Hi there, If you are reading this, you are most likely thinking about preparing and passing the OSCP exam.
Why OSCP? It’s well known and highly respected cybersecurity certification. The OSCP exam is a 24 hours of proctored challenging hacking and 24 hour of detailed report writing with step-by-step explanation of how you managed to get full access to the target. Your steps should be 100% reproducible.
My experience. During my OSCP preparation, I did up to 120 different boxes on various platforms(HTB, Proving Grounds, VulnHub, etc.) and completed different courses/challenges aimed at some specific tasks(Buffer Overflow, Privilege Escalation, etc.). As a result, I managed to get the root/administrator privileges on the 4 from 5 boxes and only low privilege users on the last one medium box, which is equivalent to 90 points from 100.
Before starting the PWK course I highly recommend at least complete the following:
- “ATTACKING COMMON SERVICES” on HTB Academy
- “FILE TRANSFERS” on HTB Academy
- “SQL Injection Fundamentals” on HTB Academy
- “File Inclusion / Directory Traversal” on HTB Academy
- “Linux Privilege Escalation” on HTB Academy
- “Windows Privilege Escalation” on HTB Academy
- Watch all videos from this playlist https://www.youtube.com/playlist?list=PLfJAeKyc5Q4jznIAC1mthGD9ZRiBsa0UF
- Solve at least 20 boxes from TJ Null’s OSCP on the HTB
- Solve at least 20 boxes on the Proving Grounds
- Linux Privilege Escalation THM https://tryhackme.com/room/linuxprivesc
- Windows Privilege Escalation THM https://tryhackme.com/room/windows10privesc
- Buffer Overflow Prep THM — https://tryhackme.com/room/bufferoverflowprep
On the PWK course I recommend doing at least 30 boxes. It gives you roughly 50% of your success.
Good luck, do not give up and try harder!