Roadmap For OSCP

Uploaded by

cahyo.darujati

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

462 views58 pages

Roadmap For OSCP

Uploaded by

cahyo.darujati

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 58

ROADMAP TO

OSCP
HEY I am Akash Dhakad
I am here because I love to give presentations.
THERE! You can find me at @akashdhakad
WHAT IS OSCP?
WHAT TO LEARN IN THE
COURSE?
 Kali Linux Basics  File Transfers
 Command Line and Bash Scripting  Anti Virus Bypass
 Essentials Tools  Privilege Escalation
 Information Gathering  Password Attacks
 Vulnerability Scanning  Port Redirection and Tunneling
 Web Application Attacks  Active Directory Attacks
 Client Side Attacks  Metasploit Framework
 Buffer Overflows  Powershell Empire
 Finding and Fixing Public Exploits  Assembling the Pieces
FIRST THINGS FIRST
 Who is this Course For?
 Infosec professionals transitioning to Pentesting
 People having basic Pentesting skills
 Security Professionals
 Not for absolute Beginners!
ABOUT THE EXAM
 Yes, it’s a battlefield
 24 hour fully proctored
 Exam time: 23 hour 45 minutes
 Another 24 hour for uploading documentation
 Min 70 points for passing
▰ Exam Structure
▰ Bonus Points (10)

 >= 80% correct solutions for topic exercises in each

topic
 30 correct proof.txt hashes from challenge machines
▰ Bonus Points (10)
▰ Passing Scenarios

 (40) AD Set + (20) Non-AD + (10) Non-AD

 (10) BP + (40) AD Set + (20) Non-AD
 (10) BP + (40) AD Set + (10) Non-AD + (10) Non-AD
 (10) BP + (20) Non-AD + (20) Non-AD + (20) Non-AD
PWK COURSE
 PDF Book
 Videos
 Exercises
 Labs (now Challenges)
 Lab Access
 90 days voucher (1500$)
 Costly, right?
 Make sure you utilize those days!
BEFORE THE COURSE
BASIC KNOWLEDGE
 Fundamentals
 Windows Basics
 System Administration
 User Account Manaąement
 Good CMD
 Powershell basics
 Groups and Policies
 Service Manaąement
 Fundamentals
 Linux Basics
 File System and Directory Structure
 System Administration
 User and Group Manaąement
 File Manaąement and Access Control
 Service Manaąement
 Bash shell basics
 Networkiną Basics
 TCP/IP protocol suite
 Basic network communication
 Layer 3/4 addressiną
 OSI Model
 Subnettiną and NAT
 Proxies and Tunneliną
 Web Application Basics
 Client Server Architecture
 HTTP and HTTPS (SSL)
 Request Response Protocol
 HTTP headers
 Status Codes and Errors
 URL Concepts
 Proąramminą (YES!)
 Basics Paradiąms (if-else/loops/data types/functions/files)
 Ability to read and modify code
 Basics of Python
 Exception and Error Handliną
 Cryptoąraphy
 Encryption/Decryption
 Hashiną aląorithms (MD5/SHA)
 Encodiną/Decodiną
 Public Key Infrastructure
 Crypto Applications: SSH/VPN/NTLM
PRACTICE LABS
 TJNull NetSecFocus (do them all)
 VulnHub, no?
 Proviną Grounds (Play and Practice)
 Buy the subscription (worth it)
 Hack The Box
 THM Offensive Pentestiną
 Stuck, need walkthrouąhs?
 Videos
 IppSec
 S1REN
 HackerSploit
 Articles
 Hackiną Articles
 0xdf
 Infosec Writeups
START THE PWK!
 Videos > PDF > PWK Labs
 PDF > Videos > PWK Labs
 Videos > PWK Labs
 Only PWK labs (not recommended )
TOOLS
Pentestiną = Human Expertise + Arsenal of tools
 Scanniną  Enumeration  Password Attacks
 nmap  smbclient  john
 wpscan  Dirbuster/ąobuster  hashcat
 nikto  NSE  hydra
 impacket

