# OSCP ## Overview The **Offensive Security Certified Professional (OSCP)** is a well-respected and challenging certification offered by Offensive Security. It validates a candidate's ability to perform penetration tests in real-world scenarios through a fully hands-on exam. The OSCP is widely recognized in the industry as a benchmark for practical offensive security skills. *** ## Certification Details * **Issuing Organization**: Offensive Security * **Difficulty Level**: Intermediate to Advanced * **Exam Format**: 24-hour hands-on practical exam + 24 hours for report submission * **Exam Environment**: VPN-based isolated lab with multiple machines and networks * **Exam Requirements**: Minimum 70 points out of 100 (including a full report) * **Prerequisites**: Strong foundation in networking, Linux/Windows systems, and basic scripting * **Validity**: Lifetime certification *** ## Skills Validated The OSCP certifies the ability to perform the following: ### Penetration Testing Methodology * Information gathering * Enumeration and service analysis * Attack surface mapping ### Exploitation * Manual and automated exploitation of vulnerabilities * Buffer overflow exploitation (custom 32-bit Windows BOF) * Privilege escalation in Linux and Windows environments * Client-side attacks and file transfer techniques ### Post-Exploitation * Lateral movement * Pivoting and tunneling using tools like SSH, ProxyChains, or Chisel * Cleanup and operational security ### Scripting and Tooling * Bash and Python scripting for automation * Custom payload crafting * Use of standard tools like Nmap, Netcat, Metasploit (limited), and CrackMapExec ### Reporting * Clear, structured documentation of findings * Full walkthroughs for each compromised machine * Proof of exploitation and remediation recommendations *** ## Preparation Resources ### Official * [OffSec PEN-200 Course (PWK: Penetration Testing with Kali)](https://www.offensive-security.com/pwk-oscp/) * PWK Lab Machines and Exercises * OS-Check tool for exam readiness * OffSec forums and Discord ### Community & Practice Platforms * Hack The Box (TJNull’s OSCP-like list) * TryHackMe: "Offensive Pentesting", "Buffer Overflow Prep" * Proving Grounds (Play & Practice) * VulnHub: Machines like Brainpan, Mr. Robot, Beelzebub * PortSwigger Web Security Academy *** ## Exam Tips * **Enumeration is key**: Thorough recon often reveals the attack path. * **Time Management**: Plan your 24 hours; avoid rabbit holes. * **Stick to the Methodology**: Follow the OffSec-provided approach. * **Documentation**: Take screenshots, note commands, and generate the report in real time. * **Don't panic**: Stay calm and structured — persistence wins. *** ## Career Benefits The OSCP provides major advantages in the cybersecurity field: * Recognized proof of real-world offensive skills * Boosts employability for roles like Pentester, Red Team Operator, Security Consultant * Strong addition to resumes, especially for consulting firms and MSSPs * Opens doors for further certs (OSWA, OSEP, OSED, etc.) * Builds confidence in ethical hacking methodologies and tools *** ## My Certification Journey *This section will be updated after completing the certification.* * **Start Date**: \[Insert Date] * **Goal Exam Date**: \[Insert Date] * **Status**: 📘 Studying PWK | 🔬 Lab Practice 📝 Report Practice *** ## Study Plan * ✅ Complete all PWK modules and exercises * 🔄 Root at least 40+ PWK lab machines * 🔁 Weekly HTB machines from OSCP-like list * 🧠 Daily Buffer Overflow practice * 📑 Develop and refine reporting template * 📅 Simulate 24h mock exams at least twice * 🛠 Improve scripting skills (Bash, Python) * 🔒 Review OpSec and cleanup techniques *** ## Tools & Scripts * Nmap, Gobuster, Feroxbuster * LinPEAS / WinPEAS * Chisel, ProxyChains, Impacket * CrackMapExec, BloodHound, Evil-WinRM * Custom Python and Bash enumeration scripts *** ## Notes * Avoid overusing Metasploit — limit to one machine during the exam * Use `keepnote`, `CherryTree`, or Obsidian to organize documentation * Always validate proof.txt flags and take screenshots * Read and follow the [Exam Guide](https://help.offensive-security.com/hc/en-us/articles/360049796972-OSCP-Exam-Guide) closely * Respect OffSec’s code of conduct and exam rules --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://x3m1sec.gitbook.io/notes/my-certifications/oscp.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.