How I passed the OSCP in my first attempt

Passing the OSCP was one the most difficult professional tasks I’ve ever had to do. It caused a lot of stress in my life and kept me awake at night with nightmares about pinging servers. I wanted to quit more times than once.
I was concerned that I wouldn’t be good enough on test day. I was worried that I wasn’t prepared enough. Or I would panic for hours and get stuck.
But I don’t regret the experience at all. I passed. I’d like to share my preparation for the OSCP, including what worked for me, what I would change, how the lab helped and the additional cybersecurity training resources that I used. Perhaps I can save you some sleepless nights and extra grey hairs.
Pre-Game: What Do you Know?
It is important to plan ahead for the OSCP exam because time is money. OffSec bundles together the Penetration Testing with Kali course and lab access with the OSCP exam fee in one package. The package costs between $800 to $1,500 depending on whether the access is for 30, 60, or ninety days. OffSec states that the course can be done online and is self-paced. However, the clock begins to tick once you have access.
Learn how to become a security expert with SPOTO’s Cybersecurity Training
You should plan ahead before you rush to sign up for the course. Visit OffSec’s OSCP webpage first. They recommend:
You will need to have a solid understanding of TCP/IP, networking, as well as basic Linux skills. A basic understanding of Perl and Python is a plus.
Let’s simplify this: You must know networking. Linux is essential. Although programming may seem like an optional skill, it is essential.
These things can be learned on the spot during your coursework. However, it is better to get some practice before you start the OSCP course. You only have so much time before the course ends. Why not learn some new skills before the clock begins to tick?
Before you touch the OSCP practice labs you need to be proficient in networking, Linux, Bash and Perl.
Here’s how I pre-gamed OSCP.
You will need to know about networking
What are your networking skills? You don’t have to be a full-time engineer or a CCNP. However, you will need to be familiar with the basics such as subnets and ports, DNS, pings and TCP connections.
Although you might need some refresher, I felt confident in what I knew. I have been a network administrator for many years and was A+ and Network+ certified.
How I Learned Linux
However, I knew that Linux skills would be different. I wasn’t so proficient in Bash. A fantastic (and completely free!) resource was Linux Journey. Linux Journey was a great (and free!) resource. It breaks down Linux basics in very small pieces. It covers essential concepts such as permissions, file system, and processes. You’ll quickly see the similarities to Windows, but you will need to be familiar with the details if you want to use the terminal frequently.
After finishing the Linux Journey, Bandit was my next challenge. This set of exercises uses some of the knowledge that you have gained to apply it to a real VM you will SSH into. To get a password for the next level, you’ll need to complete a basic exercise. You’ll learn a lot about manipulating files, as well as some tricks like exploiting the SUID binaries or cron jobs.
Scrappy Scripting
Bash, Perl and/or Python scripting were the final prerequisites after Linux. I did some basic work with Bash and Python scripts. Bash will be covered later in the courseware. There are approximately four million Intro to Python websites. Just pick one that mentions network connections and spend a few hours on it.
You won’t be writing scripts from scratch. Just learn to follow the flow in an existing script and you will be fine.
Next: Start with Virtual Hacking Labs
It’s possible to learn scripting languages, networking, Linux, and networking if you are comfortable.

Related Posts

Drive Letters

By Val Bakh 2.4.1 Drive letters (part 1)Disk drives can be referred to using alphabet letters. Drives A and C were used commonly for floppy disk drives….

Drive Letters (Part 2)

By Val Bakh 2.4.2 Drive letters (part 2) In the first part, we covered the basics of drive letter assignment and the changes that Windows Vista has…

Activation Part 2

2.2.2 A product code in an answer file. Let’s say you have a WIM image of Windows 7 Enterprise and a Multiple Activation Key (MAK). How do…

Activation Part 1

By Val Bakh2.2 Activation 2.2.1 Volume activation Every Windows 7 installation must be activated. It is a legal requirement to ensure that the operating system is properly…

Microsoft Vista Tips and Tricks

By Val Bakh 1. Vista 1.1. Boot architecture All Windows versions that are designed for business, starting with Windows NT include built-in support to multiboot configurations. Multiple…

Multicloud Storage Service Spans AWS Microsoft Azure Nimble Storage Inc. has today launched a beta offering that claims to be the only enterprise-grade multicloud block store service for Amazon Web Services Inc. (AWS), and Microsoft Azure public cloud. The product is called Nimble Cloud Volumes, and its enterprise-grade availability as well as data services can be used to help organizations move new types enterprise apps to the cloud. Nimble Storage believes that the first wave cloud apps will be mostly content-centric, native Web and mobile apps. They lack enterprise-friendly features like data durability and data services such as snapshots, and the ability to share the same volumes with multiple hosts. The next wave of cloud applications comprises traditional transactional-centric workloads — like transactional databases — moving to the public cloud space, with stringent storage requirements. The company stated that NCV flash-based storage could provide enterprise functionality, opening up new frontiers. It also offers other benefits, such as the elimination of cloud vendor lock-in, better data reliability, and uninterrupted data access. Ajay Singh, a senior executive at AWS, stated that the NCV service delivers flash storage volumes or block storage to AWS EC2 instances and Azure Virtual machines. It offers significant advantages over native cloud block storage services such as Amazon EBS and Azure Disk Volumes. The company highlighted the following three main benefits of the new NCV service:

Data mobility between public clouds or on-premises datacenters is easy without large data egress fees. Global visibility and predictive analytics allow for information such as usage history,…