Summary of "OSCP Guide – Full Free Course"

Summary of OSCP Guide – Full Free Course

Overview

The video series is created by Leonardo Damiano, who shares his experience and guidance on preparing for the OSCP (Offensive Security Certified Professional) certification. The content covers his study journey, exam experience, and detailed technical knowledge required for the certification, including practical tips, methodologies, and important concepts.

Main Ideas and Lessons

1. Introduction and Personal Experience

• Leonardo has a prior Italian channel but starts an English channel focused on computer science, programming, and especially cybersecurity.
• He obtained OSCP certification on August 20, 2023.
• He wrote a comprehensive blog post breaking down OSCP preparation into three parts:
  • Prerequisites: What knowledge you should already have.
  • Material: What the OSCP course covers.
  • Expectations: What skills the exam tests.
• He bought a 3-month lab plan for preparation but had 2-3 years of prior penetration testing experience, especially with Linux and web exploitation.
• Suggests beginners should start with hands-on practice on CTF platforms before attempting OSCP.

2. OSCP Lab and Challenge Labs

• OSCP labs are divided into Challenge Labs and Modules/Exercises.
• Challenge Labs simulate exam-like environments with multiple machines connected in a network.
• Two types of Challenge Labs:
  • Type 1 (medtech, relia, skylark): 10-20 machines, progressively difficult.
  • Type 2 (a, b, c): 6 targets split into 3 Active Directory (Windows) and 3 independent (Linux or Windows), closely resembling the exam structure.
• Recommended to complete medtech and relia fully, and all three Type 2 labs.
• Suggests saving the last labs for full exam simulation to practice time and energy management.
• Time management is crucial during the 24-hour exam window.

3. Exam Experience and Tips

• Exam is proctored via webcam and screen sharing.
• Leonardo started with Active Directory machines, took notes meticulously, and took breaks to manage energy.
• Bonus points are awarded for completing 80% of exercises in each module, easing exam pressure.
• He emphasizes the importance of thorough note-taking, screenshots, and methodical work to facilitate report writing.
• Report writing is time-consuming and requires connecting the dots between vulnerabilities and exploitation steps.
• Final report submission is critical; missing screenshots or steps can cause failure.
• Passing requires understanding what the exam tests and preparing accordingly.

4. General Preparation Tips

• Invest a lot of time: OSCP preparation demands significant time investment.
• Pay close attention to course material: The official course material is detailed and covers most exam content.
• Practice extensively: Practical experience is essential.
• Create your own cheat sheets: Writing your own notes is a study method itself.
• Be methodical: Document every command, output, and step.
• Understand the scope of the exam: OSCP tests foundational skills, not advanced topics like antivirus evasion.
• Use community resources: Discord and forums can help when stuck.

5. Prerequisites for OSCP

• Solid understanding of TCP/IP networking.
• Reasonable experience with Windows and Linux administration.
• Familiarity with basic scripting (Bash, Python).
• Recommended 1-2 years of practical CTF or penetration testing experience.
• Practical knowledge is more important than theoretical understanding.
• Beginners should not rush into OSCP without hands-on experience.

6. Example Scenarios to Gauge Readiness

• Directory traversal to leak SSH keys and gain access.
• Privilege escalation through path injection in SUID binaries.
• Active Directory attacks like Kerberos credential harvesting and Kerberoasting.
• If these scenarios are unclear, more preparation is needed.

7. Practical Walkthrough: Active Box Machine "B"

• Demonstrates connecting to VPN with OpenVPN.
• Uses nmap for port scanning and service enumeration.
• Enumerates web server directories using gobuster.
• Finds a PHP web shell and upgrades it to a reverse shell.
• Explains privilege escalation via sudo permissions and cron jobs.
• Introduces the tool pspy for monitoring processes without root.
• Shows how to exploit cron jobs to get root shell.

8. Web Application Security (Pen-200 Course Material)

• Basic knowledge of TCP/IP, HTTP, UDP, and other protocols is assumed.
• Focus on common web vulnerabilities:
  • SQL Injection (with simple payloads).
  • Directory Traversal.
  • Local File Inclusion (LFI) vs Directory Traversal differences.
  • Remote File Inclusion (RFI).
  • File upload vulnerabilities.
  • OS Command Injection.
  • Cross

Category

Educational

Share this summary

Share on X/Twitter Share on Facebook Share on LinkedIn Share on Reddit Share on WhatsApp Share on Telegram

Video