The Hacker's Cache

#10 Breaking into Cybersecurity: Tips from a Pro ft. Jake Mayhew

Kyser Clark - Cybersecurity Episode 11

In this conversation, Kyser Clark interviews Jake Mayhew, a senior penetration tester, about his background and experiences in cybersecurity. They discuss the importance of internships, the value of creating a home lab, and the benefits of networking at local conferences and meetups. Jake also shares advice for job seekers, including the significance of standing out through proactive actions like writing reports and asking questions. Jake Mayhew and Kyser Clark discuss their favorite hacker movies and shows, as well as their experiences with different hacking certifications. They also explore the challenges of pursuing higher-level certifications and offer advice for those entering the cybersecurity field. The conversation concludes with a discussion on the importance of perseverance and community involvement in the job search process.

Connect with Jake Mayhew: https://www.linkedin.com/in/jake-mayhew-osce-oscp/

Takeaways

  • Internships can be a valuable way to gain experience and get your foot in the door in the cybersecurity field.
  • Creating a home lab and actively using it to learn and practice cybersecurity skills can demonstrate your passion and dedication to potential employers.
  • Attending local conferences and meetups can provide opportunities for networking and building relationships with professionals in the industry.
  • Proactively standing out in the job search process, such as by writing reports or asking questions, can make a candidate more memorable and increase their chances of getting hired.
  • Continuous learning and pursuing certifications can help job seekers demonstrate their commitment to improving their skills and staying up-to-date in the field. 
  • The OSCP certification is highly regarded and a good starting point for those interested in network penetration testing.
  • Higher-level certifications like OSEP, OSWE, and OSED require a deeper understanding of specific topics and may be more challenging.
  • Real-world experience and practical application of skills are crucial for success in advanced certifications.
  • Perseverance is key in the job search process, as rejection is common in the cybersecurity field.
  • Getting involved in the cybersecurity community can provide valuable networking opportunities and support.

Connect
---------------------------------------------------
https://www.KyserClark.com
https://www.KyserClark.com/Newsletter
https://youtube.com/KyserClark
https://www.linkedin.com/in/KyserClark
https://www.twitter.com/KyserClark
https://www.instagram/KyserClark
https://facebook.com/CyberKyser
https://twitch.tv/KyserClark_Cybersecurity
https://www.tiktok.com/@kyserclark
https://discord.gg/ZPQYdBV9YY


Music by Karl Casey @ White Bat Audio

Attention viewers/Listeners: This content is strictly for educational purposes, emphasizing ETHICAL and LEGAL hacking only. I do not, and will NEVER, condone the act of illegally hacking into computer systems and networks for any reason. My goal is to foster cybersecurity awareness and responsible digital behavior. Please behave responsibly and adhere to legal and ethical standards in your use of this information.

The postings on this site are my own and may not represent the positions of ...

[Jake Mayhew] (0:00 - 0:18)

It's a difficult realm for getting hired these days. If you're listening to this and you're like, man, I filled out 100 resumes or, you know, job applications and send out my resumes to all these people. It is hard.

 

It's not just you. It's where the industry is at the moment, unfortunately, where the economy is in the moment as well.

 

[Kyser Clark] (0:18 - 2:52)

You know, I was getting out of the military and I got rejected several times and it's just going to happen. The best thing you can do is just pick yourself up and keep going. If someone's going to give you a chance, you just gotta don't give up because if you give up, it will never happen.

 

Hi, I'm Kyser Clark and welcome to The Hacker's Cache, the show that decrypts the secrets of offensive security one bite at a time. Every week, I invite you into the world of ethical hacking by interviewing leading offensive security practitioners. If you are a penetration tester, bug bounty hunter, red teamer or blue teamer who wants to better understand the modern hacker mindset, whether you are new or experienced, this show is for you.

 

Hello, hello. Welcome to The Hacker's Cache. My name is Kyser Clark.

 

If you don't know who I am, I am a cybersecurity professional. I currently work as a penetration tester. I've been in the field for six years now.

 

I have total certifications, a bachelor's degree in cybersecurity, and I'm currently working on a master's degree in cybersecurity. Today, I have Jake Mayhew, who is a senior penetration tester. So he started out in threat intelligence and incident response internship, did that for about eight months, then moved on to cyber risk management, Linux system administration, network engineering and red teaming.

 

He did that for about two years and then moved on to a full time red teaming and penetration testing for various organizations and has been doing that for over five years. And like I said, currently working as a senior offense security analyst and doing offset course instruction on the side. For education, Jake has a bachelor's of science in cyber forensic and information security.

