In Taiwan, obtaining certifications have always been a common practice. However, in the today's environment of stigmatized intellectual prestige hierarchy, how should we navigate our own paths? Should we chase after higher-level certifications, or should we prioritize honing our practical skills?

Based on the phenomenon observed in recent years, the speaker will share Offensive Security's learning journey and exam preparation strategies (including 100-Essentials and 200-Foundational series and OSCE³) drawing from personal experience, and explores the impact and possibilities of Offensive Security's revamping of the OSCP to OSCP+ in 2024.

This talk focuses on a review of high-risk vulnerabilities in Taiwan's 10 most common network device brands. The objective is to reveal the current state of vulnerabilities in these devices and the behavior patterns of attacker groups. The research is based on large-scale wide-area scanning, analyzing the number and types of device vulnerabilities, and further exploring their relationships with regional distribution and protocol characteristics. The presentation will delve into how attacker groups exploit these vulnerabilities, including their methods and common techniques, with a particular emphasis on trends in attack behavior and their impact on device security.