OSCP

Am I leet yet?

The OSCP has become the big cert goal for all aspiring hackers. Beyond being filled with content, it is a practical exam, which means no multiple choice. You will be dropped into a network where you have to compromise 5 boxes, one of which will require a buffer overflow attack to compromise. The big kicker is that you cannot use any auto exploitation tools, and you can only use Metasploit once.

Official Documentation

As always, read the documentation. There are tons of helpful hints and suggestions in the official docs. It also clearly defines the rules of engagement for the exam. Do not use a tool that will invalidate your exam. They give you everything you need in the official course material, use it and stay within bounds.

• https://www.offensive-security.com/offsec/oscp-exam-structure/

• https://www.offensive-security.com/metasploit-unleashed/

• https://help.offensive-security.com/hc/en-us

• https://help.offensive-security.com/hc/en-us/articles/360050473812

• https://www.offensive-security.com/documentation/penetration-testing-with-kali.pdf

• https://forums.offensive-security.com/

Tools and Resources

• OSCP Unofficial Tool List

• List of Essential OSCP Reddit Topics

• http://0xc0ffee.io/blog/OSCP-Goldmine

• Autorecon - The OSCP recon phase easy button. An amazing tool written by Tiberius, this will make your initial scanning super easy, does not perform any auto-exploitation, and is 100% approved for the OSCP.

  • https://www.hackingarticles.in/comprehensive-guide-to-autorecon/

• 21y4d - nmapAutomator - The main goal for this script is to automate the process of enumeration & recon that is run every time, and instead focus our attention on real pentesting.

• Codingo - Reconnoitre - A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

OSCP Guides

Every one that takes the exam writes up a blog post about it. Read them all. Learn from their successes and their failures.

• https://johnstawinski.com/2022/10/09/oscp-2023-study-guide-new-exam-format

• https://johnjhacking.com/blog/oscp-reborn-2023/

• https://sgtdede.gitbook.io/hacking/oscp-2022/guide-en

• https://www.netsecfocus.com/oscp/2021/05/06/The_Journey_to_Try_Harder-_TJnull-s_Preparation_Guide_for_PEN-200_PWK_OSCP_2.0.html

• https://hxrrvs.gitbook.io/oscp/

• https://ninjasec.medium.com/efficiently-utilizing-autorecon-for-oscp-and-beyond-74c93a273a36

• https://github.com/Shiva108/CTF-notes/tree/master/OSCP-Materials-master

• https://github.com/Shiva108/CTF-notes/tree/master/Notes%20VA

• https://github.com/Shiva108/CTF-notes/tree/master/Everything-OSCP

• https://github.com/Shiva108/CTF-notes/blob/master/enum_oscp.html

• https://github.com/Shiva108/CTF-notes/blob/master/how-to-oscp-final.md

• https://github.com/Shiva108/CTF-notes/blob/master/Kali%20Linux%20Offensive%20Security%20Certified%20Professional%20Playbook.html

• https://avasdream.engineer/assets/OSCP-Methodology.png

• https://kali.training/lessons/introduction/

• https://www.netsecfocus.com/oscp/2019/03/29/The_Journey_to_Try_Harder-_TJNulls_Preparation_Guide_for_PWK_OSCP.html

• https://www.tripwire.com/state-of-security/security-awareness/oscp-journey/

• https://411hall.github.io/OSCP-Preparation/

• https://scund00r.com/all/oscp/2018/02/25/passing-oscp.html

• https://www.abatchy.com/2017/03/how-to-prepare-for-pwkoscp-noob

• https://niiconsulting.com/checkmate/2017/06/a-detail-guide-on-oscp-preparation-from-newbie-to-oscp/

• https://johnjhacking.com/blog/the-oscp-preperation-guide-2020/

• https://medium.com/@hakluke/haklukes-ultimate-oscp-guide-part-1-is-oscp-for-you-b57cbcce7440

• https://sushant747.gitbooks.io/total-oscp-guide/content/

• https://rana-khalil.gitbook.io/hack-the-box-oscp-preparation/my-oscp-journey-a-review

Essential Videos and Courses

There are plenty of write ups and training classes out there for the OSCP but there are a few that are 100% gold. First off, Tiberius is a pentester of the highest caliber who has written probably the greatest course for Privilege Escalation available. I like paying for very few things, but his classes are one of them. The other big one to know is the Cyber Mentor. Heath Adams produces amazing learning content, in a way that is just super easy to digest. Not only does his Buffer Overflow class make sense of the subject better than anything else, but he has a whole collection of offensive based training and even a certification. (Its much cheaper than the OSCP). Do your self a favor and get every piece of content these two make.

• TryHackMe Pentesting Course -https://tryhackme.com/path/outline/pentesting

• TryHackMe Buffer Overflow Prep -https://tryhackme.com/room/bufferoverflowprep

• Cyber Mentor: Buffer overflow - https://tcm-sec.com/buffer-overflows-made-easy/

• Tiberius' Priv Esc Courses - https://www.udemy.com/course/linux-privilege-escalation/

• TJNull's OSCP Prep - https://www.youtube.com/playlist?list=PLidcsTyj9JXK-fnabFLVEvHinQ14Jy5tf

• Tiberius Buffer overflow - https://www.youtube.com/watch?v=1X2JGF_9JGM

• Conda's OSCP Prep - https://www.youtube.com/playlist?list=PLDrNMcTNhhYqZU1ySROli7Oc08mxe1tZR

Practice Box List

These are boxes that are similar to those that you will find on the exam. They will be focusing around certain tasks like buffer overflow, or exploiting a certain service. Beware that some of them are retired HTB boxes that will require a subscription to get access to.

• TJNull's List - https://docs.google.com/spreadsheets/d/1dwSMIAPIam0PuRBkCiDI88pU3yzrqqHkDtBngUHNCw8/edit#gid=1839402159

• HackTheBox List -https://docs.google.com/spreadsheets/d/1PVH3athOru-rHirsy30R1r8692R6J44W7uuHTrquqnk/edit#gid=1638926857https://hyd3.home.blog/2020/06/22/oscp-prep-hackthebox-list/

• NoobSec List - https://docs.google.com/spreadsheets/d/1PVH3athOru-rHirsy30R1r8692R6J44W7uuHTrquqnk/edit#gid=1638926857

• OSCP-like Boxes -https://nopresearcher.github.io/OSCP-Like-Boxes/