 

And for certifications, this is a long list. So get ready for it. The offset web expert, that's the OSWE, the offset exploit developer, that's the OSED, the offset experience penetration tester, that's the OSEP.

 

And if you take all those and add them up, it's the offset certified expert three, so that's the OSCE3, the granddaddy of all offset certs. He also has the offset certified expert, that's the original offset certified expert. And that certification is actually no longer available to obtain.

 

And he has the offset certified professional, that's the OSCP, the zero point security certified red team operator, that's the CRTO, offset defense analyst, that's the OSDA. He's also an authorized offset instructor for pen 100 and pen 200, that's the OSIB certification. And last but not least, he has the Microsoft certified Azure fundamentals.

 

So Jake, thank you so much for taking your time and doing this with me. Go ahead and unpack some of your experience and walk me through your background and introduce yourself to the audience.

 

[Jake Mayhew] (2:53 - 9:22)

Yeah, absolutely. Well, Kyser, thanks so much for having me on the podcast. We're officially colleagues now through ATA and the instructions.

 

That's pretty cool. You summarized well my experience. Obviously, I'm an offset junkie.

 

I really, I'm always coming back for more pain and torture with offset. And I'm taking the advanced Windows exploitation and not a black hat, but in London in September. So that's going to be like the hubba hubbas of my offset experience.

 

I hear that's the hardest one. So we'll see how that goes. But yeah, I am really enjoying my journey through kind of the trainings, basically.

 

But I love how it filters into my everyday and how I can pursue a deeper technical experience and have that feed into the training and the training feed back into my everyday on the job training and everything. But anyways, yeah, so I started in college. I did an internship at Mylan.

 

It's no longer Mylan, but I was on their data protection team, their threat intelligence team. And I did a lot of work with phishing. We're going to work with DLP, but that didn't, contracts between, like with the enterprise contracts weren't in place for my time there.

 

So I ended up moving towards phishing and did a lot of phishing analysis and kind of built out a tool to detect potential phishing mail and stuff like that from the logs. And that was a lot of fun. It was a really good experience.

 

And I always highly recommend anybody who's in school to pursue internships as early as possible, because that's really how you get your foot in the door. Uh, if you're, you know, in, in, in college at this point, but anyways, after that Mylan was going through hard times and, uh, so they couldn't hire me. So I ended up being hired in a leadership development program, which is also something that I recommend, um, people look for because a lot of companies offer them where they're essentially rotation programs where you go through six months, um, usually two years, a year, depending on the company.

 

And you take six months stints on different teams. And so the company I was hired at, I did that. And actually my current company does that as well.

 

And I find it's a fantastic experience for people coming out of school. And especially if you're interested in something like offensive security, um, you can find a company that offers information security rotation programs, and you can get experience in different realms of, of the industry without committing to a full job in that area. So for instance, I was able to do some Linux system administration, some network administration and risk management, et cetera.

 

And then during that time I passed my OCP and, uh, I really wanted to work on their red team, which they didn't officially have. And so I moved to their vulnerability management team and help them kind of build out the red team, basically. Then unfortunately my, my boss left at the end of that, at the end of my, my development program there.

 

And I had gotten an offer through participating in our local B-sides. I went and tried the CTF there and ended up meeting a lot of people. And, uh, through that, I ended up getting a job offer at CISO, um, a local Pittsburgh consulting company who I, um, still do some work for and work with, and I have a really great relationship with them.

 

Um, they're, they're fantastic consulting company. And so I, I worked on their red team for a year or two and, uh, really, really enjoyed that, that fantastic people there, like I said, and, um, but you know, my time there was, was kind of, um, came to an end. And then I went to PSC, which is a part of NCC group, which is based out of, out of England, but it's a global company.

 

And so they have a bunch of different offices in the U S. And so I, I did kind of PCI focused pen testing there, but it was, you know, basically like red team engagements that were shorter, obviously, you know, they were like a week or two long and they were focused on trying to kind of break from one environment, break access into a segmented cardholder data environment where the, the payment card data is stored. So that was a lot of fun, learned a lot, but, uh, that one, again, uh, the, the time was up on that one.

 

And I ended up moving back from consulting into, um, my current company, which was a competitor of, of the company that it did. The development program ended up working on their vulnerability management team and worked a lot on their penetration testing activities and so forth, and pretty much did all their offensive security stuff. Cause that's what I really liked, even though it was more of a vulnerability management role in title, I ended up breaking into or breaking out from that team and kind of starting an offensive security team there.

