My Journey to OSCP

Summary

It’s been an incredible journey.

Initially, my goals were modest. I just wanted to earn my Security+ certification before graduating. Once I achieved that, I set my sights on the OSCP. After months of hard work, I was able to earn that as well. While I am now satisfied with my credentials, I have not given up my pursuit of knowledge. Below is the plan that I created at the beginning of 2021, which I have since expanded upon. While I was not able to complete everything on the list due to time constraints, I am happy to say that I scored 90 out of 100 points. Earning these points was not easy – I spent 22 hours on the penetration test and 16 hours writing the report, all within a 48-hour span. It was a challenging experience, with caffeine and my desire for sleep constantly at odds. However, less than two days later, I received my passing result. I am grateful to have received my results just before DEF CON 30.

I hope this summary and/or the following plan inspires you as well.

Plan

1. A+ Certification (EARNED Jun 11 2021)
   1. Professor Messer A+ 220-1001
   2. Professor Messer A+ 220-1002
   3. ExamCompass A+ Practice Questions
2. Network+ Certification (EARNED Jan 14 2022)
   1. Professor Messer Network+ N10-008
   2. ExamCompass Network+ Practice Questions
3. Security+ Certification (EARNED Feb 04 2022)
   1. Professor Messer Security+ SY0-601 (24 hours)
   2. ExamCompass Security+ Practice Questions
4. OSCP Certification (EARNED Aug 07 2022)
   1. MSST Cyber Club Involvement
   2. HackerSploit Pentesting Bootcamp (38 hours)
   3. Kali Linux Revealed PDF (346 pages)
   4. Read the MITRE ATT&CK/OWASP/OSSTMM frameworks
   5. TryHackMe Complete Beginner Path (64 hours)
   6. TryHackMe Offensive Pentesting Path (47 hours)
   7. TryHackMe Throwback Pro Lab
   8. PWK200 course
      1. Read PDF workbook (850 pages)
      2. Watch videos if helpful (18 hours)
      3. Do PWK exercises if underprepared
      4. PWK Labs (75 boxes)
         • Don’t get caught up with the “Big Four” or amount of boxes rooted
      5. Examine cheatsheets and example reports
   9. TheCyberMentor Windows Privilege Escalation (7 hours)
   10. TheCyberMentor Linux Privilege Escalation (6.5 hours)
   11. TheCyberMentor Buffer Overflow (1 hour)
   12. Root HackTheBox OSCP boxes (Up to 50 boxes)
   13. Root Proving Grounds OSCP boxes (Up to 50 boxes)
   14. HackTheBox Intro to Dante Track
   15. Do HackTheBox Dante Pro Lab
   16. OSCP Dry Run (24 Hours)
       1. Boxes: Vulnhub Brainpan (25), HackTheBox Jeeves (25), Chatterbox (20), Chronos (20), Sense (10)
       2. Or updated: ClamAV, Authby, Algernon, Xposedapi, BOF
       3. Or just go off King
       4. Build a report using a report template

OSCP Resources

https://johnjhacking.com/blog/the-oscp-preperation-guide-2020/ https://github.com/RustyShackleford221/OSCP-Prep https://www.reddit.com/r/oscp/comments/k7x4o1/just_passed_oscpmy_journey_and_tips/ https://www.reddit.com/r/oscp/comments/a9e2yv/from_0_to_oscp_in_90days/ https://docs.google.com/spreadsheets/d/1dwSMIAPIam0PuRBkCiDI88pU3yzrqqHkDtBngUHNCw8 https://www.netsecfocus.com/oscp/2021/05/06/The_Journey_to_Try_Harder-_TJnull-s_Preparation_Guide_for_PEN-200_PWK_OSCP_2.0.html