I didn't blog much last month, as I have been researching and studying hard.
Anyway, I am pleased to announce that I have passed the Offensive Security Certified Expert exam (OSCE), which is the certification for the "Cracking The Perimeter" course I took earlier this year.
This is a monster 48 hour exam (+24 hours for documentation). It covers techniques such as advanced web attacks, vulnerability discovery, exploit development, custom payload creation, detection avoidance, and advanced network attacks.
It's pretty specialized stuff (you have to pass a hacking challenge to even register for the course, and trust me, if you can't pass that challenge, you are definitely not ready ;o)
The CTP course was great, though I would say that anyone attempting the OCSE certification needs to do a lot of extra practice and study, to get to the level where they can creatively and confidently exploit various different types of systems and applications (especially some exploit-development research) before they take the exam.
It's definitely one of the most challenging certifications I have done (I have done quite a few recently) - and I feel that my skill levels have shot up as a result.
My next plans are
1) Continuing my research project
2) Taking the GWAPT exam
3) Crest CHECK Certification (which seems to be very important for pen-testing jobs in the UK)