 Web Attacks  Initial Access  Privileąe Escalation

 Burp Suite  searchsploit  *-privesc-check
 nikto  msfvenom  linpeas
 netcat  cewl  winpeas
 pspy
 Pivotiną
 General  Active Directory
 Proxychains
 netcat  crackmapexec
 ssh
 powershell  enum4linux
 chisel
 socat  impacket toolkit
 plink
 Bloodhound
 mimikatz
 Adpeas
NOTE MAKING
 Tools?
 OneNote
 CherryTree
 KeepNote
 Notion
 OneNote
 Simple Interface
 Cloud Sync
 Free and feature-rich
 Hierarchical Notebook structure
 Lab Notes Format
 Recon
 Initial Access
 Priv Esc
 Post Exploitation (if any)
 Exploits Used
 Tools Used
 Other resources
WATCH VIDEOS
VIEW PDF

FILTER AND
HIGHLIGHT
COPY
CONTENT

ADD COMMENTS
 PDF for note makiną
 Initial Access
 Priv Esc
 Post Exploitation (if any)
 Exploits Used
 Tools Used
 Other resources
 Courses:
 YouTube Playlist
 Pentester Academy
 Udemy
 TCM Active Directory
 Bitten Tech’s Active Directory for Pentestiną 





 Practice
 HTB Dante Pro Labs
 HTB RastaLabs Pro Lab
 THM Throwback
 THM Attacktive Directory
 THM Wreath
BEYOND THE COURSE
 Bloąs:
 HackTricks
 Hackiną Articles
 Ippsec.rocks
GIVING THE EXAM
 VMWare > VirtualBox (you can use any)
 My Kali Specs:
 4 core CPU
 8 GB RAM
 128 MB Video Memory
 Have backups, snapshots
 Recon parallely, focus manually
 Don’t be stuck, and don’t keep switchiną
 Use Official OffSec Report Template
 Just explain what you did, don’t write too much
 Put as many screenshots as possible
 Proof read 2-3 times
 Came with basic pentestiną/CTF skills
 1 year subscription
 Videos > PDF > PWK labs
 No exercises
 1 month study, 4 months practice, 1 month note makiną
 HTB > PG >THM (~150 in total)
 12 hour mock test – 3 random HTB machines
 Full day rest before exam
 Victory
 Have a Plan
 Have a Dry Run before the exam
 Practice Practice PRACTICE
 Create your own notes/cheatsheet
 Not about how to exploit, but what to exploit
 Take Breaks
 DON’T RELY ON TOOLS!
 Try Harder (but chanąe)
 {Manual} Enumeration is the key
 Think out of the box
 Don’t underestimate and overestimate

