OSWE Journey

OSWE Journey

First of all, I would like to thank you for being here to listen to me share my journey. Have a great day!

Overview

  1. The starting point
  2. The preparation
  3. The exam
  4. Some advice

I. The starting point

I am not a professional CTF player or someone with a lot of experience in bug bounty hunting. Therefore, this learning process will be challenging for someone like me who is new to it. However, you should still understand the root cause of a vulnerability, where it originates from, and what you can do with it before spending money on this course.

II. The preparation

Below are some links you should read as they introduce several modules covered in OSWE:

GitHub - wetw0rk/AWAE-PREP: This repository will serve as the “master” repo containing all trainings and tutorials done in preperation for OSWE in conjunction with the AWAE course. This repo will likely contain custom code by me and various courses.
This repository will serve as the "master" repo containing all trainings and tutorials done in preperation for OSWE in conjunction with the AWAE course. This repo will likely contain cust…
OSWE/AWAE Preparation · Z-r0crypt
Security notes for learning and sharing

Most of the modules are open-source. We can find them online, but OffSec does an excellent job providing guidance on setting up the environment and enabling debugging.
In OSWE, they recommend using Python to write exploitation scripts. However, if you're proficient in another language, you can still use it. For example, I’m learning Golang, and I enjoy coding in Golang, so I chose it as my primary language for writing exploitation scripts.

GitHub - nxczje/sreq: simple request with workerpool
simple request with workerpool. Contribute to nxczje/sreq development by creating an account on GitHub.

This is my package use for write scripts

If you have good skills in reading and understanding code, you may not need to follow OffSec's guide. You can read the code yourself and look for bugs. You might even discover something interesting. Afterward, compare your findings with the guide to check if you've missed anything.
Within the modules, there will be questions that you must complete. There is no step-by-step guide, but if you can’t find the answer, seek help in OffSec's Discord community.
After the modules in the manual, there will be 3 labs that resemble the actual exam. Your task will be to achieve RCE. Try to complete one lab in a day. If you can’t get through, don’t get discouraged. Review where you went wrong and take note of feedback from Discord.

III. The exam

You will have a total of 4 machines for 2 source code reviews, 2 debugging machines, and 2 machines to help you capture the flags.

💡
Compared to the learning environment, the debugging machines in the exam seem to be a bit slow. You should prepare a stable and fast internet connection if you plan to debug.

Make sure you understand the routing structure, handling, and authentication before diving deep into finding bugs.

You have 2 days for 2 machines and 1 day to write the report. You should maintain a proper routine for eating, sleeping, and resting. Avoid staying up too much, as it could lead to stress or unnecessary mistakes.

Make sure to take enough screenshots and run your exploitation scripts when the machine is reverted to ensure everything is working fine before you finish the exam.

IV. Some advice

This is a great course, but you should also consider the CWEE (HackTheBox) course, as its course material and exam cover newer concepts like JWT, OAuth and combine both blackbox and whitebox testing.

HTB Certified Web Exploitation Expert
HTB Certified Web Exploitation Expert Certificate