OSCP - where to start?

tarikos1311

Hi, I've decided to take OSCP as far as it is one of the best security certifications on the market.
However I have a lot of questions that are tormenting me.
1st : where to start? I can't see any official course (study guide), book or videos to buy.
2nd: what about the topics? OSCP is covering which security elements?
3rd: Where can I practice, and How am I supposed to know if I'm ready or not?
4th: What are the requirements? I have to master Linux, BackTrack and other technologies before starting?
FYI; I'm holding CCNA R&S, Security and CompTIA Security+

ilikeshells

I start in a couple weeks, so YMMV. I'd start using some Google-fu to further answer your questions though.

1. The study guide is a PDF, Videos, and Exercises from OS that you receive when you start. You also get access to the Lab, if you will, where you practice on a plethora of machine and networks before sitting for the exam. If you are looking to brush up your knowledge there are a number of posts on here and in the tubes to look at.

2. The OSCP syllabus is publically available.

3. You can practice with Virtualbox/VMWare with any number of boot to root images, books (I like Georgia Weidmann's Pentesting book), various websites, and other tools. From what I can gather, you are ready when you are ready to dedicate some time to the course. Most people recommend 90 days with 20+ hours a week min.

4. There are no requirements. Although it is recommended to be comfortable in the linux CLI. Most folks will also say brush up on python/bash and do some cursory studies on x86 buffer overflows.

Good luck.

TechGuru80

1. The only way to get the official course book and videos is to purchase a package (30/60/90 days) for Penetration Testing with Kali. You could use material for the CEH to prepare but most of that stuff will only help a little. The official course package and researching is how you learn a lot.

2. The PWK syllabus is available on their website for download.

3. There are test VMs out there for Penetration Testing and you could also make a vulnerable lab at home. Once you buy the course, you get VPN credentials to their lab for either 30/60/90 days (depending on the package you purchased).

4. They recommend being comfortable (intermediate level) with Linux and familiarity with scripting. Knowing tools on Kali is not a requirement but of course it helps. The course is not with Backtrack it is with Kali...BT was replaced around 2 years ago.

Those certifications will help in your knowledge of how networks interact, however you compromise systems/applications...not network devices in the course.

I would also google hints on taking the OSCP or look at the review section on their website as many people have said what helped them stay organized during the labs through the exam.

tarikos1311

I think that CEH is a necessaty to have an idea about the penetration world.
I've read that its level is intermediate, comparing to OSCP's, which is advanced.
What about taking a look and passing the CEH before dealing with OSCP.
I see that CEH study materials are all over the net (study guide / books to buy / Free videos) ..
What do you think? Am I going to lost time or is it a good idea?

griffondg

I don't see the CEH as a necessity at all. Yes, it gives you familiarity with some of the tools but isn't in the same league, to be honest. Review the syllabus for the OSCP online and then use google or one of the CEH books to get comfortable with the topics.

MrAgent

Read some reviews and go over their syllabus to get a better idea.