 

And then that became official a year and a half ago or so. And then we really last year hired Ryan Dobb, who you, you had on recently, and he's been working with us ever since. And he's been an awesome addition to the team.

 

So it's, it's me and him. And, uh, we take on the world on an internal red team, which has been a lot of fun. And then last year around earlier on in the year, I was, I was pursuing these offset certs, you know, all throughout this journey.

 

And my, the, the rep from offset was like, Oh, would you ever want to teach? And we have this company ATA who's, um, they're, they're teaching offensive security courses. And you know, cause we were talking about like how I was approaching some of the courses and he kind of threw that bug in my ear and I was like, yeah, sure.

 

So I ended up starting to teach offset courses on the side and I've really enjoyed that. I've taught the, the pen 200 course, maybe four or five times. And at this point, and we're going to teach it at black hat USA this year in a couple of weeks in August, which is going to be a lot of fun.

 

And, um, I also helped them build out kind of like a custom port of the EXP 301 or the OCD course earlier this year. And, uh, we, we taught that for, for a client and that was awesome. Uh, it was a lot of fun.

 

So yeah. Yeah. And I'm helping them kind of build out their pen 300 content as well for an instructor led training for that.

 

So yeah, lots of fun. It's kind of where I, where I am at the moment.

 

[Kyser Clark] (9:23 - 10:24)

What an incredible journey it's a, yeah, there's a lot of experience in there and thanks for unpacking all that. And you're telling your story because, um, especially when you're talking about, you know, internships, because that is how a lot of people would get jobs. And that's probably the best way to get into a position.

 

Um, right now I would say, cause it was a little harder to find jobs right now. We've had a few people on this show already who have said that they got their first job through internships. So that's definitely one of the better ways to get into the field.

 

Speaking of Ryan Dobbs. So episode number seven, that was only like what, three episodes ago, we had him on the show and he mentioned you a few times. He didn't mention you by name.

 

The main takeaway I took away from his episode. And that's the reason why I put the, that clip at the beginning of his episode was how he uploaded his pentest report to the application. Cause the title of the episode is thinking outside the box of laying your first pentesting job.

 

And that was a big takeaway for me. And I'm kind of curious, I'm like hearing like your perspective on the, from the hiring point, from seeing that come in.

 

[Jake Mayhew] (10:24 - 13:42)

Yeah. When you had mentioned that you had Ryan Dob on, I usually think of that experience with him in hiring and how he stood out. And, I've, I've mentioned that a number of times towards job seekers, people are having a little bit of tough time and they're looking for tips.

 

He was very proactive in expressing his interest and his skillset. And he just went an extra mile and that really caused him to stand out amongst the top, you know, four or five applicants that we had. And the main thing was through him providing like a pentest report of his home lab and stuff like that.

 

You know, I, I, we didn't have any other applicants that did something like that. You know, we interviewed a number of other people and they had really great resumes, but it just, it wasn't a good fit. And we were in an interesting spot because we work for an internal team.

 

It's not a consulting, like a smaller boutique consulting company or anything like that. So we're subject to HR's rules and we had to play there by the rule set. So we weren't allowed to offer a challenge or any like technical competency, competency tests.

 

We just had to do our phone screenings, interview, you know, one or two interviews and then make a decision. And so him proactively sending us like essentially a technical challenge that I would have given him really helped him stand out. And then he did a fantastic job in the interview and he was able to intelligently answer the questions and even the stuff he was a little bit, you know, uncomfortable with and, you know, where I was kind of pushing to see what the limits were.

 

He did a really good job handling the pressure and also speaking to what he could speak to in each thing. And I generally try to push the limits of like, okay, tell me how much you know about DNS or, you know, tell me how much you know about, you know, the TLS handshake or, you know, something like that. And just if they don't know much about it, that's totally fine, but I just kind of want to push the limits and see how they respond.

 

And he did a really great job with that. But I definitely recommend that if you are in your job search journey and you're having a tough time, first of all, set up a home lab. This is what Dob did.

 

We have a couple of Ryans on our team, so I always refer to them as Dob. So he set up a home lab and he researched a bunch of penetration testing techniques and, you know, he was doing some trainings and stuff. And he was actually taking this content that he was learning and he was applying it in his home lab.

 

And then he went a step further and actually wrote a report as if, you know, he was actually presenting it to a client. And so that was just really tip of the scales for us to hire him and he's been phenomenal ever since. So I hope that encourages those of you who are still in your journey or you're wondering who, how you can stand out and you're like, oh, I don't have these certifications or I don't have this or that.

