Anyone here done OSCP?
#1
What are the prerequisites and what do you recommend doing before trying to do OSCP? Anyone here an OSCP? I'm wondering because I really want to be an OSCP. I'm working on networking right now. I know I need networking and linux.

OSCP stands for offensive security certified professional. I know that I don't need to be a leet hacker to do the training but its very demanding training and I was wondering what prerequisites I am missing.

Anyone here have advice on what else to learn besides linux and networking? Is CCNA good To get the networking prerequisite?
Reply
#2
Yeah, so I'm looking at taking the OSCP during the summer. I am personally going to prep by using the book Penetration Testing - A Hands On Introduction to Hacking by Georgia Weidman, and I suggest you check this book out, too. Although, be warned that the lab environment will be annoying and tedious to setup, but work through it anyway.

Expect OSCP to take a lot of time. I was speaking to a person earlier today who said they got it after 1.5 months with 40 hours put in per week. Others take longer. Either way, we need to put a lot of hours in during training. I'd recommend reading up on publicly available reviews, a lot of people go in without pentesting experience.

Networking theory knowledge will probably help, and knowing how to navigate and modify file directories in Linux will also help. You don't need a CCNA for OSCP; CCNA is a whole different challenge that will take a few months and a lot of reading and practical configuration of routers/switches to achieve.

Random OSCP reviews/guides I've read:
https://www.alienvault.com/blogs/securit...e-the-oscp
https://tulpa-security.com/2016/09/19/pr...fsecs-pwk/
http://www.abatchy.com/2017/03/how-to-pr...koscp-noob
https://securitycafe.ro/2016/03/17/my-ex...ification/
http://niiconsulting.com/checkmate/2017/...e-to-oscp/
https://www.hackingtutorials.org/hacking...onal-oscp/

Also, you mentioned you are a student in another thread, and it seems you want to enter InfoSec professionally. To do this, you'll also need social skills. Check out this article, if you want to: https://www.alienvault.com/blogs/securit...to-another
Reply
#3
(01-19-2018, 04:08 AM)Cypher Wrote: Yeah, so I'm looking at taking the OSCP during the summer. I am personally going to prep by using the book Penetration Testing - A Hands On Introduction to Hacking by Georgia Weidman, and I suggest you check this book out, too. Although, be warned that the lab environment will be annoying and tedious to setup, but work through it anyway.

Expect OSCP to take a lot of time. I was speaking to a person earlier today who said they got it after 1.5 months with 40 hours put in per week. Others take longer. Either way, we need to put a lot of hours in during training. I'd recommend reading up on publicly available reviews, a lot of people go in without pentesting experience.

Networking theory knowledge will probably help, and knowing how to navigate and modify file directories in Linux will also help. You don't need a CCNA for OSCP; CCNA is a whole different challenge that will take a few months and a lot of reading and practical configuration of routers/switches to achieve.

Random OSCP reviews/guides I've read:
https://www.alienvault.com/blogs/securit...e-the-oscp
https://tulpa-security.com/2016/09/19/pr...fsecs-pwk/
http://www.abatchy.com/2017/03/how-to-pr...koscp-noob
https://securitycafe.ro/2016/03/17/my-ex...ification/
http://niiconsulting.com/checkmate/2017/...e-to-oscp/
https://www.hackingtutorials.org/hacking...onal-oscp/

Also, you mentioned you are a student in another thread, and it seems you want to enter InfoSec professionally. To do this, you'll also need social skills. Check out this article, if you want to: https://www.alienvault.com/blogs/securit...to-another

My first goal is to be able to make the cyber defense competition team at my school. They need a CISCO networking person at their station. They have plenty of windows and linux and I basically need to pick two of the three skills. But I picked CCNA because I thought learning the networking will both prep me for the team nect year and also help prepare me for OSCP. Obviously just CISCO by itself wouldn't be practical just for OSCP, or so I have been told. Am I wrong about all that?

I think the other thing I need is linux. Is windows necessary too for OSCP too? I know that programming knowledge helps but just to take the OSCP course, do I need it?

I have the pen testing book you mentioned but was saving it until I knew what I was doing so I wouldn't be a script kiddy while learning.
Reply
#4
(01-19-2018, 04:37 AM)fogbright Wrote:
(01-19-2018, 04:08 AM)Cypher Wrote: Yeah, so I'm looking at taking the OSCP during the summer. I am personally going to prep by using the book Penetration Testing - A Hands On Introduction to Hacking by Georgia Weidman, and I suggest you check this book out, too. Although, be warned that the lab environment will be annoying and tedious to setup, but work through it anyway.

