signing up to OSCP next week, study advice?

tommylisttommylist Member Posts: 10 ■□□□□□□□□□
Hi,I now have all the funds to sign up to the oscp next week. Is there any advice from those that have passed their OSCP? How did you study? Should go quickly start on the labs? I'm signing up the the 90 days lab time. How long after signing up did your lab time start? Thanks!


  • datakandatakan Member Posts: 17 ■■□□□□□□□□
    Would help to know your background and where you're at with this stuff already.
  • MalwareMikeMalwareMike Member Posts: 147 ■■■□□□□□□□
    Like Datakan said, it would be nice to know your background. If you are completely new to the field, I would definitely recommend going through the material at least once, probably twice. Make sure you understand the majority of what is being taught and then start hacking. You're going to get discourage probably fairly quickly but don't give up and keep searching, all your efforts will pay off.
    2019 Goals: CISSP, Splunk certifications (Certified Core, Power User, Admin, and Architect)

  • ramrod777ramrod777 Member Posts: 10 ■□□□□□□□□□
    I would like to know if I it is feasible for me to take OSCP,
    A bit of my background:
    Currently a web applications security tester at a financial institution ( i only mostly test Asp.Net) using burp suite all day :)
    CCNA Cisco CyberOps( Cybersecurity, OSI layers, routing protocols, subnetting etc)
    elearning Junior Penetration Tester
    Intermediate skills on Nix system ( LAMP Stack, server hardening etc)
    Knocked off Pentesterlabs Unix, Essential, White and Intercept Badges
    Did some vulnerable machines ( DVWA, zerowebappsecurity, a few Pico CTF)
    Did read Hacking exposed (web app), Mastering modern web penetration, Nmap Cookbook, seven deadliest web app attacks

    OSCP has a reputation for humbling even accomplished security guys and I want to have some perspective on how I will fare.
    I am really tight on budget but I still think OSCP is the best buy for me, still $1200 is a lot of money for me to spend right now
    Any suggestions on How I may better prepare and make sure to pass it on my first try?
  • tommylisttommylist Member Posts: 10 ■□□□□□□□□□
    Ahh, sorry for missing that information out. I have no formal education in IT apart from secondary/high school. I haven't even got the security + or CEH which I believe to be easier than the OSCP. I have however taken multiple udemy courses in hacking, social engineering, python and networking. I have done practical things like setup my own labs and practised what I've learnt there.I'm probably quite far away from OSCP in terms of my current knowledge, but my obsessive nature and determination will negate that I believe... I mean the prerequisites for the course are only an understanding of tcp/ip and basic linux skills which I have.Thanks! :)
  • ramrod777ramrod777 Member Posts: 10 ■□□□□□□□□□
    Hi tommy I am also preparing for oscp, May I know what udemy courses you signed up for?
  • tommylisttommylist Member Posts: 10 ■□□□□□□□□□
    Sure, this is the social engineering one that covers a wide range of client attacks. is the Ethical hacking one which covers a lot more things but with slightly less detail on each. Web app attacks, wireless attacks, server side attacks and client attacks. this is the python course. this answers your question
  • ramrod777ramrod777 Member Posts: 10 ■□□□□□□□□□
    mine too :) it has to be approved first i think by the administrator so only quick replies can be posted
  • ramrod777ramrod777 Member Posts: 10 ■□□□□□□□□□
    btw Im a Web App security Tester by trade with above certs, knocked off some vuln machines and 4 Pentesterlab Badges and have experience in LAMP stack, server hardening mbss, Nix systems administration. Is there anybody here who can point out what I still need to do to prepare for OSCP?
  • datakandatakan Member Posts: 17 ■■□□□□□□□□
    I found most of the resources people commonly refer you to for OSCP to be detrimental. They get you thinking in the wrong direction or over thinking and they almost always overly rely on Metasploit.

    I'd start with the study material they give you and just see what you can do in the lab. I'd also recommend using their IRC channel, very good resource to work with other students. Don't get buried in extra books/blogs etc. They really do give you everything you need.
  • ramrod777ramrod777 Member Posts: 10 ■□□□□□□□□□
    yeah over relying on Metasploit is not good, even on eJPT you need to know your way around different systems and tools. I have a friend who recently passed OSCP but he says the materials provided only covers 10% of the actual cert stuff.
Sign In or Register to comment.