 

There are other ways that you can stand out and there are people who want to take chances on folks who have a lot of potential, but might not have all of the experience or training. So there are people out there. So don't, don't give up.

 

[Kyser Clark] (13:42 - 13:51)

You said home lab. So do you think the same effect could be accomplished if someone just did a report on like a hack the box machine or like a try hack me room?

 

[Jake Mayhew] (13:51 - 15:04)

Absolutely. Yeah. Yeah.

 

So if you, for instance, me, I actually don't use, I don't have a home lab. I mean, I have, I do have a home lab in one sense, but I don't have like what Ryan had built. I usually use my training platforms or hack the box, you know, something like that, um, to cut my teeth on whatever I'm studying or preparing for.

 

So if that's not something you have the bandwidth or the resources to be able to, you know, buy a system that has enough resources to run a whole lab or something like that, you can absolutely just like, you know, throw up a medium blog and just write how to walk through a certain system and hack the box or the offset PG play or, um, try, try hack me or whatever your platform of choice is. And just share, share with the world how you're learning and take them along with your journey. And then that's something that hiring managers can look at and they can get a chance even before meeting you of what your technical competencies are like, Oh, this person knows how to run an end map scan and knows how to exploit a SQL injection manually and knows how to, um, these different classes of vulnerabilities because they've shown up in their, um, their reports or rather their blog posts.

 

[Kyser Clark] (15:04 - 15:55)

And in that case, for me, when I was, you know, applying, I wrote up two tracking rooms and I wrote up two Hank, the box machines. And I think I have like 10 ish, maybe 15 ish, uh, Hank, the box walkthroughs on YouTube. And I think on, on my resume, I would put like, you know, YouTube channel blog, but like, you know, maybe they're not looking at them, you know, maybe, maybe if I would've just took the PDF and upload it to the report, then they would actually saw it more, you know what I mean?

 

I just assumed that like, if I wrote a YouTuber and, and, uh, um, blog, they would just automatically check it out. So, you know, actually uploading it to, to the report and not just letting it sit on the internet and hope they find it. Um, that's, that's like next level advice in my opinion.

 

So, um, it's good that he, that he thought of that. Cause have you ever heard of that before? Like, um, at all?

 

[Jake Mayhew] (15:55 - 16:04)

Cause I know I've never seen anybody do that, but you know, that's kind of why it stood out. So I'm sure hopefully people will start doing that more often and cause it will bear fruit.

 

[Kyser Clark] (16:05 - 16:14)

What is some like really good advice that someone could apply as well? That's not like the general advice. Do you have any other like secret tips to success when it comes to searching for a job?

 

[Jake Mayhew] (16:14 - 20:33)

Yeah. Yeah. So, um, I did write a blog post about people who in college for something like cybersecurity or computer science, and they want to move into the field.

 

And what I think you're, you're getting at is, is I tend to have three or four things that I recommend to people. Uh, the first is what we already covered, which is a home lab and everybody that's, that's a pretty standard, um, recommendation. Usually if somebody's like, Oh, I'm looking for a job, then somebody kind of on the more experienced end, we'll be like, well, you have a home lab, right?

 

You know, if you don't have a home lab, don't expect to get a job, at least in a technical cybersecurity, um, role, I'm sure are pretty common, but, but for me, I like to mention are going to local conferences and local meetups and so forth. I touched on this before, but when I was, um, but my first consulting job I got through going to besides, um, I'm from the Pittsburgh area. So I went to besides Pittsburgh and they had to capture the flag competition.

 

And I'm like, well, I'm not going to get anywhere in this capture the flag competition, but I want to join it because I want to see what it's all about. And at that year was at this venue that had an abandoned school bus. And we were all in this abandoned school bus hacking away and they had, you know, access point there.

 

And it was, it was a lot of fun. And I ended up getting to know other people in the industry and, uh, I didn't do phenomenally well, but I think people noticed that I was there and that I was, you know, interested enough to be involved in the community and also just going for a CTF and just trying it that those are the things that kind of stand out. A lot of people are looking for that passion and that, that desire to just be involved and just, just get exposure to, um, different experiences, um, on the technical side of things.

 

So through that, I was able to, um, forge some relationships. And then, um, as a, as a result of that, we called it the hack bus. Um, you know, we had like the Slack channel and, but I was just on there.

 

I was just asking questions. I was, I was going through my office, the old OSCE at the time. And so I was just on there.

 

I was like, Hey, can I have some tips? Or, you know, I have these questions, like, I don't know how this is working. I can't get this exploit to work.

