John's Headshot

John's InfoSec Ramblings

The thoughts of a man working his way through a career in Information Security.

John Svazic

2 minute read

Toddler Stairs

Hello everyone! I figured to kick off this GLORIOUS blog (sorry, been watching 3Below: Tales of Arcadia with my kids on Netflix, and this catchphrase has really stuck with me), I wanted to let you in on a challenge I’ve been wanting to put myself through for a while now.

You see, I have my OSCP and (to a lesser extent) my CEH. I do get to work on internal penetration testing at my office, but it is not nearly as often as I would like. So what I’ve decided to do is challenge myself! For the next 30 weeks, I will be going through a list of 30 CTF virtual machines (VMs) from VulnHub and do a complete write-up of each machine. The goal is to both work through these machines myself to keep that offensive security side of myself alive, as well as giving back to the community in another new way.

I’ve already picked out my VMs from VulnHub, and I know the difficulties I’m going for. Right now the breakdown is as follows:

  • 10 Beginner/Easy VMs (a guy has to start somewhere!)
  • 15 Medium/Intermediate VMs (including a few that are recommended for OSCP prep.)
  • 5 Hard/Difficult VMs (c’mon, the PWK course for OSCP only had 4 hard VMs in the labs!)

I hope you’ll join me on this journey, and I hope you’ll find it useful. Wish me luck!

– John

comments powered by Disqus

Recent posts

See more



Hi. I'm John, and I'm an Information Security Generalist.