OSCP Prep

asuraniaasurania Member Posts: 145
in Offensive Security: OSCP & OSCE
Hi All;
So I am starting my OSCP Prep. After doing a lot research below seems to be the optimal material to tackle before signing up for OSCP.

Here goes:

Phase 1: (2 to 3 weeks)
Book: Penetration Testing: A Hands-On Introduction to Hacking (Read the whole book)
Free Course: CodeAcadamy: Python

Phase 2: (2 to 3 weeks)
Book: Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers
Free Course: https://www.cybrary.it/course/advanced-penetration-testing/
Book: Kali Linux Revealed - Possibly also write the exam KLCP


Phase 3: (2 to 3 weeks)
Book: Black Hat Python: Python Programming for Hackers and Pentesters
VM Practice:
(#1) Kioptrix: 2014 https://www.vulnhub.com/entry/kioptrix-2014-5,62/
(#2) FristiLeaks: 1.3 https://www.vulnhub.com/entry/fristileaks-13,133/
(#3) Stapler: 1 https://www.vulnhub.com/entry/stapler-1,150/
(#4) VulnOS: 2 https://www.vulnhub.com/entry/vulnos-2,147/
(#5) SickOs: 1.2 https://www.vulnhub.com/entry/sickos-12,144/
(#6) Brainpan: 1 ttps://www.vulnhub.com/entry/brainpan-1,51/
(#7) HackLAB: Vulnix https://www.vulnhub.com/entry/hacklab-vulnix,48/
(#icon_cool.gif /dev/random: scream https://www.vulnhub.com/entry/devrandom-scream,47/
(#9) pWnOS: 2.0 https://www.vulnhub.com/entry/pwnos-20-pre-release,34/
(#10) SkyTower: 1 https://www.vulnhub.com/entry/skytower-1,96/

Phase 4: ( 2 to 3 weeks)
PentesterLab Web - https://pentesterlab.com/exercises/
(#1) Web for Pentester: https://pentesterlab.com/exercises/web_for_pentester
(#2) Web for Pentester II: https://pentesterlab.com/exercises/web_for_pentester_II
(#3) From SQLI to Shell: https://pentesterlab.com/exercises/from_sqli_to_shell
(#4) From SQL to Shell II: https://pentesterlab.com/exercises/from_sqli_to_shell_II
(#5) FromSQL to Shell PostGreSQL Edition: https://pentesterlab.com/exercises/from_sqli_to_shell_pg_edition
(#6) PHP Include and Post Exploitation: https://pentesterlab.com/exercises/php_include_and_post_exploitation


Exploit Exercises VM's - https://exploit-exercises.com/ (Ruxcon 2011)
(#1) Nebula: https://exploit-exercises.com/nebula/ (beginner)
(#2) Protostar: https://exploit-exercises.com/protostar/ (intermediate)
(#3) Fusion: https://exploit-exercises.com/fusion/ (advanced)


Phase 5 (optional) - Otherwise might skip and just register for OSCP - 2 Weeks
OverTheWire - OverTheWire: Wargames
(#1) Bandit: OverTheWire: Bandit (beginner - ssh/shell)
(#2) Natas: OverTheWire: Natas (beginner - webapp)
(scoring and other challenges via Wechall https://www.wechall.net/)

Corelan Tutorials https://www.corelan.be/index.php/category/security/exploit-writing-tutorials/
(#1) https://www.corelan.be/index.php/2009/07/19/exploit-writing-tutorial-part-1-stack-based-overflows/
(#2) https://www.corelan.be/index.php/2009/07/23/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-2/
(#3a) https://www.corelan.be/index.php/2009/07/25/writing-buffer-overflow-exploits-a-quick-and-basic-tutorial-part-3-seh/
(#3b) https://www.corelan.be/index.php/2009/07/28/seh-based-exploit-writing-tutorial-continued-just-another-example-part-3b/
(#4) https://www.corelan.be/index.php/2009/08/12/exploit-writing-tutorials-part-4-from-exploit-to-metasploit-the-basics/
(#5) https://www.corelan.be/index.php/2009/09/05/exploit-writing-tutorial-part-5-how-debugger-modules-plugins-can-speed-up-basic-exploit-development/
(#6) https://www.corelan.be/index.php/2009/09/21/exploit-writing-tutorial-part-6-bypassing-stack-cookies-safeseh-hw-dep-and-aslr/
· Share on FacebookShare on Twitter

