honeybeehacker / Zero-To-OSCP Public

Code Issues Pull requests Actions Projects Wiki Security Insights

master

Zero-To-OSCP / Zero to OSCP.md

honeybeehacker Update Zero to OSCP.md

1 contributor

51 lines (49 sloc) 3.62 KB

Recommended Steps:
1. Programming languages: take the following language courses from
Codecademy

Link: https://www.codecademy.com/
Python - have a basic understanding
Bash/Shell – fully understand
JavaScript - have a basic understanding
SQL - have a basic understanding

2. Kali Linux: Linux distribution designed for penetration testing, comes

pre-loaded with many tools

Link: https://www.kali.org/
Install Kali on VirtualBox (VirtualBox is a free virtualization tool)
Play OverTheWire’s Intro Ware Games to become comfortable with Kali
and the command line
Link: http://overthewire.org/wargames/bandit/bandit0.html
3. Networking: networking fundamentals are an important pre-requisite to
understand.

Watch the complete Networking Playlist by Eli the Computer Guy (some
information is outdated but the fundamentals still stand)
Link: https://www.youtube.com/playlist?list=PLF360ED1082F6F2A5

4. Get your feet wet: start practicing on some free vulnerable VMs to get
some hands on understanding of hacking. Look up walkthroughs and
follow along to get started.

VulnHub: free downloadable VMs

Link: https://www.vulnhub.com/
Some recommended VMs Kioptrix1, Kioptrix 2, Kioptrix 3, Kioptrix 4,
Fristileaks, Pwnlab_init, mrRobot, Vulnix, VulnOSc2
HackTheBox
Link: https://www.hackthebox.eu/
Check out TJNull's list of OSCP-like machines:
https://docs.google.com/spreadsheets/d/1dwSMIAPIam0PuRBkCiDI
88pU3yzrqqHkDtBngUHNCw8/edit#gid=1839402159
The Offensive Security Proving Grounds (Play for free)
Link: https://www.offensive-security.com/labs/

5. eLearnSecurity PTS course and eJPT certification:

Certification Link: https://elearnsecurity.com/product/ejpt-certification/

Training Link: https://my.ine.com/path/a223968e-3a74-45ed-884d-
2d16760b8bbd
Requires INE subscription: covers the basics, introduces you to tools,
and lays the foundation for proceeding to the OSCP
Penetration Testing Student course for total beginners
Price varies from $49/month to $750/year

6. Offensive Security’s PWK and OSCP Certification:

Link: https://www.offensive-security.com/pwk-oscp/
Updated in 2020, the course includes comprehensive coursework,
videos, and access to lab environment to practice in
 You can purchase additional lab time – the lab environment is invaluable
for practicing in, gaining pentesting experience, and preparing for the
OSCP
You must pass a 24-hour exam to pass the OSCP
Price varies from $999 - $1349, plus extra for lab time extensions and
OSCP exam retakes

Useful Resources:
I compiled a list of resources I found useful during my OSCP here:
https://github.com/honeybeehacker/OSCP-
References/blob/main/Resources.md
Hacking Terms: https://www.hackterms.com/
OWASP:
The OWASP foundation is an industry-trusted community that
creates guidelines, documentation, and tools for web app security.
It’s important to understand and know the OWASP Top 10.
Security Podcasts: many exist, listen to learn about current issues and
pick up terms and jargon used in the industry:
Risky Business
Cyberwire daily
PortSwigger:
Interested in learning more web? PortSwigger provides excellent
learning materials for free!
Link: https://portswigger.net/web-security/all-materials/detailed

Next Steps:
Get involved in the information security community! Check out your local
OWASP chapter, join a bug bounty community, attend local conferences, and
connect with others. Find a discord server, join the hacker community on
twitter, network with others! The more you understand the community, the
better you can find your place in the cybersecurity ecosystem.
: