OSCP What books would you recommend

IronmanXIronmanX Member Posts: 323 ■■■□□□□□□□
For of those of you who have done or are in OSCP what books would you recommend reading? (Other then the OSCP course material)

I have heard:
Mastering Kali Linux for Advanced Penetration Testing
The Shellcoder's Handbook: Discovering and Exploiting Security Holes

The Shellcoder's handbook seems a bit dated. Is it still relevant? -2004 book talking about 32 bit systems.
***Edit - I'm sure its relevant there are still 32 bit systems out there I just mean is there better up to date material.


  • impelseimpelse Member Posts: 1,237 ■■■■□□□□□□
    Normally we thing hacking books are good before OSCP training, after taking several labs and always running out of time the best recommendation is to learn more about Linux and some scripting, I spent days trying to escalate Linux machines because I really do not have deep knowledge of the OS.
    Stop RDP Brute Force Attack with our RDP Firewall : http://www.thehost1.com
    It is your personal IPS to stop the attack.

  • BodanelBodanel Member Posts: 214 ■■■□□□□□□□
    I recommend Gray Hat hacking. It should cover almost everything.
  • MrAgentMrAgent Member Posts: 1,310 ■■■■■■■■□□
    I picked up the Georgia Wiedman book. I thought it was a good read and worth the purchase.
    Penetration Testing: A Hands-On Introduction to Hacking: Georgia Weidman: 9781593275648: Amazon.com: Books
  • ilikeshellsilikeshells Member Posts: 59 ■■□□□□□□□□
    I second Georgia Weidman's book as it covers a wide base and is not overly cumbersome. Shellcoder's Handbook is cool but not really necessary for the OSCP level.
  • veritas_libertasveritas_libertas Member Posts: 5,746 ■■■■■■■■■■
    Yup, Georgia Weidman's book great. I'm reading through it in preparation for the eCPPT exam.
  • TK1799_stTK1799_st Member Posts: 111
    I started by Installing Oracle Virtualbox, downloading Metasploit 2, will be going through the Offensive Security course Metasploit Unleashed, and purchasing to read:

    1) Metasploit: The Penetration Tester's Guide
    2) Basic Security Testing with Kali Linux
    3) The Hackers Playbook 2
  • HappyGoatsHappyGoats Member Posts: 5 ■□□□□□□□□□
    Here's my recommendations:
    • The Shellcoder's Handbook: Discovering and Exploiting Security Holes
    • Hacking: The Art of Exploitation
    • The Web Application Hacker's Handbook
  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    I'm in the course currently and while some of the knowledge is nice to have before hand I find there is only so much you can do to prepare. Ultimately solid linux and scripting skills are enough to get you started. You'll be doing research no matter what and being able to get the little issues out of the way will serve you much better then knowing the shell code off the top of your head (plus that would probably be more applicable to OSCE).
    Intro to Discrete Math
    Programming Languages
    Work stuff
  • LionelTeoLionelTeo Member Posts: 526 ■■■■■■■□□□
    I had read those book mentioned by the above few poster

    The hackers playbook 2 should be a really good read and worth your time going through.
    Shellcoder would be more applicable to OCSE.
    The art of exploitation gives a good idea about buffer overflow, which you may require to modify some exploit to overflow the correct points on the stack to compromise your targets.
    Metasploit PT gives a good idea about ruby, and understanding the structure of metasploit codes, which can help if u need to modify some MSF exploits to overflow the correct areas on the stack
    http://www.amazon.com/Advanced-Penetration-Testing-Highly-Secured-Environments/dp/1849517746 covers basic stuff, but sets a good idea how the OSCP its like.
    Not sure if WAHH would be applicable, I suggest to leave that last.
Sign In or Register to comment.