Penetration Testing With Kali Linux (Pen 200) - 90 Days
0% (1)
Penetration Testing With Kali Linux (Pen 200) - 90 Days
4 pages
OSCP Exam Training Program
No ratings yet
OSCP Exam Training Program
17 pages
Roadmap For Red
No ratings yet
Roadmap For Red
2 pages
OSCP Preparation Guide: Step-by-Step
100% (1)
OSCP Preparation Guide: Step-by-Step
3 pages
HackTheBox Academy + Certifications
100% (1)
HackTheBox Academy + Certifications
8 pages
OSCP 16 Week Study Plan
No ratings yet
OSCP 16 Week Study Plan
3 pages
OSCP Professional 60 Questions
No ratings yet
OSCP Professional 60 Questions
7 pages
Lainkusanagi OSCP Like
No ratings yet
Lainkusanagi OSCP Like
14 pages
Oswp V4
100% (1)
Oswp V4
142 pages
lab-report
No ratings yet
lab-report
10 pages
Offsec PEN200 12WeeksPlan
No ratings yet
Offsec PEN200 12WeeksPlan
18 pages
OSCP Exam Training Program
No ratings yet
OSCP Exam Training Program
24 pages
OSWA OS XXXXXX Exam Report
100% (1)
OSWA OS XXXXXX Exam Report
17 pages
CPTS Final V5
No ratings yet
CPTS Final V5
577 pages
OSCP - Personal Notes
No ratings yet
OSCP - Personal Notes
15 pages
TCMS PNPT Training Overview
No ratings yet
TCMS PNPT Training Overview
16 pages
Pentesting Command Reference
No ratings yet
Pentesting Command Reference
12 pages
OSCP First Week Insights
No ratings yet
OSCP First Week Insights
10 pages
Writeup 1
No ratings yet
Writeup 1
4 pages
OSCP Exam Training Program
No ratings yet
OSCP Exam Training Program
46 pages
Vuln Hub
No ratings yet
Vuln Hub
1 page
Ad in Goad For Oscp Exam
No ratings yet
Ad in Goad For Oscp Exam
49 pages
Pentest Report for IT Security Teams
No ratings yet
Pentest Report for IT Security Teams
19 pages
OSCP
No ratings yet
OSCP
86 pages
Mix15k
No ratings yet
Mix15k
379 pages
October 2
No ratings yet
October 2
8 pages
Using CrackMapExec
No ratings yet
Using CrackMapExec
190 pages
HTB CPTS Course Outline
No ratings yet
HTB CPTS Course Outline
2 pages
OSDA Exam Report Template OS v1
100% (1)
OSDA Exam Report Template OS v1
8 pages
Linux Password Manager Exploit Guide
100% (1)
Linux Password Manager Exploit Guide
22 pages
Cleaned Oscp Journey Review v2
No ratings yet
Cleaned Oscp Journey Review v2
30 pages
Archetype Write-Up: Impacket
No ratings yet
Archetype Write-Up: Impacket
17 pages
Server-Side Attacks
No ratings yet
Server-Side Attacks
41 pages
Security Testing Insights
No ratings yet
Security Testing Insights
37 pages
OSCP OS 99999999 Exam Report
No ratings yet
OSCP OS 99999999 Exam Report
19 pages
CDSA v4
No ratings yet
CDSA v4
548 pages
Ultima Version Work
No ratings yet
Ultima Version Work
8 pages
Scripted Dish's Hashed HXBXBXBD BZBZBZBXB
No ratings yet
Scripted Dish's Hashed HXBXBXBD BZBZBZBXB
1 page
OffSec SOC-200 (OSDA)
No ratings yet
OffSec SOC-200 (OSDA)
7 pages
Exam Report Csa
No ratings yet
Exam Report Csa
13 pages
Hack Academys OSCP AD Cheatsheet and Notes-1
No ratings yet
Hack Academys OSCP AD Cheatsheet and Notes-1
29 pages
Nagoya Proving Grounds Practice Walkthrough Medium PDF
No ratings yet
Nagoya Proving Grounds Practice Walkthrough Medium PDF
20 pages
Windows Lateral Movement
100% (1)
Windows Lateral Movement
93 pages
CheatSheets OSCP
No ratings yet
CheatSheets OSCP
286 pages
Adispy OSCP MS01 v2mssql AD Set 2023
No ratings yet
Adispy OSCP MS01 v2mssql AD Set 2023
7 pages
89 - Esm
No ratings yet
89 - Esm
10 pages
eCPPT FieldManual
No ratings yet
eCPPT FieldManual
14 pages
ECPTXv2 Latest
No ratings yet
ECPTXv2 Latest
39 pages
PEN-200 Lab Report
No ratings yet
PEN-200 Lab Report
9 pages
Prepare To BSCP
No ratings yet
Prepare To BSCP
2 pages
The Certified Red Team Operator (CRTO)
No ratings yet
The Certified Red Team Operator (CRTO)
4 pages
PEN-200 24 Week Learning Plan
No ratings yet
PEN-200 24 Week Learning Plan
22 pages
Oscp Technical Guide
No ratings yet
Oscp Technical Guide
42 pages
HTB Academy Report Template
No ratings yet
HTB Academy Report Template
