How To Know When You're Ready For the OSCP Exam!

passed on my first attempt last week. Most of what you said is what I did. Pwk lab was fine for about 20 boxes, then after that moved to PG practice and HTB.

labgeek

I appreciate this so much! I'm pretty new to all of this. These are great tips, and I will definitely note them down. I'm currently taking the Practical Ethical Hacking from The Cyber Mentor on YouTube, and I'm learning a lot.

After that I'm planning on just doing as many boxes as possible until I feel more confident with applying my skills in different environments. Then I'll sign up for the OSCP pen-200 and get that certificate, and hopefully it'll open up doors for me so I can start working with this stuff as a career ^_^ Sounds like great fun!

Cossaw

In my opinion, there are multiple things you can do that will help you out.

1) Know your basic commands, shortcuts and noticing the obvious. By that I mean, knowing your ports as JSON SEC mentioned. Is it normal to have anonymous login on an SMB share? Definitely not, this means that it's most probably there for a reason; however don't overthink much stick to the workflow, otherwise it's a rabbit hole. Don't confuse this with efficient enumeration tho.
2) Automating things locally / Shortcuts. An example is instead of launching a local http server using 'python3 -m http.server'; alias it!
3) Memorize or keep your VPN IP in sight. I noticed every time I need my IP for something I would run 'ifconfig tun0'. You can add a gnome shortcut to keep it in sight in the toolbar or alias it.
4) Keep in mind there are no 'crazy tricks' that are to be done. Anything you have access to right now is there to help you move on to the next stage. If there is a service that's known to be vulnerable and is vulnerable but not exploitable at the moment, then you should know that previous enumeration should have uncovered it for you, thus, enumerate more.
5) Any form of access that has been found by you like credentials will most probably be used at a later stage throughout the machine, you'll barely have 'useless' credentials.

Other than that; thanks @JSON SEC for your videos! Great tips!

retkoussa

thank you, this was helpful, i liked the idea of creating a game plan. I'm now crafting a game plan for the OSCP exam. But i would also encourage crafting a study plan also.

elisansabimana

This was a fantastic video Jason. It would be great if you could do a video on spotting the "false positives" you mentioned. Thanks

CyberCelt.

Jason ... Please tell us about more about practice exam and free material for OSCP

harir

Buddy your content is awesome and you should upload more videos. Soon you gain more subscribers then John Hammond

dhruv

I think I want a Full longer then 20 minutes video on linux file system. Explain it as better as you can. The person who really wants to become a hacker or gain knowlage will definitly watch full video.

dhruv

Hey JSON, Im extremely new to “red team” things (i only just learned about tunneling). I feel like a lot of stuff covering OSCP is under the assumption that someone has been doing exploitation for a bit. Are there any resources you recommend for getting my feet wet so I can learn the fundamentals?

tylorhillman

And always do basic enumeration manually on Linux/windows before just dropping enumeration scripts...

armandkruger

practices and common mistakes in a single video under 7 mins !!

dhaneshsivasamy

JSON - ‘How are your emotions?’
Me - 😭😭😭😭

itsmattdunn

Apart from having good knowledge of linux and networking, we give that for granted, how much would ccna and linux+ help in the OSCP?

itsfran

Are we allowed to use our notes during exam?

lIlIllll