2. This is giving me a very good idea of how and what each script is doing as I go through and fix error’s and try to update sections with new modules or ways of doing things. Its good fun. If a little frustrating at times. I am not the fastest coder and re writing things can be a pain. However a combination of writing these in 2 and converting them to 3 has been really helpful for getting things to stick in my brain and really really understand what is happening line by line.
I have outlined above my study plans for the weeks so far except for week 3. I will update that with what I feel I need to work on more, I will probably fill the weekend before starting with a bit more social time as well, before I lock myself away for 2 months.
Onto week 2. Times a ticking.