24 pages
RoadmapCertificationsRedTeam Securiters
No ratings yet
RoadmapCertificationsRedTeam Securiters
1 page
DACL Attacks II
No ratings yet
DACL Attacks II
98 pages
Linux Privilege Escalation Guide
No ratings yet
Linux Privilege Escalation Guide
3 pages
Complete OSCP Guide 2024 4
No ratings yet
Complete OSCP Guide 2024 4
58 pages
Roadmap To
No ratings yet
Roadmap To
58 pages
How To OSCP
100% (5)
How To OSCP
34 pages
Manuel - López - Tarea 1-Reading - "The Changing World of Blogging
No ratings yet
Manuel - López - Tarea 1-Reading - "The Changing World of Blogging
2 pages
Profile MBMAN
No ratings yet
Profile MBMAN
19 pages
Cyber Security of Smart Homes Development of A Reference Architecture For Attack Surface Analysis
No ratings yet
Cyber Security of Smart Homes Development of A Reference Architecture For Attack Surface Analysis
10 pages
Video Marketing for Businesses
No ratings yet
Video Marketing for Businesses
3 pages
Cisco 400-007 Exam Dumps Guide
No ratings yet
Cisco 400-007 Exam Dumps Guide
11 pages
History of Cloud Computing Characteristic of Cloud Computing Layers of Cloud Computing Deployment Models
No ratings yet
History of Cloud Computing Characteristic of Cloud Computing Layers of Cloud Computing Deployment Models
21 pages
CB Insights - MENA Companies
No ratings yet
CB Insights - MENA Companies
18 pages
CourseOverview XG Firewall Administrator CO80 v17.0.0
No ratings yet
CourseOverview XG Firewall Administrator CO80 v17.0.0
4 pages
FiberHome Element Management System-Northbound Interface (TL1) - User Manual-B
No ratings yet
FiberHome Element Management System-Northbound Interface (TL1) - User Manual-B
672 pages
Rudra Sen Report
No ratings yet
Rudra Sen Report
50 pages
Blog Website Documentation
0% (1)
Blog Website Documentation
20 pages
Đề Dự Đoán Speaking Quý Iii - 2024 (09!12!2024)
No ratings yet
Đề Dự Đoán Speaking Quý Iii - 2024 (09!12!2024)
53 pages
Test 1: Pyetje Për Kapitullin 1
No ratings yet
Test 1: Pyetje Për Kapitullin 1
5 pages
PsycBOOKS Icerik Listesssi
No ratings yet
PsycBOOKS Icerik Listesssi
540 pages
Meta Lawsuit
No ratings yet
Meta Lawsuit
3 pages
Overview of The Internet of Things (Iots) : Spring 2013 Qian Zhang Fytgs, Hkust
No ratings yet
Overview of The Internet of Things (Iots) : Spring 2013 Qian Zhang Fytgs, Hkust
56 pages
Digital Nepal: Opportunities and Challenges: International Journal of Research Publications
No ratings yet
Digital Nepal: Opportunities and Challenges: International Journal of Research Publications
16 pages
Cracking & Hacking Tools List
No ratings yet
Cracking & Hacking Tools List
4 pages
LIS Reflections: Maggie Willis
No ratings yet
LIS Reflections: Maggie Willis
19 pages
HSC - IT Practical (12 State Board) 2025
No ratings yet
HSC - IT Practical (12 State Board) 2025
22 pages
ABB ICS Cyber Security Reference Architecture - Drawings - Public
No ratings yet
ABB ICS Cyber Security Reference Architecture - Drawings - Public
10 pages
DICOM Troubleshooting Guide
No ratings yet
DICOM Troubleshooting Guide
106 pages
Informatikë: Specialist Rrjetash Kursi
No ratings yet
Informatikë: Specialist Rrjetash Kursi
1 page
Competitor Analysis Template
No ratings yet
Competitor Analysis Template
26 pages
The Impact of Social Media Marketing On Customer
No ratings yet
The Impact of Social Media Marketing On Customer
16 pages
Data-Link Layer MCQs
100% (1)
Data-Link Layer MCQs
4 pages
OnePetro Access Guide for NTNU Users
No ratings yet
OnePetro Access Guide for NTNU Users
12 pages
Final Na Final Stress
No ratings yet
Final Na Final Stress
85 pages
b1.4 Technology
No ratings yet
b1.4 Technology
6 pages
CRP 2
No ratings yet
CRP 2
181 pages

Roadmap For OSCP

Uploaded by

Roadmap For OSCP

Uploaded by

ROADMAP TO

 >= 80% correct solutions for topic exercises in each

 (40) AD Set + (20) Non-AD + (10) Non-AD

 Web Attacks  Initial Access  Privileąe Escalation

You might also like