 

You know, there's different things. And, um, the guy was like, Hey, you are asking really good questions. Do you want a job?

 

And I'm like, sure. Okay. I'll talk about this.

 

And so that was really cool. And I definitely recommend people do that because those are the type of things that stand out. If you're asking questions, people notice, and if they're, you might think they're, I always thought they were dumb questions that I was asking.

 

I always thought I was like pestering people, but for some reason that just kind of, it shows where you are. It shows what you're working on. It shows what your projects are.

 

Hey, if you're asking a question about Windows exploitation, people know what you're working on and they know that you are exploring these different topics and the level of depth that you're at. And at times they can, they might see potential. So I highly recommend people getting involved in like a local B-sides conference.

 

Many bigger cities have a B-sides these days, but also a lot have other like weekly, monthly, bi-monthly meetups that the local cybersecurity community gets together and somebody presents on something. At a high level, what we're talking about is networking. And, you know, it's really the big things, but these are some practical outworkings because people will say, oh, well, you got a network, but this is what it looks like in my life and what I typically recommend for, for other folks.

 

Then the other thing is, is to get certified, pursue something. Don't just sit where you are and expect to get hired somewhere and then have them develop you work on it now. And it doesn't have to be an offset cert.

 

I know that's, you know, what I've targeted for a long time, but there's a lot of resources. There's like the hack the box certs that are a lot cheaper, but in some instances they're, they're better, or at least as good as some of the other ones. And there's just a lot more resources.

 

There's try hack me, there's just the hack the box labs and all that kind of stuff where you can just continually cut your teeth. And that's what people want to want to see is like, is this person continuously learning? Are they continually going back to how they can improve their skillset, something new that they can learn.

 

And those are the types of things that really stand out on resumes.

 

[Kyser Clark] (20:34 - 21:05)

Great. Yeah. Thanks for explaining that.

 

And yeah, local meetups is something I actually haven't done yet. And I was actually, you know, I finally got into a position where I could get in some local meetups and I'm in Alaska and there's like not a lot up here, so it's very unfortunate. So let's go ahead and get our rapid fire questions Okay.

 

So for the new listeners, Jake will have 30 seconds to answer five questions. If he answers five questions in 30 seconds, he's going to get a bonus six question, not related to cybersecurity. Time will start when I stop asking the first question.

 

Are you ready?

 

[Jake Mayhew] (21:06 - 21:06)

All right, I'm ready.

 

[Kyser Clark] (21:07 - 21:09)

What is the most unique device that you have ever hacked?

 

[Jake Mayhew] (21:14 - 21:17)

A sponge counter medical device.

 

[Kyser Clark] (21:18 - 21:22)

Favorite hacking tool. Nmap.

 

[Jake Mayhew] (21:22 - 21:23)

And Google.

 

[Kyser Clark] (21:24 - 21:27)

Favorite hacker movie slash so slash game.

 

[Jake Mayhew] (21:29 - 21:31)

Ooh, sneakers.

 

[Kyser Clark] (21:33 - 21:35)

Favorite hacking certification.

 

[Jake Mayhew] (21:36 - 21:38)

I'll go with OSCP.

 

[Kyser Clark] (21:39 - 21:42)

What color font is your terminal?

 

[Jake Mayhew] (21:43 - 21:44)

You see that console?

 

[Kyser Clark] (21:44 - 21:53)

Okay, that was a little over 30 seconds. That was actually about 36. Let's talk about your favorite hacker movie slash show.

 

So sneakers that show or movie?

 

[Jake Mayhew] (21:53 - 22:36)

It's a movie. It was from two. Honestly, it's the only one that I could think of.

 

So I haven't seen is there just like, just a movie just just called hackers, right? Um, I haven't seen that. I started it at one point, I think.

 

But I never never finished it. Really, the the only one that I could think of was sneakers, which is with Robert Redford. And they show him kind of breaking into a bank at the beginning.

 

Now it's like 90s computer. I kind of like the old retro hacking kind of style and everything like that. So it's an it's an older movie at this point.

 

But yeah, it's it's it's it's an enjoyable flick.

 

[Kyser Clark] (22:37 - 23:06)

Yeah, I honestly have never watched a hacker movie. I am not a movie person. I just don't watch a lot of movies.

 

I disappoint all my friends, colleagues, all the time. They're like, you haven't seen that movie? I'm like, Nope.

 

And people get so mad at me. And it's just I haven't. So I haven't watched sneakers.

 

And I heard I've heard about it. I've known so I might get to it one day. However, so if I was asked that question, I would say Mr. Robot. So I have actually watched Mr. Robot, one of the few shows where I've watched every episode from beginning to end.

