Advice before starting OSCP

Hi folks,
I already registered for OSCP course with 3 months lab. After exactly 19 days it will start for me. It is about one year i am trying learn from free courses including cybrary, CEH materials, root-me.org, vulnhub, hackthebox and others… Any advice before starting OSCP related with what to do during these 19days will be appreciated.

Look forward to it :slight_smile: I had a month labtime and enjoyed it. Exam later this year.

From the prep you mention above I think you’re perfectly fine

@decker78 said:
Look forward to it :slight_smile: I had a month labtime and enjoyed it. Exam later this year.

From the prep you mention above I think you’re perfectly fine

Thanks bro. Will do my best on labs and exam.

I’m in the exact place as you in regards to a years worht of prep etc and am looking to book some lab time before xmas and then exam hopefully early next year. Good luck mate, enjoy it.

all the best bro …make sure u read oscp experience of others so to get a better view and about what to do and what not to .I think you will do just fine man.

First, I’m a developer, not a security/pen-tester professional. Keep that in mind as you read my comments on PWK/OSCP. I earned my OSCP back in 2015, but only recently started doing some pen-testing again (THANKS HTB!). As you’re on HTB and have likely researched other vulnerable VM’s such as vulnhub.com, metasploitable, …, etc., you’re well on your way. I suspect you’ll do very well. Checkout out the PWK syllabus here https://www.offensive-security.com/documentation/penetration-testing-with-kali.pdf if you want to brush on something before you start the course. I found this blog by g0tm1k informative as well: Pentesting With BackTrack (PWB) + Offensive Security Certified Professional (OSCP) - g0tmi1k Here are some thoughts I hope you and others find useful.

The course materials include a course manual (PDF) and videos. They cover the same material, but sometimes differ. I recommend moving through both at the same time. Watch a video and then read the corresponding chapter/section. Make note of commands and parameters used in both as they sometimes differ.

The course and exam are all about being hands on. The exam is not something you for which you study. So practice in the lab as much as you can. I highly recommend having owned most/all of the lab before attempting the exam. I read some advising working through the whole course before starting the lab. Personally, I don’t recommend this. Start practicing in the lab what you’re learning course ASAP. And take frequent snapshots of your VM to avoid losing work in case something bad happens.

Plan on anywhere from 20-30 hours/week working through the course and in the lab. You may find you don’t need this much time, but better to plan for it and not need it, IMO.

Unlike HTB, the some OffSec lab hosts have relationships with other hosts. Owning a hosts doesn’t mean you’re done. Some hosts have information you need to get other hosts. You may have to use a host to exploit another host. Some hosts are gateways you need to use to pivot into another subnet. Also, avoid using Metasploit to own hosts. Use of Metasploit on the exam is restricted.

Do the lab exercises in the course and document them as you go along. You’ll get extra credit on the exam for including these in your exam pen-test report. Also include the hosts you owned in the lab as part of your pen-test report for more extra-credit. Start documenting your results early and often. My pen-test report for the exam which included the lab exercises, lab hosts owned and exam hosts owned was ~400 pages. You don’t want to be trying to put this all together during the 24-hour period you’re given to write your exam penetration test report.

Good luck, I think you’ll do very well.

@godescbach said:
First, I’m a developer, not a security/pen-tester professional. Keep that in mind as you read my comments on PWK/OSCP. I earned my OSCP back in 2015, but only recently started doing some pen-testing again (THANKS HTB!). As you’re on HTB and have likely researched other vulnerable VM’s such as vulnhub.com, metasploitable, …, etc., you’re well on your way. I suspect you’ll do very well. Checkout out the PWK syllabus here https://www.offensive-security.com/documentation/penetration-testing-with-kali.pdf if you want to brush on something before you start the course. I found this blog by g0tm1k informative as well: Pentesting With BackTrack (PWB) + Offensive Security Certified Professional (OSCP) - g0tmi1k Here are some thoughts I hope you and others find useful.

The course materials include a course manual (PDF) and videos. They cover the same material, but sometimes differ. I recommend moving through both at the same time. Watch a video and then read the corresponding chapter/section. Make note of commands and parameters used in both as they sometimes differ.

The course and exam are all about being hands on. The exam is not something you for which you study. So practice in the lab as much as you can. I highly recommend having owned most/all of the lab before attempting the exam. I read some advising working through the whole course before starting the lab. Personally, I don’t recommend this. Start practicing in the lab what you’re learning course ASAP. And take frequent snapshots of your VM to avoid losing work in case something bad happens.

Plan on anywhere from 20-30 hours/week working through the course and in the lab. You may find you don’t need this much time, but better to plan for it and not need it, IMO.

