💎
kashz-jewels
  • kashz jewels
  • about kashz
  • oscp exam review
  • pnpt exam review
  • certification exam
  • c2 frameworks
  • kashz-kali
  • OS-LINUX
    • basic
    • linux-enumeration
      • enumeration auto
      • enumeration manual
    • linux-privilege-escalation
      • socat shells
      • sudo su styles
      • dirtyc0w
  • OS-WINDOWS
    • basic
    • windows-enumeration
      • enumeration auto
      • enumeration manual
      • enumeration tools
    • windows-privilege-escalation
      • privesc tools
      • steal NTLM creds
      • socat shells
      • beef browser exploitation
    • windows-post-exploitation
      • dump SAM SYSTEM
      • RDP tools
    • windows-bypass-uac
      • fodhelper
    • windows meterpreter
  • SHELLCODES
    • shells
    • windows shells
  • ACTIVE-DIRECTORY
    • active directory 101
    • kerberos 101
    • asrep roasting
    • kerberoasting
    • powerview.ps1
    • ad module
    • bloodhound
    • golden silver passing ticket
    • group policy management
    • dcsync
    • kerberos backdoor
    • mitm6
    • smb relay ntlmrelayx
    • responder
    • zero logon exploit
    • untested tools
  • OSINT
    • osint
  • BUFFER OVERFLOW GUIDE
    • exploit.py
    • fuzzer.py
    • methodology
  • HASH-n-CRACK
    • crackmapexec
    • hash identifier
    • hashcat
    • hydra
    • john the ripper
    • medusa
    • ncrack
    • rsa
  • TRICKS
    • .mdb file
    • 403 forbidden waf bypass
    • archive, unarchive
    • asp.net server
    • awscli
    • bash scripting
    • bypass bash restrictions
    • curl
    • ffuf wfuzz feroxbuster gobuster
    • file modification
    • git commands
    • git repo analysis
    • http request smuggling
    • json web token (jwt)
    • kali exploit compilation
    • kali multi-network adapters
    • local discovery
    • login bypass
    • magic bytes
    • nmap
    • office document analysis and exploitation
    • openvpn
    • pgp gpg cheatsheet
    • php wrappers, LFI
    • port forwarding
    • port knocking
    • post upload file
    • share files
    • ssh tunnel
    • subnet scan
    • ssh
    • wget
    • wifi
    • windows AppLocker bypass
    • wordlists
    • xss steal cookie
  • PROTOCOLS
    • dns :53
    • epmd :4369
    • ftp :21
    • ident :113
    • imap :143 :993
    • ipsec ike-vpn :500/udp
    • irc
    • ldap :389 :636 :3268 :3269
    • rpc
    • smb :135 :139 :445
    • smtp :25
    • subversion svn :3690
    • tftp :69
  • ATTACKS
    • .hta exploit
    • network scripts
    • print nightmare
    • ssrf
    • xml external entity XXE
  • CHEATSHEET
    • docker
    • drupal
    • gitlab rails
    • impacket guide
    • itemir/apache2fa
    • jenkins
    • jinja2 flask template injection
    • mimikatz
    • powershell
    • redis
    • sqli oracle odat
    • sqli basic
    • sqli influxql
    • sqli mongo
    • sqli ms-sql
    • sqli mysql
    • sqli oracle-sql
    • sqli postgres-sql
    • telnet
    • webdav
    • wordpress
  • SERVICES
    • achat
    • adminLTE
    • adminer.php
    • comment system
    • amanda
    • apache
    • apache exploits
    • apphp microblog
    • arj
    • azure cloud
    • b2evolution
    • bigtree cms
    • bludit cms
    • booked scheduler
    • cacti
    • centreon
    • chef knife
    • cloudMe
    • cms made simple
    • cmsmini
    • coldfusion
    • corehttp
    • cs cart
    • cse online bookstore
    • cuppa cms
    • cutenews cms
    • distccd (DistCC Daemon)
    • docker
    • dolphin2 cms
    • dosbox
    • drupal
    • elastic freepbx
    • elasticsearch kibana
    • epmd
    • exim
    • fail2ban
    • ftp exploits
    • fudforum
    • gitlab community edition
    • gunicorn
    • gym management system
    • h2 database
    • hp power manager
    • iis
    • james remote admin tool
    • jenkins exploits
    • katris
    • koken cms
    • ladon framework
    • laravel
    • lxd
    • magento
    • manage engine applications manager
    • manage engine service desk plus
    • mantis bugtracker
    • monstra cms
    • msfvenom apk
    • mysql exploit
    • nagios xi
    • network video monitoring system
    • nextcloud
    • nginx
    • nodebb
    • nostromo
    • nsclient
    • nsupdate
    • openNetAdmin ona
    • opendocman
    • openemr
    • opensmtpd
    • osclass
    • orient-db-server
    • otrs open ticket request system
    • ovidentia
    • pfsense
    • php file vault
    • php powerbrowse
    • php
    • phpliteadmin
    • phpmyadmin
    • phreebooks bizuno
    • plantronics hub
    • postfix smtp
    • postgres
    • python2 python3
    • quick cms
    • rabbitmq
    • raspAP
    • rconfig management
    • redis exploits
    • rejetto httpfileserver
    • remote-mouse
    • responsive filemanager
    • saltstack
    • sendmail
    • simple php photo gallery
    • small crm
    • smartermail
    • smartstore.net
    • smb exploits
    • sonatype nexus
    • splunk universal forwarder
    • ssh exploits
    • strapi cms
    • subrion cms
    • sudo
    • teamviewer
    • tmux
    • tomcat
    • umbraco
    • unifi video
    • unreal irc
    • usbcreator
    • vtiger crm
    • webcalendar
    • webmin :10000
    • werkzeug httpd
    • windows UsoSvc service
    • windows exploits
    • windows iot core
    • windows token exploits
    • wise care 365, wisebootassistant
    • wordpress plugin exploits
    • xampp
    • yaml
    • yum
    • zabbix
    • zenphoto cms
    • zookeeper exhibitor
Powered by GitBook
On this page

