0% found this document useful (0 votes)
2K views58 pages

Complete OSCP Guide 2024 4

Complete OSCP Guide 2024 4

Uploaded by

TiTan Hp
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
2K views58 pages

Complete OSCP Guide 2024 4

Complete OSCP Guide 2024 4

Uploaded by

TiTan Hp
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 58

ROADMAP TO

OSCP
HEY I am Ansh Bhawnani
I am here because I love to give presentations.
THERE! You can find me at @techhacker98
WHAT IS OSCP?
WHAT TO LEARN IN THE
COURSE?
 Kali Linux Basics  File Transfers
 Command Line and Bash Scripting  Anti Virus Bypass
 Essentials Tools  Privilege Escalation
 Information Gathering  Password Attacks
 Vulnerability Scanning  Port Redirection and Tunneling
 Web Application Attacks  Active Directory Attacks
 Client Side Attacks  Metasploit Framework
 Buffer Overflows  Powershell Empire
 Finding and Fixing Public Exploits  Assembling the Pieces
FIRST THINGS FIRST
 Who is this Course For?
 Infosec professionals transitioning to Pentesting
 People having basic Pentesting skills
 Security Professionals
 Not for absolute Beginners!
ABOUT THE EXAM
 Yes, it’s a battlefield
 24 hour fully proctored
 Exam time: 23 hour 45 minutes
 Another 24 hour for uploading documentation
 Min 70 points for passing
▰ Exam Structure
▰ Bonus Points (10)

 >= 80% correct solutions for topic exercises in each


topic
 30 correct proof.txt hashes from challenge machines
▰ Bonus Points (10)
▰ Passing Scenarios

 (40) AD Set + (20) Non-AD + (10) Non-AD


 (10) BP + (40) AD Set + (20) Non-AD
 (10) BP + (40) AD Set + (10) Non-AD + (10) Non-AD
 (10) BP + (20) Non-AD + (20) Non-AD + (20) Non-AD
PWK COURSE
 PDF Book
 Videos
 Exercises
 Labs (now Challenges)
 Lab Access
 90 days voucher (1500$)
 Costly, right?
 Make sure you utilize those days!
BEFORE THE COURSE
BASIC KNOWLEDGE
 Fundamentals
 Windows Basics
 System Administration
 User Account Management
 Good CMD
 Powershell basics
 Groups and Policies
 Service Management
 Fundamentals
 Linux Basics
 File System and Directory Structure
 System Administration
 User and Group Management
 File Management and Access Control
 Service Management
 Bash shell basics
 Networking Basics
 TCP/IP protocol suite
 Basic network communication
 Layer 3/4 addressing
 OSI Model
 Subnetting and NAT
 Proxies and Tunneling
 Web Application Basics
 Client Server Architecture
 HTTP and HTTPS (SSL)
 Request Response Protocol
 HTTP headers
 Status Codes and Errors
 URL Concepts
 Programming (YES!)
 Basics Paradigms (if-else/loops/data types/functions/files)
 Ability to read and modify code
 Basics of Python
 Exception and Error Handling
 Cryptography
 Encryption/Decryption
 Hashing algorithms (MD5/SHA)
 Encoding/Decoding
 Public Key Infrastructure
 Crypto Applications: SSH/VPN/NTLM
PRACTICE LABS
 TJNull NetSecFocus (do them all)
 VulnHub, no?
 Proving Grounds (Play and Practice)
 Buy the subscription (worth it)
 Hack The Box
 THM Offensive Pentesting
 Stuck, need walkthroughs?
 Videos
 IppSec
 S1REN
 HackerSploit
 Articles
 Hacking Articles
 0xdf
 Infosec Writeups
START THE PWK!
 Videos > PDF > PWK Labs
 PDF > Videos > PWK Labs
 Videos > PWK Labs
 Only PWK labs (not recommended )
TOOLS
Pentesting = Human Expertise + Arsenal of tools
 Scanning  Enumeration  Password Attacks
 nmap  smbclient  john
 wpscan  Dirbuster/gobuster  hashcat
 nikto  NSE  hydra
 impacket

 Web Attacks  Initial Access  Privilege Escalation


 Burp Suite  searchsploit  *-privesc-check
 nikto  msfvenom  linpeas
 netcat  cewl  winpeas
 pspy
 Pivoting
 General  Active Directory
 Proxychains
 netcat  crackmapexec
 ssh
 powershell  enum4linux
 chisel
 socat  impacket toolkit
 plink
 Bloodhound
 mimikatz
 Adpeas
NOTE MAKING
 Tools?
 OneNote
 CherryTree
 KeepNote
 Notion
 OneNote
 Simple Interface
 Cloud Sync
 Free and feature-rich
 Hierarchical Notebook structure
 Lab Notes Format
 Recon
 Initial Access
 Priv Esc
 Post Exploitation (if any)
 Exploits Used
 Tools Used
 Other resources
WATCH VIDEOS
VIEW PDF

FILTER AND
HIGHLIGHT
COPY
CONTENT

ADD COMMENTS
 PDF for note making
 Initial Access
 Priv Esc
 Post Exploitation (if any)
 Exploits Used
 Tools Used
 Other resources
 Courses:
 YouTube Playlist
 Pentester Academy
 Udemy
 TCM Active Directory
 Bitten Tech’s Active Directory for Pentesting 
 Practice
 HTB Dante Pro Labs
 HTB RastaLabs Pro Lab
 THM Throwback
 THM Attacktive Directory
 THM Wreath
BEYOND THE COURSE
 Blogs:
 HackTricks
 Hacking Articles
 Ippsec.rocks
GIVING THE EXAM
 VMWare > VirtualBox (you can use any)
 My Kali Specs:
 4 core CPU
 8 GB RAM
 128 MB Video Memory
 Have backups, snapshots
 Recon parallely, focus manually
 Don’t be stuck, and don’t keep switching
 Use Official OffSec Report Template
 Just explain what you did, don’t write too much
 Put as many screenshots as possible
 Proof read 2-3 times
 Came with basic pentesting/CTF skills
 1 year subscription
 Videos > PDF > PWK labs
 No exercises
 1 month study, 4 months practice, 1 month note making
 HTB > PG >THM (~150 in total)
 12 hour mock test – 3 random HTB machines
 Full day rest before exam
 Victory
 Have a Plan
 Have a Dry Run before the exam
 Practice Practice PRACTICE
 Create your own notes/cheatsheet
 Not about how to exploit, but what to exploit
 Take Breaks
 DON’T RELY ON TOOLS!
 Try Harder (but change)
 {Manual} Enumeration is the key
 Think out of the box
 Don’t underestimate and overestimate

You might also like