I’m planning on taking the OSCP in Autumn 2022 but it will take a concerted effort to pass, if I even can pass.
This is my plan to examine the requirements so I’m ready to spot the requirements in the learning steps below.
- Study each of the OSCP PWK course highlights here.
- HTB – Hack the Box VIP Start to Finish
- Try to pwn every box on Offensive Security Proving Grounds
- Key exercises on CEHv11 EC-Council lessons.
- Develop PwnScript to scan and evaluate multiple targets on a LAN with separate directories for each target discovered.
- Study most likely services on vulnerable OSCP boxes and develop a plan of action to attack each service.
– Have a prepared script for each target
– Understand the process to analyze most likely successful exploits found for vulnerabilities discovered and try to get access with those. - Practice privilege escalation on Linux and Windows as well as Active Directory attacks. (That’s new to the OSCP as of January 2022)
- Study each major item from all the Proving Ground Walk-throughs I have on hand or discover in Step 2 above on Proving Grounds.
- Study hacknotes.txt I maintain.
- Study and take notes from key YouTube videos which teach on key technologies and attack methods.
– John Hammond
– Misc hack tutorial video search
– Hacktricks.com
– root-me.org - OSCP Brain dumps and whatever else seems relevant for a final review.
- Review all learned major items periodically to avoid how the brain starts removing stuff you don’t use.
- Flashcards for rote learning benefit.
Wish me luck!
It’s a 24-Hour exam with another 24 hours allotted to write an summary of how we hacked all the boxes.