OSCP Tools & Resources

October 26, 2019 - 4 minute read - parzel

Since I recently passed my OSCP and have read a lot of OSCP blogs in the process, I thought I will share some information and tips as well. Due to the shear amount of existing blog posts that all cover the exam perfectly, I do not want to add another one, telling you how to manage your time or structure the exam. Instead I will supply you with some ressources I have used myself, that might be of help for you as well. At this point I wanna say thanks to all the people contributing resources to the community in their spare time :-)

This will just be a general collection of resources and links but if you have any questions, feel free to contact me on Twitter - I wish you good look for your exam!

General Ressources

PWK Example Report - Have a look at this one early on, so you know what is expected to be in your exam and lab report.

Same goes for the OSCP Certification Exam Guide. There are restrictions in the exam regarding tools you are allowed to use. You are only allowed to use MSF on one of the boxes in the exam. So try to read this and avoid the tools which are not allowed in the exam during your lab and practice time.

By now all exams are proctored. Check here what this means for you and check if you meet the requirements for the proctoring session. Also use Chrome in the proctoring as Firefox is really unstable.

Payloads

My goto for basically every kind of payload by now is Payloads All The Things. It is an incredible big and well maintained collection for methodologies, techniques and payloads. Especially helpful is the Reverse Shell Cheat Sheet. Make sure to understand and read the Spawn TTY Shell chapter as it will help you a lot with not losing your shells by an accidental CTRL + C.

Guides

These guides are not perfect but they help you to further solidify some information which you get in the PWK material.

Privilege Escalation

In my eyes this is the hard part of OSCP. So practice it a lot and watch videos that help you understand potential privesc vectors if you have nothing to practice on. Try to avoid Eternalblue and DirtyCow in the lab. It will not help you to learn anything and there are other privesc vectors that will help you train the general methodology more.

Linux:

Windows:

Compiling for Windows on Linux:

apt-get install mingw-w64
i686-w64-mingw32-gcc exploit.c -o privesc.exe -lws2_32

Workshops:

BOF

Practice and do the BOF in the exam. It will give you a save 25 points.

Tools

If you want to save a lot of time during the exam, think about using some script that handles automatic enumeration for you. It will be faster and save you from forgetting that one crucial scan.

  • AutoRecon - I liked this most. Tweak it to fit your personal needs.

I did not use Kali Linux but preferred to use my normal system, where I a most comfortable working on. To have access to Kali’s Repositories I used a modified Kali image with Docker. Find my Dockerfile here.

Report

While Offensive Security supply you with a Word template, I would recommend you to use this one for Markdown. It saves you from a lot of work, regarding image resizing and fitting and makes inserting code easier.