Expect OSCP to take a lot of time. I was speaking to a person earlier today who said they got it after 1.5 months with 40 hours put in per week. Others take longer. Either way, we need to put a lot of hours in during training. I'd recommend reading up on publicly available reviews, a lot of people go in without pentesting experience.

Networking theory knowledge will probably help, and knowing how to navigate and modify file directories in Linux will also help. You don't need a CCNA for OSCP; CCNA is a whole different challenge that will take a few months and a lot of reading and practical configuration of routers/switches to achieve.

Random OSCP reviews/guides I've read:
https://www.alienvault.com/blogs/securit...e-the-oscp
https://tulpa-security.com/2016/09/19/pr...fsecs-pwk/
http://www.abatchy.com/2017/03/how-to-pr...koscp-noob
https://securitycafe.ro/2016/03/17/my-ex...ification/
http://niiconsulting.com/checkmate/2017/...e-to-oscp/
https://www.hackingtutorials.org/hacking...onal-oscp/

Also, you mentioned you are a student in another thread, and it seems you want to enter InfoSec professionally. To do this, you'll also need social skills. Check out this article, if you want to: https://www.alienvault.com/blogs/securit...to-another

My first goal is to be able to make the cyber defense competition team at my school. They need a CISCO networking person at their station. They have plenty of windows and linux and I basically need to pick two of the three skills. But I picked CCNA because I thought learning the networking will both prep me for the team nect year and also help prepare me for OSCP. Obviously just CISCO by itself wouldn't be practical just for OSCP, or so I have been told. Am I wrong about all that?

I think the other thing I need is linux. Is windows necessary too for OSCP too? I know that programming knowledge helps but just to take the OSCP course, do I need it?

I have the pen testing book you mentioned but was saving it until I knew what I was doing so I wouldn't be a script kiddy while learning.

OSCP is a practical penetration testing course with a lab environment of something like 50 labs, including various operating system environments. You'll be required to hack both Linux and Windows systems.

Programming knowledge will help for scripting.

CCENT level knowledge will help you understand how computer networking works at a high-level. However, leaning towards CCNA, it becomes more practical since you'll have to start configuring routers and switches - this isn't necessary for OSCP.

Just start the book. You're going to be a skid either way. Just own it and learn.
Reply
#5
What do I do about the cyber defense competition? It's this thing where each school who competes gets their own station. The station is comprised of cisco, linux, and windows machines. Each school's team is a blue team. Each blue team is trying to defend from a red team (a bunch of really good hackers). Everyone gets hacked but each blue team gets points for defending their station successfully. To join my school's team I need two of three skills: networking, linux, or windows. I picked networking and linux but I need a CCNA level knowledge to compete. What do I do about that?

There is only one red team though so each school doesn't get one of those. Red team is the best hackers on the West Coast hacking you.
Reply
#6
(01-19-2018, 06:12 PM)fogbright Wrote: What do I do about the cyber defense competition? It's this thing where each school who competes gets their own station. The station is comprised of cisco, linux, and windows machines. Each school's team is a blue team. Each blue team is trying to defend from a red team (a bunch of really good hackers). Everyone gets hacked but each blue team gets points for defending their station successfully. To join my school's team I need two of three skills: networking, linux, or windows. I picked networking and linux but I need a CCNA level knowledge to compete. What do I do about that?

There is only one red team though so each school doesn't get one of those. Red team is the best hackers on the West Coast hacking you.

So, you need CCNA level knowledge for this competition? Well, if that's something you need, then it looks like you better get on it. There's no magical hacks to gaining this knowledge, just hours of textbooks.

If your goal is to participate in a cyber defense program at your school, then you should evaluate what you need to do, and formulate a plan to come closer to your goals.

Right now, it sounds like OSCP and offensive security has nothing to do with your goals at school.
Reply
#7
(01-22-2018, 04:14 PM)Cypher Wrote:
(01-19-2018, 06:12 PM)fogbright Wrote: What do I do about the cyber defense competition? It's this thing where each school who competes gets their own station. The station is comprised of cisco, linux, and windows machines. Each school's team is a blue team. Each blue team is trying to defend from a red team (a bunch of really good hackers). Everyone gets hacked but each blue team gets points for defending their station successfully. To join my school's team I need two of three skills: networking, linux, or windows. I picked networking and linux but I need a CCNA level knowledge to compete. What do I do about that?

There is only one red team though so each school doesn't get one of those. Red team is the best hackers on the West Coast hacking you.