 

[Jake Mayhew] (23:06 - 23:08)

Okay, I hear it's very realistic.

 

[Kyser Clark] (23:08 - 23:28)

Everything in that show was very plausible. And very in the you know, you can see the terminal and you see like, hey, Kali Linux. And you're like, Oh, like, I know that command.

 

You know, it's like, yeah, cool stuff like that. I don't know. I thought the ending was a little rough.

 

And I didn't really like the mega use of drugs. But other than that, the hacking was good. It was good.

 

[Jake Mayhew] (23:28 - 23:30)

Yeah, cool. Yeah, I've heard that.

 

[Kyser Clark] (23:30 - 24:27)

He said, ask questions about what you're working on. So the thing that I'm working on, I OSCE 3, that's one of the things I would like to get. And obviously, you gotta have three certs to do that.

 

And I've actually dabbled in the pen 300 course. And I'm not gonna lie, I've struggled with that pen 300 course. And I passed OSCP on my first try OSCP.

 

It was hard, but it wasn't. I didn't fail a bunch of times like a lot of some people do. And, you know, I thought OSCP like everything that was being taught was it was just, it made a lot of sense to me.

 

But then moving on to pen 300. It was like a whole nother level. So my question is, you know, someone like me who has OSCP, and they're trying to get the OSCP or another one of those 300 level certifications.

 

Can they use the same techniques and the same training method to get this high level? Or do they need to like engage like another level of thinking or take the course a different approach a course differently? What do you think about that?

 

[Jake Mayhew] (24:28 - 29:56)

Yeah, so that's a good question. And I wouldn't say I had to do too much different. And I'll actually say that for me, when I took on the OSCP, I failed it twice.

 

For those of you that have failed it, I failed it twice. Because I started from zero. Like, I, I was just like, I want to do this for a living.

 

I think it's really cool. I never thought that I could do something bad for a good cause. You know, like, I didn't know I could hack into something for good and that be legal and cool and actually help people.

 

So I was like, I want to do this. And I saw the OSCP, I saw the challenge of it. It was definitely the apex predator at the time when I took it, as far as pen testing certs.

 

And so when I started with that, I really had very few, very little technical knowledge and even less experience, actual practical experience. So I would like find a couple blogs of like, okay, hacking WPA2, or, you know, something like that. And I would try to follow those through, follow through with those.

 

But I just dove in, I just like jump ahead, headfirst in. And, you know, I was up to like 2am, you know, learning about Linux and different file permissions for exploiting, you know, local privilege escalation vectors and all that kind of stuff. So I had to work really, really hard.

 

And just a quick tip, I mentioned that I failed it twice. I always recommend, just take it. If you're in the process for any of these exams, just take it.

 

Even if you don't think you'll pass, take the exam anyway, because you'll gain just as much experience taking the exam as, you know, spending a week studying or something, because it will help you get familiar with the exam environment, it will help you understand what level of challenge it is, and it will help you see where your weaknesses are. And then you can feed that into your training. But this is my roundabout way of saying I had to work really hard for OSCP.

 

And then I started working in the industry and picking up a lot other skills where the other ones were very challenging. But I didn't, I had a much better foundation at that point. And so I could draw upon these other experiences and skill sets that I had to work for.

 

So it was definitely a different, for my personal journey, it was a lot different in that I had experience that I could draw on for those three, you know, higher level ones versus OSCP where I had nothing. And it was kind of like struggling in the dark, you know, for me, especially at the beginning there. So as far as OSEP, OSEP is, I find it's a very valuable and great certification, it's a fantastic next step if your goal is to do network penetration testing.

 

I would also pair that with the CRTO for a non-offset cert because it's more red team focused and PEN300 is specifically penetration testing focused. But they're not advanced, neither of those are advanced. They don't really touch EDR evasion.

 

It's really kind of old school AV, especially for the PEN300. And so as we're developing content for the ATA course, we're actually covering more EDR and stuff because there's not a PEN test I've been on in the past couple years that hasn't had any EDR that I've had to fight. So yeah, definitely becoming the common target there.

 

But anyways, more to your question to try to bring this back to what you were saying. I found with the PEN300 material, if you go through all of the content and you start building your tool sets as you're going through it, by the time you hit the end, if you go through the labs, you'll do fine on the exam. I actually found that the PEN300 exam was one of the easier ones, but that also came from my perspective of I had been doing network PEN tests for three or four years at that point.

 

So it was a lot more second nature. The harder one for me was the OSWE because I was not a developer. There was a lot of code to review.

