This was a talk presented by chazb0t at our 4/18/2018 meeting. The topic “Zero to OSCP in 292 days: or how I accidentally the whole thing.
The slide deck is available here: 4-18-2018-jeremy-chisamore-zero-to-oscp-292-days.pptx
There are no notes, as the slides do a good job of documenting everything, along with the additional resources. You can read the speaker's blog detailing their journey here:
MallardLabs.com - Chazb0t: Zero to OSCP in 292 days - Part 1
MallardLabs.com - Chazb0t: Zero to OSCP in 292 days - Part 2
Here are some resources we've collected from the slide deck, internet resources, and so on.
Link | Description |
---|---|
https://tulpa-security.com/2016/09/19/prep-guide-for-offsecs-pwk/ | Prep guide for PWK |
https://www.abatchy.com/2017/03/how-to-prepare-for-pwkoscp-noob.html | How to Prepare for the OSCP |
https://www.offensive-security.com/documentation/penetration-testing-with-kali.pdf | OSCP Documentation |
Penetration Testing: A Hands-On Introduction to Hacking | Book - Penetration Testing: A Hands-On Introduction to Hacking |
Web Application Hacker's Handbook | Book - Web Application Hacker's Handbook - 2nd Edition |
Hacking - The art of Exploitation | Book - Hacking - The art of Exploitation, 2nd Edition |
The Hacker Playbook: Practical Guide to Penetration Testing | Book - The Hacker Playbook: Practical Guide to Penetration Testing |
The Hacker Playbook 2: Practical Guide to Penetration Testing | Book - The Hacker Playbook 2: Practical Guide to Penetration Testing |
RTFM: Red Team Field Manual | Book - RTFM: Red Team Field Manual |
Blue Team Field Manual | Book - Blue Team Field Manual |
https://hackthebox.eu | Hack The Box – may be a bit painful to get through, closest thing to OSCP; free or $10/month. |
https://www.pentesterlab.com | PentesterLab - $20/month practice labs |
https://www.vulnhub.com | Downloadable Practice VMs, free |
https://github.com/codingo/Reconnoitre | Reconnoitre - tool to automate the information gathering & service enumeration - gives you 'guided' commands & explains what to run/why, does not automatically do anything. |
IppSec YT channel | Walkthrough of expired HTB machines |
_r00k_ YT channel | A good friend of Central NJ InfoSec - does walkthroughs & explains his process. Also leaves in mistakes & explains what went wrong & why. |
Liveoverflow YT channel | Hacking Channel |