top of page
Writer's picturepassyourcert24

How to Pass OSCP Exam A Beginner-Friendly Guide



I was looking to write this post describing the things I did while trying to pass OSCP exam. I made many mistakes in the process and my route was not the most effective or efficient method of studying to pass the OSCP. However, I learned something from every source that I have listed and I firmly believe that everything I learned can be considered valuable.

However it is never too late to improve as well, and in the hope of creating a tool to assist people in achieving the OSCP the best way they can I've streamlined the information I created into a much more targeted list. Be aware that this guide is geared towards those who are novice to testing penetration as I did and those with experience, don't hesitate to skip some of the items below.

My entire path to obtain the OSCP Zero to Hero:

  1. Penetration Testing: A Practical Introduction to Hacking written by Georgia Weidman

  2. the YouTube channel from IpSec HackTheBox machines from the past

  3. eLearnSecurity Junior Penetration Tester (eJPT)

  4. Penetration Testing using Kali Linux course (PwK)

  5. Offensive Security Certified Professional (OSCP)

If you fail, finish the advanced and beginner machines available on the Virtual Hacking Labs platform before another exam attempt.

I'm certain that this route that is accompanied by determination and a positive attitude can result in the desired outcome. This is definitely the route I'd choose in the event that I had to start all of the process again.

I've also included links to relevant blog posts to further read on specific platforms or sources along with a few of my most-loved tools that I regularly use.

My personal experience of the complete OSCP experience is available in the post that accompanies it.

Pre PwK Preparation

Before I started the PwK course and lab I did an adequate amount of work to ensure that I wasn't getting overwhelmed. In retrospect, I believe I did prepare a little in terms of information, and not everything in the book is relevant or useful. If you're a complete novice like me I would suggest reading Penetration Testing - A Hands-on introduction to Hacking and watching the IppSec videos of more simple HackTheBox devices. If you're looking to invest more time learning, getting the JLPT certification might be beneficial. Once you have it, you can go straight into it and hand in the PwK an hour ago.

For more information about my own preparation read this blog article

CompTIA Security+

It's a good idea to have Security+ as my first security certificate, and I've added it to this page to ensure that I've completed it. It is not relevant to the OSCP but a great one to be able to have for those who are novices in Security.

Penetration Test - Hands-on Introduction to Hacking written by Georgia Weidman

An amazing book that is a must read for those who are just beginning. It is a fantastic transition into the PwK course, as it's an informative guide to take readers through the fundamentals for penetration testing. Georgia's video series that is accompanied by Cybrary called Advanced Penetration Testing is also beneficial.

The Hacker Playbook 2 by Peter Kim

A fascinating book which serves as a reference guide, this book will help you learn about certain tools and terms you'll encounter, but is not really necessary to me.

Kioptrix 1-4 on Vulnhub

My first machine that was vulnerable, the Kioptrix series, is well-known by the general public as easy to learn on.

IppSec's videos on how to use retired HackTheBox equipment

I then viewed a set of IpSec's instructional videos, particularly those he designed to help users use simpler machines. The video can be extremely helpful to become familiar with the tools and commands that he uses.

Post PwK Lab Time

I was able to gain root access to 28.5 machines within the PwK laboratory, but I did not feel confident that I was competent enough to be able to pass oscp exam. I set the exam date a bit further from the time my lab session ended , and then did some studying in between.

Machines that are vulnerable that HackTheBox

I mainly employed HackTheBox during this time with a focus on older machines. I worked on 25 of the OSCP-Esque machines below, mostly through the use of IppSec's video walkthroughs. Looking back, I feel I could have learned more in the present time when I stayed clear of using videos in conjunction with them; however at the time, my primary concerns were the exposure to a wide number of attacks and strategies. I highly recommend trying these devices without assistance.

Exam 1st attempt (failed at 65 points)

I tried to give the OSCP exam an excellent attempt, but in the final exam, I was one shy of passing my first attempt , and ended in the 65th percentile. I was close to passing. It is a shame that I didn't have the ability to pass my exam in the first attempt. I believe that with just one more minute I could have passed the exam, but it was not to be.

Prior to exam 2 (passed by scoring 85 marks)

In this area, I saw the most improvements and also learned the most. After taking a 3-month break to adjust to some major shifts in my lifestyle, I decided to jump back into studying. The decision was not to extend the duration of my lab or try out other services from outside. My focus was on web-based applications and privilege expansion. In the following list, Virtual Hacking Labs deserves the top spot - it's amazing.

PentesterLab

I tried the platform because a friend had recommended it to me and it was a good platform for focused study on web application testing. While it was informative and well-designed however, I did not find it to be as useful as getting more experience in the real world was showing to be.

Vulnerable computers that HackTheBox

I returned to HackTheBox and finished five of the easiest active machines, bringing my total for the platform to thirty machines. The current machines don't offer walkthroughs like the older machines, and they are very difficult (despite their low scores). My opinion is that the latest generation of 'easy active machines are significantly more difficult than those available in the OSCP which is why it is important to keep that in mind while working on these machines.

eLearnSecurity Junior Pentest

I decided to focus my attention on the eJPT because I believed it could be a great transitional certification to continue to work towards the OSCP. Although it's generally well-thought out and implemented, it was too simple to me, at this stage in my study. I would recommend this to students who are just beginning to learn as a prelude to enrolling in the PwK course.

Virtual Hacking Labs

I can't think of enough good reviews concerning this Virtual Hacking Labs Platform. I believe that the lab and courseware it provides is superior to the one that is offered with Offensive Security. I have completed all 28 of the 42 available machines and gained about something new with each. I am convinced that of all the things listed I gained the greatest value from this particular Virtual Hacking Labs.

If you are using this platform at present or in the near future make sure you visit the official discord channel, which is filled with friendly and helpful users.

Recommendations for Tools and scripts

Last but not least, I'd like to highlight some of the software that I personally used to pass the OSCP. These tools aren't available in the standard Kali Linux distribution, so I would recommend downloading them and testing these out yourself.

AutoRecon developed by Tiberius is a fantastic tool that makes the process of enumerating so easy, this tool is essential for any person who is attempting OSCP. OSCP exam.

Dirsearch by maurosoria My favorite directory enumeration tool. I personally consider this tool to be significantly faster and more flexible than GoBuster or Dirb.

Pspy developed by Dominic Breuker, a tool for monitoring processes in Linux that is excellent for monitoring processes in progress to identify cron jobs and other exploitable services. It has been useful in numerous instances.

linux-smart-enumeration by Diego Treitos - One of the best Linux privilege escalation tools out there, this was always my first port of call when faced with a low privileged Linux shell.

J.A.W.S from 411Hall I have found that this script has the greatest amount of information needed to perform Windows privilege escalation. It's extremely useful to run when working in a low-privileged Windows session.


1 view0 comments

Comments


Post: Blog2_Post
bottom of page