OSCP Exam review "2019" + Notes & Gift inside!

Type your comment> @YanTayga said:

Thanx a lot for your report!
Is the exam BOF really so simple?

It is just like the one in the PWK pdf course.

I have added above my BOF instructions and skeletal code, which goes into specific details of getting your exploit to work, making the process very easy and clear… Just follow it and you should be golden! :slight_smile:

This is a great review, thanks! I’m about to start the OSCP lab, so I’m focusing on HTB until it starts. I’m really worried about the time contrainsts, more so because of the awkwark kali vm they make you use. It normally takes me a full night to get through just dirb; so maybe nmapAutomator will help with timing. I’m going to test it out on HTB and the OSCP labs, thanks so much for posting it.

If anyone has done OSCE or OSWE, I have some questions, and would appreciate a PM :slight_smile:

The ‘nmapAutomator’ is simply 1337, thanks!

Well done and congrats :slight_smile:

Thanks for the review and the tool that’s a great contribution.
Congrats !

Thanks a lot @21y4d for your review, I’m right now training to pass the OSCP test and your information is amazing.
I hope that your tools and notes will be incredibles too.

Thank you so much mate.

Thank you for this!!

Congrats!!!

And thank you very much @21y4d a valuable contribution!

regarding the proctoring thing… does that mean we have to refrain from swearing even when we got stuck in the middle of oscp exam…? That can be a challenging thing to me… >"<

Type your comment> @xformer1337 said:

regarding the proctoring thing… does that mean we have to refrain from swearing even when we got stuck in the middle of oscp exam…? That can be a challenging thing to me… >"<

They can’t hear you, if that’s what you’re asking…

Congratulations !! This is Golden man. Thanks for the Super review about the exam and the tool. Very Informative and Helpful @21y4d .

Type your comment> @21y4d said:

Type your comment> @xformer1337 said:

regarding the proctoring thing… does that mean we have to refrain from swearing even when we got stuck in the middle of oscp exam…? That can be a challenging thing to me… >"<

They can’t hear you, if that’s what you’re asking…

This cracked me up lol.

Congratilations on passing it the first time!!! I passed in the OSCP Exam on February 20th, but I failed multiples times, I started the PWK course having a very poor hacking knowledgement, and started learning everything during the course, and from there I met HTB. HTB really helped me to keep practicing to the exam after I pwned the whole offsec labs (except the PI box) and however I think the HTB machines intend to be more CTF-like boxes than offsec, the HTB boxes are much more difficult in general. I want to go for OSCE too as soon as I feel prepared, but I started reading “The Shellcoders Handbook” as a preparation for OSCE, but I couldnt replicate most of the things the book teaches, I could never develop a shellcode to pop a calculator on windows, even after reading corelan guides, because of that I am feeling unconfident.

Hey man, congratulations on passing your OSCP.

I am looking to do OSCP soon but I feel that I am not ready to do so especially after doing some of the “easy” HTB boxes.

Should I:

  • Do more HTB boxes before going on to OSCP or
  • Do the OSCP course and exam then use HTB as a means of upkeeping my skill?

Let me know your opinion.

FYI: I am an experienced Network Engineer.

@bansheepk said:

Congratilations on passing it the first time!!! I passed in the OSCP Exam on February 20th, but I failed multiples times, I started the PWK course having a very poor hacking knowledgement, and started learning everything during the course, and from there I met HTB. HTB really helped me to keep practicing to the exam after I pwned the whole offsec labs (except the PI box) and however I think the HTB machines intend to be more CTF-like boxes than offsec, the HTB boxes are much more difficult in general. I want to go for OSCE too as soon as I feel prepared, but I started reading “The Shellcoders Handbook” as a preparation for OSCE, but I couldnt replicate most of the things the book teaches, I could never develop a shellcode to pop a calculator on windows, even after reading corelan guides, because of that I am feeling unconfident.

I suggest you check Pentester Academy, they have some very useful courses that can help you a lot in learning shellcoding from scratch.

@pingunrchable said:
Hey man, congratulations on passing your OSCP.

I am looking to do OSCP soon but I feel that I am not ready to do so especially after doing some of the “easy” HTB boxes.

Should I:

  • Do more HTB boxes before going on to OSCP or
  • Do the OSCP course and exam then use HTB as a means of upkeeping my skill?

Let me know your opinion.

FYI: I am an experienced Network Engineer.

My advice is to start with OSCP, as their machines start from a very basic level, and gradually increase in difficulty, as they’re designed to take you through the learning curve.

Also, don’t feel bad if you give HTB’s machines difficult, as they have a different purpose, and much of the time can’t be solved quickly or very easily.

Type your comment> @21y4d said:

My advice is to start with OSCP, as their machines start from a very basic level, and gradually increase in difficulty, as they’re designed to take you through the learning curve.

Also, don’t feel bad if you give HTB’s machines difficult, as they have a different purpose, and much of the time can’t be solved quickly or very easily.

Thanks for your advice!

I will book my OSCP in a couple of weeks!

WIsh me luck.

For anyone interested, I have been doing some research on both OSCE & OSWE, and here’s my general idea.

If OSCP is focused on pen testing, these two certificates are focused on exploit development and advanced attacks.

Generally, OSCE focuses on finding and crafting advanced vulnerabilities for linux and Windows. OSWE is the same but for web applicatios.

You can find the following excellent study plan for OSCE, which can help you understand what’s needed from you before registering for the course:
https://www.abatchy.com/2017/03/osce-study-plan

Personally, I have registered to Pentester Academy, and started taking their excellent courses on relevant topics.

Once I feel I’m comfortable on all topics, I will register for the OSCE course.

OSCP is not a requirement for OSCE, since it focuses on a slightly different area, though I would recommend doing it before OSCE. However, OSCP is a prerequisite for OSWE.

OSWE is still new “less than a year”, so not many topics and reviews are available on it.

I hope this helps some people :slight_smile:

@21y4d Thanks so much for this man, due to start PWK in May and this is some encouraging stuff. One thing that has bothered me on HTB is the time it usually takes me to complete a box, and with time being a big factor in the exam, I worried this might hold me back!

Admittedly when I’m doing boxes on here they don’t have my fullest attention, but it’s still something I’m worried about. Any tips on how to maybe speed up approach etc?