How to Pass OSCP Exam A Beginner-Friendly Guide

1
How to Pass OSCP Exam A Beginner-Friendly Guide
2

• I was looking to write this post describing the
  things I did while trying to pass OSCP exam. I
  made many mistakes in the process and my route
  was not the most effective or efficient method of
  studying to pass the OSCP. However, I learned
  something from every source that I have listed
  and I firmly believe that everything I learned
  can be considered valuable.
• However it is never too late to improve as well,
  and in the hope of creating a tool to assist
  people in achieving the OSCP the best way they
  can I've streamlined the information I created
  into a much more targeted list. Be aware that
  this guide is geared towards those who are novice
  to testing penetration as I did and those with
  experience, don't hesitate to skip some of the
  items below.

3
My entire path to obtain the OSCP Zero to Hero

• Penetration Testing A Practical Introduction to
  Hacking written by Georgia Weidman
• the YouTube channel from IpSec HackTheBox
  machines from the past
• eLearnSecurity Junior Penetration Tester (eJPT)
• Penetration Testing using Kali Linux course (PwK)
• Offensive Security Certified Professional (OSCP)
• If you fail, finish the advanced and beginner
  machines available on the Virtual Hacking Labs
  platform before another exam attempt.
• I'm certain that this route that is accompanied
  by determination and a positive attitude can
  result in the desired outcome. This is definitely
  the route I'd choose in the event that I had to
  start all of the process again.
• I've also included links to relevant blog posts
  to further read on specific platforms or sources
  along with a few of my most-loved tools that I
  regularly use.
• My personal experience of the complete OSCP
  experience is available in the post that
  accompanies it.

4
Pre PwK Preparation

• Before I started the PwK course and lab I did an
  adequate amount of work to ensure that I wasn't
  getting overwhelmed. In retrospect, I believe I
  did prepare a little in terms of information, and
  not everything in the book is relevant or useful.
  If you're a complete novice like me I would
  suggest reading Penetration Testing - A Hands-on
  introduction to Hacking and watching the IppSec
  videos of more simple HackTheBox devices. If
  you're looking to invest more time learning,
  getting the JLPT certification might be
  beneficial. Once you have it, you can go straight
  into it and hand in the PwK an hour ago.
• For more information about my own preparation
  read this blog article
• CompTIA Security
• It's a good idea to have Security as my first
  security certificate, and I've added it to this
  page to ensure that I've completed it. It is not
  relevant to the OSCP but a great one to be able
  to have for those who are novices in Security.

5

• Penetration Test - Hands-on Introduction to
  Hacking written by Georgia Weidman
• An amazing book that is a must read for those who
  are just beginning. It is a fantastic transition
  into the PwK course, as it's an informative guide
  to take readers through the fundamentals for
  penetration testing. Georgia's video series that
  is accompanied by Cybrary called Advanced
  Penetration Testing is also beneficial.
• The Hacker Playbook 2 by Peter Kim
• A fascinating book which serves as a reference
  guide, this book will help you learn about
  certain tools and terms you'll encounter, but is
  not really necessary to me.
• Kioptrix 1-4 on Vulnhub
• My first machine that was vulnerable, the
  Kioptrix series, is well-known by the general
  public as easy to learn on.
• IppSec's videos on how to use retired HackTheBox
  equipment
• I then viewed a set of IpSec's instructional
  videos, particularly those he designed to help
  users use simpler machines. The video can be
  extremely helpful to become familiar with the
  tools and commands that he uses.

6
Post PwK Lab Time

• I was able to gain root access to 28.5 machines
  within the PwK laboratory, but I did not feel
  confident that I was competent enough to be able
  to pass oscp exam. I set the exam date a bit
  further from the time my lab session ended , and
  then did some studying in between.
• Machines that are vulnerable that HackTheBox
• I mainly employed HackTheBox during this time
  with a focus on older machines. I worked on 25 of
  the OSCP-Esque machines below, mostly through the
  use of IppSec's video walkthroughs. Looking back,
  I feel I could have learned more in the present
  time when I stayed clear of using videos in
  conjunction with them however at the time, my
  primary concerns were the exposure to a wide
  number of attacks and strategies. I highly
  recommend trying these devices without
  assistance.