So, you need CCNA level knowledge for this competition? Well, if that's something you need, then it looks like you better get on it. There's no magical hacks to gaining this knowledge, just hours of textbooks.

If your goal is to participate in a cyber defense program at your school, then you should evaluate what you need to do, and formulate a plan to come closer to your goals.

Right now, it sounds like OSCP and offensive security has nothing to do with your goals at school.

Well, other than CCNA I have to learn one other skill and all the skills seem to have a subset of knowledge that would be required to do OSCP. CCDC is next January but I need linux essentials level skills to start using kali right?

I'm trying to kill two birds with one stone. I will also need linux skills and I heard networking and linux is the required skills to understand OSCP right?

I'm convinced I could Gaines the skills needed for CCDC by June and then the only time I practice is a couple times per week on the hands on equipment so obviously I need to do something else with that time and by then I figured I would have the knowledge needed to take the OSCP course.

The otger thing is I need two skills so I either have to learn linux or windows.

Am I wrong? Do I have the wrong idea?
Reply
#8
(01-22-2018, 07:48 PM)fogbright Wrote:
(01-22-2018, 04:14 PM)Cypher Wrote:
(01-19-2018, 06:12 PM)fogbright Wrote: What do I do about the cyber defense competition? It's this thing where each school who competes gets their own station. The station is comprised of cisco, linux, and windows machines. Each school's team is a blue team. Each blue team is trying to defend from a red team (a bunch of really good hackers). Everyone gets hacked but each blue team gets points for defending their station successfully. To join my school's team I need two of three skills: networking, linux, or windows. I picked networking and linux but I need a CCNA level knowledge to compete. What do I do about that?

There is only one red team though so each school doesn't get one of those. Red team is the best hackers on the West Coast hacking you.

So, you need CCNA level knowledge for this competition? Well, if that's something you need, then it looks like you better get on it. There's no magical hacks to gaining this knowledge, just hours of textbooks.

If your goal is to participate in a cyber defense program at your school, then you should evaluate what you need to do, and formulate a plan to come closer to your goals.

Right now, it sounds like OSCP and offensive security has nothing to do with your goals at school.

Well, other than CCNA I have to learn one other skill and all the skills seem to have a subset of knowledge that would be required to do OSCP. CCDC is next January but I need linux essentials level skills to start using kali right?

I'm trying to kill two birds with one stone. I will also need linux skills and I heard networking and linux is the required skills to understand OSCP right?

I'm convinced I could Gaines the skills needed for CCDC by June and then the only time I practice is a couple times per week on the hands on equipment so obviously I need to do something else with that time and by then I figured I would have the knowledge needed to take the OSCP course.

The otger thing is I need two skills so I either have to learn linux or windows.

Am I wrong? Do I have the wrong idea?

To be honest, it sounds like you have all these plans, but aren't actually doing them. You should really do more and talk less.

Yes, you need to understand Linux systems. Yes, you need to understand Windows systems. Yes, you should understand basic networking terminology (IPv6, IPv6, DNS, DHCP, routing, etc). Yes, you need to understand the technologies you are trying to break/secure.

The OSCP course syllabus clearly states what's covered in their book/videos: https://www.offensive-security.com/docum...h-kali.pdf

As for your school competition, it's not as important as your learning. But if it's what you want to do, then you do you. But the answers are all in front of you, and it's your responsibility to figure out how to make a plan and execute it, not us. If you need to learn something, then what do you do? You learn.
Reply
#9
(01-23-2018, 12:46 PM)Cypher Wrote: To be honest, it sounds like you have all these plans, but aren't actually doing them. You should really do more and talk less.

This. I was guilty of the same thing previously, but you really do have to just jump in and start somewhere.

Also, I didn't see it mentioned anywhere in the thread so here's another excellent PWK/OSCP link on prepping:
https://jivoi.github.io/2015/06/19/oscp-prepare/
Reply
#10
I don't want to discourage you, but the OSCP costs $800 for PWK and you have to complete it for permission to test.

It's not for beginners and I have a long way before I can take it. But I will take it and it is in my goals for the future.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  OSCP Preparation (Links) Insider 0 3,841 04-26-2018, 06:19 AM
Last Post: Insider
  does anyone here agree with this article? QMark 2 4,172 02-15-2018, 01:02 AM
Last Post: QMark
  Anyone doing traffic monetization? what's your main revenue coming from? TommyR00t 2 5,033 03-08-2017, 04:09 PM
Last Post: Insider
  Can Anyone Help Me With Database Parsing? Database Man 7 6,817 02-06-2017, 02:21 AM
Last Post: abcand123