OSCP - Tips for Beginners!
On 9th August 2020, I received a confirmation mail from Offensive Security that I successfully clear my exam and I am now an OSCP!
After posting this on Linkedin, I got tons of messages from people asking me about tips and what are my thoughts on OSCP exam. So, in this post I'll be sharing my notes as well as few important takeaways which I feel it will help every beginner just like me! 😄
Tips #1:
Always read more writeups! I know, it's a common suggestion that every other OSCP will give but believe me it will work!.
Tip #2:
Follow the legendary Ippsec. On his Youtube channel you will get to learn a lot of techniques. Only watching his video won't help, so make proper notes.
Tip #3:
Practice, Practice and Practice!
OSCP labs + HTB + Vulnhub would be enough.
(I also bought HTB VIP subscription just to practice more on retired boxes)
Tip #4:
Before my exam, I watched John Hammond's video and he gave one very useful advice.
"Try harder mantra won't work every time, so take a break, refresh your mind and then again Try harder!"
As exam is for 24 hours so it's very important to take breaks frequently otherwise you will get exhausted.
Tip #5:
Confused when it come's to Buffer Overflow? Well, follow Cyber Mentor's BoF series and I guarantee you that it's one of the best tutorials for BoF!
Tip #6:
I know Privilege Escalation is a nightmare as a beginner, the most common tools which helped me are as follows:
Tip #7:
While exploitation if you find any suspicious technique/ technology/ software/ binary. Simply use https://ippsec.rocks/ to search for. 99% of time it gave me accurate results.
Tip #8:
OSCP Exam is all about TIME MANAGEMENT, so make sure you spend enough time on the respective machine depending upon the marks allocation. If you get stuck then make a note and go ahead for another machine.
Tip #9:
During your exam, make sure you scan your target machines properly. As this scan results you are going to refer for next 24 hours so make sure they are perfect.
Tip #10:
After compromising your target, it is very important that you collect necessary evidences like taking POC of local.txt, proof.txt etc.
Tip #11:
Reporting is very important part, as it reflects how exactly you compromised your target so make sure you have all the necessary POCs and use a nice template. I'll recommend use following one:
Tip #12:
Last but not least, if you fail in your 1st attempt don't feel demotivated. OSCP is just an exam, it's not like an end of the world. So chill and introspect yourself and identify where things got wrong.
I hope so this tips will help you guys for your OSCP journey. If you like this post share it with your friends!
Happy Hacking 😊
nice
ReplyDeletethanks sir
helped me a lot