 

You had to debug different development environments. That one I had to work a lot harder for, but it was very rewarding. And then with OSED, that one also was a little bit different of a situation because I had to work really hard to pursue the OSCE, the old OSCE that covered a lot of binary exploitation.

 

And so most, I'd say about 80% of the topics in OSED were covered in the old OSCE, if that makes sense. So because I had to work so hard for that, again, that was kind of similar to the OSCP where I didn't know anything about low-level Windows binary exploitation or user mode exploit development or anything like that. I had to work very hard at that.

 

So by the time I got to OSED, the muscle memory had already been established for a lot of that. So yeah, I don't know if that helps or if that really answers your question or if you have any follow-ups on that. I know I jumped around a bit there.

 

[Kyser Clark] (29:57 - 31:03)

Yeah. So I mean, like you said, you said you did some more network penetration testing. So maybe for me, maybe I just need to be in the field a little bit more and do some real-world PEN tests, and then I can kind of put it all together.

 

Because I went through the PEN 300 twice, and I went to the first challenge, and I got the first flag. And then after that, I was like, I have no idea what I'm doing here. Yeah, it's definitely hard.

 

And like you said, I think that's good advice too, taking the exam, even if you're not all that ready for it. I'm currently working on OSWA, so I paused the PEN 300 and I started working on OSWA, and I've actually failed that one twice now. I guess the OSWA, when I went through that course, made a lot of sense to me.

 

And I almost passed. I just barely missed it. But the PEN 300, I was like, man, I feel like there's a lot of things I'm not...

 

I'm accumulating knowledges, but I don't know how to connect the dots. And that's the struggle I'm having, is connecting the dots and when to look for what. I'll figure it out eventually.

 

But yeah, maybe it's just I need to do more network PEN tests. And maybe that's the answer to that question.

 

[Jake Mayhew] (31:03 - 32:32)

Yeah, gaining a level of comfort in that realm will definitely, as you continue, especially in this new role, congrats on the new job, by the way, as you're doing more network PEN tests, you'll come across things that you'll have to dig deeper into, and then it will kind of naturally come through you challenging yourself in that way. But also, as far as the prep work, I highly recommend using the Discord. There's no shame in asking.

 

I always ask questions. I would kind of push and see how far they would let you ask questions and stuff like that. Because there was definitely situations where I was like, oh, I don't know where to go with this.

 

I don't know where to go with this challenge or whatever. The fifth challenge, I recently did that. If you want to target it, you're welcome to ask me some questions or bounce some ideas off of that.

 

But the fifth challenge is pretty close to what the exam looks like, fifth in the six challenges. And I felt like it was fairly straightforward. Some of it is actually kind of OCP level, and then there's like harder portions of it that really test the PEN 300 level topics, you know, with like Kerberos on Linux and things like that, and AV evasion, all that kind of stuff.

 

So yeah, I'm happy to help you if you have any specific questions. I won't give away any any secrets, but I'm happy to bounce some ideas if you need that.

 

[Kyser Clark] (32:32 - 33:21)

Okay, yeah, I probably will take you up on that when I pass OSWA and go back to PEN 300, because that's where I'm going to go back as soon as I get through OSWA. Hopefully, I'll probably just go through the course again for a third time and then like make better notes and try to connect the dots better. And then yeah, if I have a question, I'll definitely reach out.

 

And like you said, the Discord, there's no shame in using Discord, because, you know, I have tons of questions in that Discord from the PEN 300, because there's, yeah, it was hard. And I also ask questions for the OSCP as well. And even OSWA, I ask questions in there all the time.

 

Definitely try your hardest at first and then, you know, have a list of things that you've tried, because that's the first thing they're going to ask you. What did you try? And then if you don't have a list of things that you've tried, then they're not going to help you.

 

[Jake Mayhew] (33:22 - 34:58)

For sure. Yeah, yeah. I've heard different, I've gotten different responses when I've talked to people who've done at least two or three of those 300 level courses.

 

Some people are like OSEP was the hardest one, bar none, you know. OSWE was the easiest one. And then other people are like, you know, OSED was just like the worst, because I've never written an exploit before, you know, like stuff like that.

 

So it really depends on what your background is. And if you do web app tests and you have a development background or something, OSWE is probably going to be a relatively speaking, no, no offset exams, it's going to be a cakewalk, but you know, relatively speaking, that might be easier. And then the OSEP or something might be really difficult.

