Cyber Security

OSCP Tips For Beginners

 

Tips #1:


Always read more writeups! I know, it’s a common suggestion that every other OSCP will give but believe me it will work!.

Tips #2:


Follow the legendary Ippsec. On his Youtube channel you will get to learn a lot of techniques. Only watching his video won’t help, so make proper notes.
Link: https://www.youtube.com/channel/UCa6eh7gCkpPo5XXUDfygQQA

Tips #3:


Practice, Practice and Practice!
OSCP labs + HTB + Vulnhub would be enough.
(I also bought HTB VIP subscription just to practice more on retired boxes)

Tips #4:


Before my exam, I watched John Hammond’s video and he gave one very useful advice.
“Try harder mantra won’t work every time, so take a break, refresh your mind and then again Try harder!”
Link: https://www.youtube.com/watch?v=kdobdnQ2sGw&t=456s
As exam is for 24 hours so it’s very important to take breaks frequently otherwise you will get exhausted.

Tips #5:


Confused when it come’s to Buffer Overflow? Well, follow Cyber Mentor’s BoF series and I guarantee you that it’s one of the best tutorials for BoF!
Link: https://www.youtube.com/watch?v=qSnPayW6F7U&list=PLLKT__MCUeix3O0DPbmuaRuR_4Hxo4m3G

Tips #6:


I know Privilege Escalation is a nightmare as a beginner, the most common tools which helped me are as follows:
Windows: https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite
Linux: https://github.com/rebootuser/LinEnum

Tips #7:


While exploitation if you find any suspicious technique/ technology/ software/ binary. Simply use https://ippsec.rocks/ to search for. 99% of time it gave me accurate results.

Tips #8:


OSCP Exam is all about TIME MANAGEMENT, so make sure you spend enough time on the respective machine depending upon the marks allocation. If you get stuck then make a note and go ahead for another machine.

Tips #9:


During your exam, make sure you scan your target machines properly. As this scan results you are going to refer for next 24 hours so make sure they are perfect.

Tips #10:


After compromising your target, it is very important that you collect necessary evidences like taking POC of local.txt, proof.txt etc.

Tips #11:


Reporting is very important part, as it reflects how exactly you compromised your target so make sure you have all the necessary POCs and use a nice template. I’ll recommend use following one:
https://github.com/whoisflynn/OSCP-Exam-Report-Template

Tips #12:


Last but not least, if you fail in your 1st attempt don’t feel demotivated. OSCP is just an exam, it’s not like an end of the world. So chill and introspect yourself and identify where things got wrong.

I hope so this tips will help you guys for your OSCP journey. If you like this post share it with your friends!

Related Articles