Path to OSCP?
Cyberscum
Member Posts: 795 ■■■■■□□□□□
Well long story short:
In IT for about 15 years (network, admin, security, vulnerability scanning etc).
CISSP, CEH, SEC+ and only know very limited Python and pretty fluid with Linux and Kali.
My next life goal is OSCP. I need to further understand security and think this is the path I would like.
Does anyone have a tried and proven formula that helped them pass ie:specific classes or research
For now I'm studying Kali Linux unleashed followed by the free metasploit course they offer. I see alot of penetrating courses on udemy and cybrary but not sure what is relevant or not.
In IT for about 15 years (network, admin, security, vulnerability scanning etc).
CISSP, CEH, SEC+ and only know very limited Python and pretty fluid with Linux and Kali.
My next life goal is OSCP. I need to further understand security and think this is the path I would like.
Does anyone have a tried and proven formula that helped them pass ie:specific classes or research
For now I'm studying Kali Linux unleashed followed by the free metasploit course they offer. I see alot of penetrating courses on udemy and cybrary but not sure what is relevant or not.
Comments
-
Cyberscum Member Posts: 795 ■■■■■□□□□□I know I followed a suggested path for CISSP from this forum and it helped me tremendously. I'm hoping the community has done the same for OSCP
-
deltzy Member Posts: 34 ■■■□□□□□□□If you have solid Linux/CLI skills then you could jump straight into OSCP and start working through the PDF they provide and even the lab envrionment and start on the machines. Just working through the lab machines and struggling with those was the best learning experience for me.
Other things you can do to prepare is use HackTheBox and use ippsec walkthrough's (on youtube) to go through some of the easier boxes. There are also some VulnHub machines that may be good to do beforehand. Just googled "OSCP Hack the Box machines" or "OSCP Vulnhub Machines", people have lists of machines that are somewhat related to what you'll see in the labs.
Good luck.CISSP | OSCP | CREST CRT & CPSA | CCSKv4 | SEC + | CCENT | CISMP | AZ-900
In Progress: CCSP, AZ-500 -
tedjames Member Posts: 1,182 ■■■■■■■■□□A year or so ago, someone posted a link to download a homemade study guide that they created. I have no idea where that link is now (maybe buried in the OSCP forum?).
-
Danielm7 Member Posts: 2,310 ■■■■■■■■□□I've heard some good references to this guide:
https://www.netsecfocus.com/oscp/2019/03/29/The_Journey_to_Try_Harder-_TJNulls_Preparation_Guide_for_PWK_OSCP.html
-
tedjames Member Posts: 1,182 ■■■■■■■■□□Danielm7 said:I've heard some good references to this guide:
https://www.netsecfocus.com/oscp/2019/03/29/The_Journey_to_Try_Harder-_TJNulls_Preparation_Guide_for_PWK_OSCP.html
-
LonerVamp Member Posts: 518 ■■■■■■■■□□Your best bet is really to google "OSCP review" and read the countless number of blog posts with experiences, feedback, and studying suggestions.I will say, with what you say your background is, you should really just watch some IppSec YouTube videos on Hackthebox box walkthrus. If you feel like the processes he goes through for the easier boxes (look at the oldest videos in his list like Granny/Grandpa, Devel, Tenten, Arctic, Optimum, Bank, Beep...) is approachable for you, you're ready. (If IppSec says this is a harder or medium box, it's beyond the scope of the OSCP most likely.)Again, you have experience and exposure to sysadministration, linux, and security topics and tactics. I agree with you going through the Metasploit Unleashed course to see how to use Metasploit. But after that, I think you should sign up and start going through the course materials you'll get. I think you'll find success quick.
Security Engineer/Analyst/Geek, Red & Blue Teams
OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs? -
Cyberscum Member Posts: 795 ■■■■■□□□□□Solid advice guys/gals. I watched a few videos of ippsec and felt right at home. Apparently my brain remembered nmap commands and burp controls from tests I did a few years back lol. I will just keep plugging away at these videos and trying it on my own.......Then read the directions lol