我本人的工作是从码农转变做Penentration Testing (Pentest)的，但是不是传统意义上的network/server pentest，而更多的是测试web app这一块。虽然对http和web方面的知识很熟，写点码也不是问题，但是对OSCP还有PWK所主要覆盖的这些以测试／黑服务器为主的这方面的知识和经验可以说是几乎为零。知道一点点网络知识(TCP vs UDP)，对command line算是熟悉，用过nmap，但是实在说不上熟悉，对Linux的系统结构了解也是甚少。加上这个是自学，所以基本上就是资历少就多花些时间学，如果他的学习材料上的一些基本概念也不懂，就自己再多花些时间上网补充一下。如果本身资历多，已经非常精通hacking
The following graphic is a simplified diagram of the PWK labs. You will initially connect via VPN into the Student Network and hack your way into additional networks as the course progresses. Once you have completed the course videos, you will have the basic skills required to penetrate most of the vulnerable computers in our lab. Certain machines will require additional research and a great deal of determination in order to compromise them.
Please note that all the machines in your lab range are vulnerable to some type of attack/exploit. There are also several vulnerable machines within this range that act as routers, which lead to additional vulnerable networks. As you progress through the PWK labs, you will discover various hints to machines throughout the lab environment. These hints will show the different relationships present between the machines that will help with specific attack vectors.
The most comprehensive infosec training course in the security industryOnline, self-paced course with remote penetration testing labsntroduces the latest hacking tools and techniquesDesigned for network administrators and security professionalsBecome an Offensive Security Certified Professional (OSCP) after passing the 24-hour performance-based examOSCP is recognized as the preferred penetration testing certification