7
Exam 1st attempt (failed at 65 points)

• I tried to give the OSCP exam an excellent
  attempt, but in the final exam, I was one shy of
  passing my first attempt , and ended in the 65th
  percentile. I was close to passing. It is a shame
  that I didn't have the ability to pass my exam in
  the first attempt. I believe that with just one
  more minute I could have passed the exam, but it
  was not to be.

Prior to exam 2 (passed by scoring 85 marks)
In this area, I saw the most improvements and
also learned the most. After taking a 3-month
break to adjust to some major shifts in my
lifestyle, I decided to jump back into studying.
The decision was not to extend the duration of my
lab or try out other services from outside. My
focus was on web-based applications and privilege
expansion. In the following list, Virtual Hacking
Labs deserves the top spot - it's amazing.
8

• PentesterLab
• I tried the platform because a friend had
  recommended it to me and it was a good platform
  for focused study on web application testing.
  While it was informative and well-designed
  however, I did not find it to be as useful as
  getting more experience in the real world was
  showing to be.
• Vulnerable computers that HackTheBox
• I returned to HackTheBox and finished five of the
  easiest active machines, bringing my total for
  the platform to thirty machines. The current
  machines don't offer walkthroughs like the older
  machines, and they are very difficult (despite
  their low scores). My opinion is that the latest
  generation of 'easy active machines are
  significantly more difficult than those available
  in the OSCP which is why it is important to keep
  that in mind while working on these machines.
• eLearnSecurity Junior Pentest
• I decided to focus my attention on the eJPT
  because I believed it could be a great
  transitional certification to continue to work
  towards the OSCP. Although it's generally
  well-thought out and implemented, it was too
  simple to me, at this stage in my study. I would
  recommend this to students who are just beginning
  to learn as a prelude to enrolling in the PwK
  course.
• Virtual Hacking Labs
• I can't think of enough good reviews concerning
  this Virtual Hacking Labs Platform. I believe
  that the lab and courseware it provides is
  superior to the one that is offered with
  Offensive Security. I have completed all 28 of
  the 42 available machines and gained about
  something new with each. I am convinced that of
  all the things listed I gained the greatest value
  from this particular Virtual Hacking Labs.
• If you are using this platform at present or in
  the near future make sure you visit the official
  discord channel, which is filled with friendly
  and helpful users.

9
Recommendations for Tools and scripts

• Last but not least, I'd like to highlight some of
  the software that I personally used to pass the
  OSCP. These tools aren't available in the
  standard Kali Linux distribution, so I would
  recommend downloading them and testing these out
  yourself.
• AutoRecon developed by Tiberius is a fantastic
  tool that makes the process of enumerating so
  easy, this tool is essential for any person who
  is attempting OSCP. OSCP exam.
• Dirsearch by maurosoria My favorite directory
  enumeration tool. I personally consider this tool
  to be significantly faster and more flexible than
  GoBuster or Dirb.
• Pspy developed by Dominic Breuker, a tool for
  monitoring processes in Linux that is excellent
  for monitoring processes in progress to identify
  cron jobs and other exploitable services. It has
  been useful in numerous instances.
• linux-smart-enumeration by Diego Treitos - One of
  the best Linux privilege escalation tools out
  there, this was always my first port of call when
  faced with a low privileged Linux shell.
• J.A.W.S from 411Hall I have found that this
  script has the greatest amount of information
  needed to perform Windows privilege escalation.
  It's extremely useful to run when working in a
  low-privileged Windows session.

10
OSCP Online Training and Certification
Get OSCP Online Training and Certification from
Pass Your Cert and become a OSCP certified all
over the globe. Visit www.passyourcert.net and
choose your course.
CLICK FOR MORE CERTIFICATION
FOLLOW US ON SOCIAL MEDIA

• EC COUNCIL
• CEH
• CCISO
• CPENT

• ISC2
• CISSP
• CCSP
• ISACA
• CISA
• CISM
• CRISC
• CGEIT

• PMI
• PMP
• RMP
• PGMP
• ACP
• CAPM

Instagram Facebook Linkedin Twitter