Switching Gears

1 minute read


As I take a sip of my coffee and fire up my vms for another day of windows exploit development I receive a link…

I am towards the end of the CTP material and have a plan to prepare for my upcoming exam, for the better part of six months I have been learning assembly, shellcoding and exploit development techniques to prime me for the OSCE exam.

There was a very recent announcement by Offsec that the CTP course (and essentially) the certification will be RETIRED and replaced with a new, renamed certification that will require the completion of three courses (GG wallet) including the Advanced Web Attacks and Exploitation and two other as-yet unreleased courses which will cover Advanced Penetration testing and Windows exploit development.


After reading through this and considering my options I have decided to complete my last two modules and head straight for the AWAE. Why? because as much as I would love to earn an OSCE, a legacy certification simply does not appeal to me and I have had much of my motivation sapped with this news.

This puts me in an interesting position, as the last 6 or so months have been spent preparing for entirely different subject matter, and I now have to switch gears to hard Web Exploitation.

I have accumulated enough knowledge and notes that by the time the new courses roll out I should be in a good position to power through the material (I hope), but for now I need to get B-U-S-Y as I have a lot of new information to cram into my brain.

Starting with this: https://github.com/wetw0rk/AWAE-PREP and this: https://klezvirus.github.io/HTB_VulnHub_an_OSWE_approach/

See yall on the other side as a (whatever-the-new-cert-will-be-called)