Comments

  • adrenaline19adrenaline19 Member Posts: 251
    You'll enjoy this link.

    abatchy's blog: How to prepare for PWK/OSCP, a noob-friendly guide
    · Share on FacebookShare on Twitter
  • saragurusaraguru Member Posts: 46 ■■□□□□□□□□
    asurania wrote: »
    Hi All;
    So I am starting my OSCP Prep. After doing a lot research below seems to be the optimal material to tackle before signing up for OSCP.

    Here goes:

    ......

    Phase 2: (2 to 3 weeks)
    Book: Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers
    Free Course: https://www.cybrary.it/course/advanced-penetration-testing/
    Book: Kali Linux Revealed - Possibly also write the exam KLCP

    Phase 4: ( 2 to 3 weeks )

    ............

    Exploit Exercises VM's - https://exploit-exercises.com/ (Ruxcon 2011)
    (#1) Nebula: https://exploit-exercises.com/nebula/ (beginner)
    (#2) Protostar: https://exploit-exercises.com/protostar/ (intermediate)
    (#3) Fusion: https://exploit-exercises.com/fusion/ (advanced)

    .....

    Personally I feel that what you mentioned in Phase 2 and the Exploit Exercises VM's from Vulnhub are not needed. As far as Python is concerned you will be using it mostly for Buffer Overflow exercise. And writing it is damn easy even if you are familiar with general programming. It will only a day or two even if you are not aware of programming.

    And doing Exploit Exercises is definitely an overkill for OSCP. As far as I remember Protostar and Fusion has some challenges which are related to heap overflows, format strings and other stuffs. ( I think even for OSCE we are not asked to exploit heap though not sure )

    As you yourself has mentioned, Phase 5 is optional that is okay.

    Instead of the above things, I would suggest to concentrate more on thorough enumeration of targets from Vulnhub and privilege escalation. AFAIK most people struggle with privilege escalation in the exam.
    · Share on FacebookShare on Twitter
  • vynxvynx Member Posts: 153 ■■□□□□□□□□
    wondering about OSCP lab and exam,
    someone can tell me what is going on in the lab ? it is have workaround or guidance ? how about the exam? its reflect to the lab that we learn or different and much harder ?
    · Share on FacebookShare on Twitter
  • infosec123infosec123 Member Posts: 48 ■■■□□□□□□□
    vynx wrote: »
    wondering about OSCP lab and exam,
    someone can tell me what is going on in the lab ? it is have workaround or guidance ? how about the exam? its reflect to the lab that we learn or different and much harder ?

    Can you clarify what you are referring to exactly?
    · Share on FacebookShare on Twitter
  • vynxvynx Member Posts: 153 ■■□□□□□□□□
    infosec123 wrote: »
    Can you clarify what you are referring to exactly?

    you mean refer is compare with another or ?
    · Share on FacebookShare on Twitter
  • chrisonechrisone Member Posts: 2,278 ■■■■■■■■■□
    adrenaline19 wrote: »
    You'll enjoy this link.

    abatchy's blog: How to prepare for PWK/OSCP, a noob-friendly guide

    Excellent! Thanks!
    Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
    2023 Cert Goals: SC-100, eCPTX
    · Share on FacebookShare on Twitter
  • LonerVampLonerVamp Member Posts: 518 ■■■■■■■■□□
    I agree with what saraguru suggested up above.

    I think the VMs and exercises are not necessary. You can certainly try them or just give an attempt and read the walkthrus. I don't really suggest a book for Python. Personally, I think you can get more out of a Python fundamentals course or two via video.

    Personally, I'd suggest people take a month at PluralSight (monthly fee) or some selected courses at cybrary.it (free) to get some good fundamental python, linux, shell, windows administration primers. Search "OSCP review" on Google and start reading up on other reviews. Many include lists of useful resources, plus should give a good idea what skills or knowledge is needed for success.