 

But just personally for me, the other thing I wanted to say is that it's a pretty common story with those who are going through OSCP as well is, hey, I went through all this content, it all made sense, but then you hit the labs and it's like, I don't know how to put all these things together. And that's one thing that I really love helping students with when I teach the course as well is like, okay, now we're going to take all these and we're going to put them all together. And we're going to learn how to do this in the context of a test in this greater environment, rather than just looking at this one particular technique of SQL injection or whatever, we're going to see how it fits in to this target environment in, you know, by proxy, the exam as well.

 

So yeah, it's definitely a different skill set once you get to the actual challenges and everything.

 

[Kyser Clark] (34:59 - 35:34)

Yeah. And I think I want to add into another thing you said, depends on your background, you know, depends on, you know, how much or how low you're going to struggle in each course. But I also think it also depends on like, you know, what do you got going on in your life too?

 

So when you said that, I was thinking, I was like, oh, when I was going through OSEP, I was actually doing a military transition, which is like one of the hardest things you can actually do. And so maybe that played a part in it. Maybe, you know, now that I'm settled in my role, and I can focus on just the certification more.

 

So yeah, that definitely probably played a factor too, for sure.

 

[Jake Mayhew] (35:34 - 35:35)

Yeah, for sure.

 

[Kyser Clark] (35:35 - 35:41)

All right. So unfortunately, we are already out of time, man. This has been a lot of good information.

 

And so I'm gonna ask you the final question.

 

[Jake Mayhew] (35:42 - 35:42)

Okay.

 

[Kyser Clark] (35:42 - 35:46)

Do you have any additional cybersecurity hot takes or hidden wisdom you'd like to share?

 

[Jake Mayhew] (35:46 - 36:44)

My hot take is it's, it's a difficult realm for, for getting hired these days. So don't feel bad and don't give up. If you're listening to this and you're like, man, I filled out a hundred resumes or, you know, job applications and send out my resumes to all these, it is hard.

 

It's not just you. It's, it's, it's where the industry is at the moment, unfortunately, where the economy is in the moment as well. And so don't feel bad, but also don't give up.

 

And there are people that are willing to, to, to give you a shot. And there are people that are looking for passion and interest just as much as technical skills and ability. So keep your eye out and get involved in the community and you'll see something materialize, but also be patient, but don't give up.

 

It's more encouragement than tips.

 

[Kyser Clark] (36:47 - 37:21)

That's great advice. And, you know, you know, I was getting out of the military and I got rejected several times and it's just going to happen, you know, and, you know, I, even with OSCP and I did, I had like almost 70 hacked box machines done, 216 try hacking rooms. I know all this because I had to say it in an interview a bunch of times.

 

And, you know, even with all this stuff and all my write-ups that I did, it's like, I still face rejection. So yeah, it's going to happen. It's just the best thing you can do is just pick yourself up and keep going.

 

And if someone's going to give you a chance, you just gotta don't give up because if you give up, it will never happen.

 

[Jake Mayhew] (37:21 - 37:23)

Yep. Yep. For sure.

 

[Kyser Clark] (37:23 - 37:36)

All right, Jake, thank you so much for your time and attention to this episode. I really do appreciate you taking the time and doing this with me and I got a lot of value out of this and I'm sure the audience did as well. So where can the audience reach you if they want to connect with you?

 

[Jake Mayhew] (37:37 - 38:44)

Yeah, sure. So you can connect with me on LinkedIn. It's just Jake Mayhew and I think I'm the only Jake Mayhew in cybersecurity.

 

We'll see. Maybe, maybe that's wrong, but you should be able to find me pretty easily. And then I have a blog as well on EDM.

 

I've written up all my offset courses and stuff like that. So you can, if you're interested in like, Hey, which course to take next, you can check out those reviews and what content is covered and this difficulty level and stuff like that, those different courses. And I'm starting my own podcast with a friend.

 

It's totally unrelated to cybersecurity. It's more of actually a theology podcast. It's called Simply Devoted.

 

So if you're into that kind of thing, you can check our podcast out. Podcasts will be coming out in a couple of weeks here. So yeah, those are the three main ways.

 

Oh, I'm also on the Offsick Discord Mayhem. It's M-A-Y-H-3-M. So that's the handle I go by.

 

So you can ping me there as well.

 

[Kyser Clark] (38:45 - 39:04)

Perfect. And audience for me, best way to reach me is LinkedIn and my website, kevinclark.com. Thanks for hanging out.

 

Leave feedback if you haven't left me feedback already and review the show if you haven't done that yet already as well. And other than that, just check out the next episode when it comes out. This is Kyser signing off.

People on this episode