Unlike HTB, the some OffSec lab hosts have relationships with other hosts. Owning a hosts doesn’t mean you’re done. Some hosts have information you need to get other hosts. You may have to use a host to exploit another host. Some hosts are gateways you need to use to pivot into another subnet. Also, avoid using Metasploit to own hosts. Use of Metasploit on the exam is restricted.

Do the lab exercises in the course and document them as you go along. You’ll get extra credit on the exam for including these in your exam pen-test report. Also include the hosts you owned in the lab as part of your pen-test report for more extra-credit. Start documenting your results early and often. My pen-test report for the exam which included the lab exercises, lab hosts owned and exam hosts owned was ~400 pages. You don’t want to be trying to put this all together during the 24-hour period you’re given to write your exam penetration test report.

Good luck, I think you’ll do very well.

Thank you very much for this kind of response. All words on your comment are so important. Actually i am working as Information security administrator and have more than 3 years experiences. To be honest , it is about 1 year i am doing my best on vulnerable machines. And now i am comfortable on working all the machine except some of them which needs more time for enumeration and experiences. I was thinking that 3 months lab + PWK course will be enough to clear the exam without working on any CTF, Vulnhub or other VMS. What do you think about it? Doing everything during the course is enough or some preparation is needed? You already passed that and can answer this question and it will be useful for everyone who plans to take course:)

@yolchuyev, Given the number of boxes you’ve owned on HTB + 1yr working on vulnerable machine I think it’s enough. IMO, the point of the PWK course and the lab is to teach the student that they’ve only touched on the ‘tip of the iceberg’ of hacking. The course teaches the hacking fundamentals. It’s not going to teach every exploit needed to crack every machine in the lab. Owning the lab means doing lots of research and enumeration, just like HTB.

Personally, I think you’re more than ready. The best gauge for the exam is your progress in the practice lab. OffSec recommends owning most of the main (student) lab apart from 2-3 difficult machines. Keep in mind, that’s OffSec’s minimum requirement.

If you haven’t already, you may find it helpful to write out the steps for owning each HTB. Note the remote and local exploits used against the versions of apps and OSes. Although it’s been over 2 years since I’ve done any pen-testing, I still recognize some exploits from the PWK lab while doing HTB.

I failed miserably on my first exam because I paid too much attention to the course and not the lab. I was a C/C++ developer with no prior hacking/pen-test experience. After failing and taking a break, I decided to commit myself to conquering the lab and trying the exam again. In the end, persevere and don’t be afraid to fail.

OSCP is the hold reason I came to HTB in the first place. To get ready for them… But just getting in here, I see I have along way to go… I’m so glad I came here first honestly!!! I know I’ll learn a lot from the folks around here in the forums.

Other than what everyone else has said which I agree with, I will add that you should do the exercises first!! No matter what!

I know you’re going to want to jump in and start breaking boxes, but it’ll set you up to do much better in the labs themselves, and you’ll have a nice lab writeup so you don’t have to worry about writing it at the end for those extra 5 points.

For who already has the OSCP: how would you rate in difficulty the machines that you can find during the exam, compared to an “average” machine here on HTB?

so i took my OSCP exam and failed by 10 points :frowning: a few weeks back

so i have the exam booked again in a month…

HTB and OSCP are similar but not the same… the HTB are more CTF/puzzle than the OSCP which is more misconfiguration / exploit.

HTB i am using to “keep my hand in” . Saying that i have def learned some new techniques from using HTB…

One of the machines in here…actually had the same exploit as one in my oscp exam :wink:

@halfluke said:
For who already has the OSCP: how would you rate in difficulty the machines that you can find during the exam, compared to an “average” machine here on HTB?

HTB machines are definitely harder.

that’s someway comforting, although 5 machines in less than 24 hours is not an easy task.

From my point of view, I find HTB machines more difficult in general. I totally agree with RPSUK about new techniques here and also that there are identical exploits here with OSCP. I definetely suggest the 90 days training of OSCP and the exploitation of ALL machines in ALL networks provided. What I didn’t like in OSCP is that there are many old Windows version machines in the public network, which hosts the huge majority of the machines, which from the other hand is not the case in the exam. This is why I suggest the full OSCP training, so as to exploit all the networks and deal with newer Windows versions. Moreover, I totally agree with Booj about the exercises. They should all be done in the beginning. I was keeping detailed notes not only for the exercises but for every machine as well, and provided a lab report in the end. I found it very very useful not only for the 5 points but more than this for my reference. If someone wants to write a lab report, it is important to have it completed before the exam. In HTB, what I would find very helpful is to have more Windows boxes and also vulnerabilities using other protocols (smtp, smb, ftp), since the majority is over http.