Was this helpful?

oscp exam review

Previousabout kashzNextpnpt exam review

Last updated 1 year ago

Was this helpful?

Exam date: 10/30/2021 (Passed)

NOTE: this review is not as per the new 2021 OSCP exam changes.

Post Exam Review

This post talks about my approach and maybe if it helps any of you!. I did consolidate my notes and shared it down if it helps.

I did meet amazing friends throughout this journey who have helped me a lot - giving tips on improvement, shortcuts; nudges on box rather than directly answers; quick and faster ways to do stuff etc.

My Template Repo:

My Background: Been working as DevSecOps Engineer (not penetration testing) for 3 years.

My Approach:

Started "seriously" in Feb 2021 with TryHackMe. I went through the Beginner and Offensive Pentesting course (did skim through Active Directory as well as PWK labs have AD boxes and it really helps in the PWK Labs). Spent a month in it, took notes and was building my methodology for enumeration and privilege escalation.

I purchased Tib3rius Linux & Windows PE course and was a good crash course on Privilege Escalation.

By end of March, I completed 15+ TJ Nulls OSCP boxes list and I was getting confident with my process.

I also started doing "active" HackTheBox and I really feel that helped me.

Personal Note: Based on my experience, I feel doing the active HTB boxes (easy & medium) really helped me as I wouldn't see walk-through on Google Search first page or anything and really had to understand and try attacking every possible attack vector I could find. Yeah! it was hard but that helped me to "TryHarder!".

I purchased the OSCP with 30 days of Lab Access but then realized that I'd definitely need the 90 days one. I contacted Offsec and they made me pay the differential but then gave me a voucher which I can redeem for the 60 days - WHICH REALLY HELPED as I could get 30 days then evaluate my progress, do other stuff and then redeem the 60 days at a later stage opposed to the continuous 90 days lab access.

My 1 month of PWK labs started in May, and I started really slow but by mid-month, I was able to amp up my speed in doing boxes, and I was able to complete 30 boxes in 30 days of the Lab access.

I joined Proving Grounds around mid-July and really put in the time and in a month, I had all easy, medium boxes in PG Practice done. For some, I did see the walk-through as I was stuck, but most of them I was able to identify the attack vector and root it. - I REALLY recommend the PG boxes. They are "REALLY" good practice.

I subscribed to VirtualHackingLabs for a month, but only used it for a week. I did all the Advanced+ boxes in 5 days and got the VirtualHackingLabs Advanced+ Certification. The boxes were good, but I feel what helped me most was the Report Writing for the Certification - I got practice and made a template for Reporting (shared down).

While doing PG, VHL - I did complete any easy HTB box that was active.

Personal accomplishment - I ranked #44 to pwn the "DRIVER" HTB box.

I did get burnt out and took a month break from this and that really helped.

I re-activated my PWK labs access in September End, and learn about pivoting and double pivot (the PWK labs subnet). I completed all machines the Dev, IT department.

    I scheduled my exam for Halloween 2021.

Two ways to pass:

  1. 25+20+25

  2. 25+20+20+10

I was going to attack the BOF first, then move to any of the 20 pt which I felt was easier based on the scans and depending on that go for the 25 pt or the other 20 pt and 10 pt.

Two days before the exam, I really relaxed myself and just read all the boxes I had done, just to review and update my notes.

NOTE: The 24-hour exam is really STRESSFUL. Do get in the break and calm yourself before it begins.

I had issues with sharing my 3 screens and that took over an hour. IMPORTANT TIP: Download PortableChrome and run it using that - I had issues with Brave, Edge, Firefox. The proctors were really chill, and I did get the 1-hour time extended for the exam.

Exam started at 1pm, I scored the needed 70 points by midnight. By end of the exam, I was at 90 points.

Reach out on discord for any help!

https://github.com/iamkashz/reporting-template