Path to OSCP?

Cyberscum

Well long story short:
In IT for about 15 years (network, admin, security, vulnerability scanning etc).

CISSP, CEH, SEC+ and only know very limited Python and pretty fluid with Linux and Kali.

My next life goal is OSCP.  I need to further understand security and think this is the path I would like.

Does anyone have a tried and proven formula that helped them pass ie:specific classes or research 

For now I'm studying Kali Linux unleashed followed by the free metasploit course they offer.  I see alot of penetrating courses on udemy and cybrary but not sure what is relevant or not.

Cyberscum

I know I followed a suggested path for CISSP from this forum and it helped me tremendously.  I'm hoping the community has done the same for OSCP

deltzy

If you have solid Linux/CLI skills then you could jump straight into OSCP and start working through the PDF they provide and even the lab envrionment and start on the machines. Just working through the lab machines and struggling with those was the best learning experience for me.

Other things you can do to prepare is use HackTheBox and use ippsec walkthrough's (on youtube) to go through some of the easier boxes. There are also some VulnHub machines that may be good to do beforehand. Just googled "OSCP Hack the Box machines" or "OSCP Vulnhub Machines", people have lists of machines that are somewhat related to what you'll see in the labs.

Good luck.

tedjames

A year or so ago, someone posted a link to download a homemade study guide that they created. I have no idea where that link is now (maybe buried in the OSCP forum?).

Danielm7

I've heard some good references to this guide:

https://www.netsecfocus.com/oscp/2019/03/29/The_Journey_to_Try_Harder-_TJNulls_Preparation_Guide_for_PWK_OSCP.html

tedjames

Danielm7 said:

I've heard some good references to this guide:

https://www.netsecfocus.com/oscp/2019/03/29/The_Journey_to_Try_Harder-_TJNulls_Preparation_Guide_for_PWK_OSCP.html

Yes, that's the one. Glad you found the link.

LonerVamp

Your best bet is really to google "OSCP review" and read the countless number of blog posts with experiences, feedback, and studying suggestions.

I will say, with what you say your background is, you should really just watch some IppSec YouTube videos on Hackthebox box walkthrus. If you feel like the processes he goes through for the easier boxes (look at the oldest videos in his list like Granny/Grandpa, Devel, Tenten, Arctic, Optimum, Bank, Beep...) is approachable for you, you're ready. (If IppSec says this is a harder or medium box, it's beyond the scope of the OSCP most likely.)

Again, you have experience and exposure to sysadministration, linux, and security topics and tactics. I agree with you going through the Metasploit Unleashed course to see how to use Metasploit. But after that, I think you should sign up and start going through the course materials you'll get. I think you'll find success quick.

Cyberscum

Solid advice guys/gals.  I watched a few videos of ippsec and felt right at home.  Apparently my brain remembered nmap commands and burp controls from tests I did a few years back lol.  I will just keep plugging away at these videos and trying it on my own.......Then read the directions lol