    For writing buffer overflows and such, the OffSec material is excellent. It helps to have seen a course in general buffer overflows with animations (YouTube or SecurityTube?), but beyond that, the OffSec material can take you from 0 to success with simple BOF.
    Security Engineer/Analyst/Geek, Red & Blue Teams
    OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
    2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs?
    · Share on FacebookShare on Twitter
  • vynxvynx Member Posts: 153 ■■□□□□□□□□
    to be fair i'm interesting to take OSCP but dont have confidence enough to achieve it,
    is there any whatsapp / telegram group that discuss related with OSCP ?
    · Share on FacebookShare on Twitter
  • McxRisleyMcxRisley Member Posts: 494 ■■■■■□□□□□
    The platform wasn't available when I did OSCP but if you haven't heard of hackthebox then you seriously need to check it out. To me, that is the single greatest prep for OSCP at the moment. Although, I should mention that some of the boxes on there are much much harder than anything you will see in OSCP.
    I'm not allowed to say what my previous occupation was, but let's just say it rhymes with architect.
    · Share on FacebookShare on Twitter
  • MrAgentMrAgent Member Posts: 1,310 ■■■■■■■■□□
    I completely forgot about hackthebox. Definitely worth looking into for some practice before the OSCP.
    · Share on FacebookShare on Twitter
  • asuraniaasurania Member Posts: 145
    Thank You all. I Going to update this thread with updated resources, for my OSCP Prep (so others can use it to)...this weekend.
    · Share on FacebookShare on Twitter
  • vynxvynx Member Posts: 153 ■■□□□□□□□□
    MrAgent wrote: »
    I completely forgot about hackthebox. Definitely worth looking into for some practice before the OSCP.

    is this share environment and lab ? tried some but seems likely someone after get the admin fix the hole ... : (
    · Share on FacebookShare on Twitter
  • !nf0s3cure!nf0s3cure Member Posts: 161 ■■□□□□□□□□
    Well just went through hackthebox website, just the enrollment process seems a good way to start.
    · Share on FacebookShare on Twitter
  • vynxvynx Member Posts: 153 ■■□□□□□□□□
    !nf0s3cure wrote: »
    Well just went through hackthebox website, just the enrollment process seems a good way to start.

    hack to get the ticket join :)
    · Share on FacebookShare on Twitter
  • asuraniaasurania Member Posts: 145
    so i found that even through i have used linux in the past, this was still a real weak point for me.
    Book: Kali Linux Revealed & #1) Bandit: OverTheWire: Bandit
    · Share on FacebookShare on Twitter
  • lynadlynad Member Posts: 8 ■□□□□□□□□□
    Can anyone assist with an Invite to Hackthebox?
    · Share on FacebookShare on Twitter
  • vynxvynx Member Posts: 153 ■■□□□□□□□□
    lynad wrote: »
    Can anyone assist with an Invite to Hackthebox?

    hack it :)
    · Share on FacebookShare on Twitter
  • Luc3nc3Luc3nc3 Member Posts: 8 ■■□□□□□□□□
    Very helpful. Its not late for me to change my tact
    · Share on FacebookShare on Twitter
  • jortjrjortjr Member Posts: 8 ■□□□□□□□□□
    Thanks!
    · Share on FacebookShare on Twitter
  • dr_fsmodr_fsmo Member Posts: 15 ■□□□□□□□□□
    Great info since I am also in the prestudy stage as well.
    · Share on FacebookShare on Twitter
  • clarkincnetclarkincnet Member Posts: 256 ■■■□□□□□□□
    dr_fsmo wrote: »
    Great info since I am also in the prestudy stage as well.

    Agreed. I'm in the info gathering and learning stage as well.
    Give a hacker an exploit, and they will have access for a day, BUT teach them to phish, and they will have access for the rest of their lives!

    Have: CISSP, CISM, CRISC, CGEIT, ITIL-F
    · Share on FacebookShare on Twitter
Sign In or Register to comment.