Applying to Offensive Security Positions

I have for a long time had an interest in offensive security.  I have done a lot of training and studying different attacks.  I worked on my skills and even tested once for the OSCP.   I recently have applied to a few offensive security jobs aka pentest or web application security positions.  My resume has nothing about offensive security on it because my past has all been in positions for defensive security (blue team).  

A recruiter had me do a write up about my offensive security training and skills and send it to them so I figured anyone checking out my website might want to read it as well.  Please remember this is no formal letter just information about different skills and training I have done.

THE WRITE UP:

My experience as a SOC analyst lead to me to learn about different offensive attacks. How they are setup and executed. I spent a lot of time learning about them and decided to take the study and take the OSCP. The OSCP is an offensive security test that is hands on. They stand up 50+ lab machines for you to connect to and study and test different attacks on. Then for the test they have 5 machines that you attack in various ways demonstrating that you can perform the skills. When I tested I hacked 2 boxes and ran out of time. One box I performed a buffer overflow attack, another I found information to log in via ssh to the box and then had to break out of a restricted linux shell and increase my permissions. The third box I found a way to perform a mysql injection but I was not fast enough to perform the attack to the point that I got command execution. While training for the OSCP I have worked on hacking different vulnhub machines that went along with the OSCP. I have completed mysql attacks, XSS attacks with those. I have since stopped studying the OSCP to focus on web attacks. Web attacks are an interest of mine but I am not very experienced at performing. My SOC experience has led me to be able to spot different attack code coming through logs but never perform the attacks. I have been learning about the OWASP top 10 and other various attacks that people perform on websites, web servers and various services surrounding those platforms.

While studying I have used a variety of tools/scripts like dotdotpwn, wafw00f, wpscan, sqlmap, gobuster, LinkFinder, Burp Suite, OWASP Zap, Nmap and probably another 20 programs that I have forgotten to mention here. I have been recently working with OWASP's Juice Shop, which is a vulnerable website application that you can perform hacks on in a CTF style. I have a docker instance of it running on a local machine at my home that I can connect to and perform different attacks using manual testing and burp suite.

I have not done any static or dynamic code testing in the past. I can and have reviewed code used in various malware attacks. For instance if I saw logs on a SIEM that indicated a computer downloaded or visited a file on a website. I could connected to that site and grab the file while on a “dirty” computer network. Then look at the file's code (sometimes decoding code 4 different times using base64, XOR and other decoding processes) and determine what the attack was actually doing.

I have previously learned about static and dynamic code testing in a book and from various online articles but have not seen it actually done.

I have had some training in the past. At DerbyCon 7.0 I took the PWAPT course by Lanmaster53 aka Tim Tomes.

Thanks again!