This is the official start of my OSCP journey, up to this point I have a solid background within IT, currently working in a more senior application & network support team. I’m currently driving the focus on IT and system security and have implemented various blue team defence strategies. I have been working within the scope of a senior technical analyst for at least 10 years and nothing scares me. I know Microsoft products inside out, a good foundational knowlesge of Linux, I have seen bad implementations, I have seen systems that remain working after not being maintained for 20+ years. I have seen systems that look very secure on paper and managed to find critical vulnerabilities within hours.
So, let’s get something straight, before contemplating the start of your OSCP Journey you really do need to have a solid core within IT otherwise some of the principals and techniques you will not understand.
Your core understanding should cover in some detail, Operating Systems, Active Directory, DNS, Networking, Protocols, Best Practices, Bad Practices, Authentication, OSI Model, day to day running of systems, Web Servers, File Servers, Other Application Servers.
On top of this you should at least be able to read an modify scripts, programs written in a variety of languages such as Python, PHP, C#. It would be useful to know how to compile applications, how to perform simple reverse engineering and you shouldn’t be afraid of getting dirty.
So far I have completed about a dozen boxes ranging from easy to medium on Hack The Box and my game plan is as follows.
- Root the boxes below, this should give me further experience on what to expect when it comes to taking the OSCP. Even though the machines have been retired I will try to avoid any existing walk-throughs. I will be creating my own walk-throughs and putting them on this sit so that you can follow. Once I have obtained root and completed my notes I’ll read up on the walk-throughs provided by others to compare how I did.
- Purchase 2 month PWK course, complete the reading material examples within 3 weeks. Root as many of the VMs as possible with the remainder of the time.
- Book the exam. Pass the exam.
| VM Name | Operating System | Difficulty |
| Lame | Linux | OSCP Like |
| Brainfuck | Linux | OSCP Like |
| shocker | Linux | OSCP Like |
| bashed | Linux | OSCP Like |
| nibbles | Linux | OSCP Like |
| beep | Linux | OSCP Like |
| cronos | Linux | OSCP Like |
| nineveh | Linux | OSCP Like |
| sense | Linux | OSCP Like |
| solidstate | Linux | OSCP Like |
| kotarak | Linux | OSCP Like |
| node | Linux | OSCP Like |
| poison | Linux | OSCP Like |
| Sunday | Linux | OSCP Like |
| tartarsauce | Linux | OSCP Like |
| irked | Linux | OSCP Like |
| fiendzone | Linux | OSCP Like |
| Legacy | Windows | OSCP Like |
| Blue | Windows | OSCP Like |
| Devel | Windows | OSCP Like |
| Optimum | Windows | OSCP Like |
| Bastard | Windows | OSCP Like |
| Granny | Windows | OSCP Like |
| Artic | Windows | OSCP Like |
| Grandpa | Windows | OSCP Like |
| Silo | Windows | OSCP Like |
| Bounty | Windows | OSCP Like |
| Jerry | Windows | OSCP Like |
| Conceal | Windows | OSCP Like |
| Jeeves | Windows | More difficult |
| Bart | Windows | More difficult |
| tally | Windows | More difficult |
| Active | Windows | More difficult |
| jail | Linux | More difficult |
| falafel | Linux | More difficult |
| Devops | Linux | More difficult |
| Hawk | Linux | More difficult |
| Netmon | Windows | More difficult |
| Lightweight | Linux | More difficult |
| La Casa De Papel | Linux | More difficult |
Let’s Get Root! First stop, Lame!
