OSCP PREP: Week 0

To catch up and see where my starting point is coming into this OSCP prep, take a look at the blog post “The Road So Far.”

As I started taking a look at the OSCP course materials, making my way through 4 modules so far, and a bit at the FAQ for the exam, I think I’m going to be taking a somewhat alternate route for this exam prep.

While I don’t want to discredit the work that OffSec put into the OSCP course (and from what I’ve heard, it used to be way worse..) it isn’t nearly as good or thorough as Hack the Box. And I will qualify that by saying I get their methodology, which is to give you a little, force you into doing some research for the module questions, and learn that way, but I felt like the material  and course content from INE and Hack the Box were way more thorough and had me feeling confident. One’s ability to Google things can be conquered quicker, I think than one’s ability to engage with SMTP, SMB, or some other protocol.

With that being said, I’ve recently gotten 100% on the Hack the Box Pen Tester Path (I plan on taking their CPTS sometime down the road). Most of the course content is identical between the two with Hack the Box offering a more thorough experience.

As many of you may know, OffSec offers a bonus of 10 points awarded if you complete the in-course modules (at least 80%  completion for each chapter). While 10 bonus points sounds wonderful, the process of spinning up lab environments over and over for tasks that I’m already well-practiced in from the eJPT, eWPT, eCPPT, and Hack the Box Path is extremely tedious (and a bit of a waste of time).

In Googling about preparation for the OSCP, I kept coming across the list from TJNull which comprises a list of boxes that are good prep for the OSCP which include two sections from OffSec (Practice Grounds and Play), a section of boxes from Hack the Box, and a section from Vulnlab. In total,  it’s about 100 boxes to hack into.

Interestingly, OffSec even published an article on their website which lists the correlation between boxes completed prior to taking the OSCP and pass rates:

Given the repeat material and clear correlation between boxes cracked and pass rates, this prep is going to be extremely practical for me.

I’ve taken the time to color code TJNull’s list to highlight easy boxes, medium boxes, and hard boxes from all three (blue = easy, yellow = medium, red = hard).

Before taking the OSCP, my goal is to take on every box on that list, putting 100 under my belt before I sit for the exam. I plan on doing writeups for the boxes I crack as well. In doing so, I really want to hammer out the lessons learned from each box instead of just a “this is what I did.” In that respect, I do agree with OffSec. If you just look up solutions and don’t apply hours of frustration and truly test your ability to think critically, you’re not going to develop the skills to solve a pen testing problem when there is no solution.

It reminds me very much of when I was learning French. I remember trying to say the word boat, but I hadn’t come across that word yet in my studying. The only words I did know where house and ocean. So when I was doing my practical speaking, I had asked my teacher, “what do you call a house on the water?” And from that day on, I’ll never forget the word bateau.

I’ll be posting weekly updates as we prep to take on the OSCP and hopefully take it down in one go.