I am a college student and planning to give OSCP on this coming may. I have done some vulbhub machines and htb active machines(Not by myself,Took help in many. ) I want to keep on furnishing myself till may so that I can clear it with ease. I have to do it in first attempt.Can’t afford second one. Could anyone help me out, plz?
Buffer Overflow - YouTube
Ippsec - YouTube
HTB / Vulnhub (Non CTF boxes, more rabbit hole boxes are better to refine enumeration techniques)
Try to avoid help as much as possible (Help = hints on boxes, etc…). The reason being is enumeration and research capabilities are probably more important than the actual exploiting of the machine. If you can refine your process/methodology or look how more experienced guys follow their own process will help you more in the long run in my opinion. This holds true while doing the OSCP lab as well.
Hope that helps.
it helps me thanks a lot @r00n
As another OSCP student here I ask: which of the active boxes actually would you recommend to prepare for the exam?
Frolic after the CTF stuff, Reel, Hawk, SecNotes. There may be others, but even CTF type boxes can help with enumeration and thinking broadly.
Could anyone tell some OSCP like machines on vulnhub other than those given personally by abatchy…
I think those are the better ones to do, then doing multilidae on a vm
I’d say pretty much anything in the green on HTB should be good practice. Once you do those, then try to focus on the Windows machines. I found the OSCP lab lacking a bit in Windows privesc practice. If you get those then go for the yellows. Generally you can tell pretty quick once you start enumeration if it’s a CTF box or not. I can’t speak to Vulnhub I haven’t attempted those yet.
I think there was one machine on here with a Linux buffer overflow privesc, but can’t think of the name. You can try that one if you’d like a little extra BOF practice. Generally doing the OSCP BOF exercises several times should get your process down enough for the exam. Or you could also check out for a little extra :GitHub - justinsteven/dostackbufferoverflowgood
you can see Abatchy OSCP like machines blog. google these words.
The following tale or forum has lot of reviews about oscp that helps