[Izmaki]

GekkePrutser: > Good!! That's the right approach. I also think these certifications are forcing students to think in the direction intended by the underlying company, whereas hacking is about looking for the unexpected. It's about mastery of technology, not about ticking some boxes and knowing command-line parameters of common tools by heart.

CEH is box ticking. OSCP is breaking into stuff. That hacking is about "mastery of technology" I don't agree with. The latest major vulnerabilities identified this month were very low hanging fruits, and I bet you there's still way too many unpatched instances of BIG-IP, NetScaler and Windows DNS out there right this moment. ...two of which have available POCs online for any scriptkiddie to get their hands on. If not all three... the researchers who found the Windows DNS vulnerability have agreed to hold their horses for a while, letting admins patch their systems before releasing all details.

Latteral movement in an Active Directory environment is trickier than looking up a version number and trying your luck with a POC, sure, but you give too much credit to hackers, man. :P