OSCP How to Know When You’re Ready to Take the Exam
Easter Eggs in this post! 🥚
If you've taken the red pill and decided to begin your journey towards the OSCP certification you will likely come to a point where you begin to wonder if you are ready to take/passthe exam. This article will serve as a guide in helping you determine just that. Let's begin!
TLDR’ers Start Here ⤵
- You've have most of the public network rooted:
- If you have about 60% of the public network rooted I would say that is a good time to start thinking about taking the exam. This is especially true if you have one or two of the "mammoths" rooted such as pain, gh0st, or humble/sufferance. Of course I can't say whether or not you will pass with that level of progress in the labs, however, I do think you have a good fighting chance at 60%.
- If you have about 60% of the public network rooted I would say that is a good time to start thinking about taking the exam. This is especially true if you have one or two of the "mammoths" rooted such as pain, gh0st, or humble/sufferance. Of course I can't say whether or not you will pass with that level of progress in the labs, however, I do think you have a good fighting chance at 60%.
- You HAVEN'T been using Metasploit:
- If you have achieved the first list item without the use of that nasty Metasploit (lol, I promise I don't hate Metasploit 😅) then you should be proficient enough at identifying & exploiting vulnerabilities come exam time.
- If you have achieved the first list item without the use of that nasty Metasploit (lol, I promise I don't hate Metasploit 😅) then you should be proficient enough at identifying & exploiting vulnerabilities come exam time.
- The course materials become review material rater than new information
- If you find yourself pwning boxes in the labs without ever needing to look at the course materials or you find yourself only referring to the PDF for syntax reasons, this is also a good indicator that you have mastered the techniques necessary to pass the exam.
- If you find yourself pwning boxes in the labs without ever needing to look at the course materials or you find yourself only referring to the PDF for syntax reasons, this is also a good indicator that you have mastered the techniques necessary to pass the exam.
- When you have a comprehensive and routine methodology:
- New box? Time to: Nmap ➡ Nikto ➡ Dirb ➡ Enumerate Services ➡ Open site in browser ➡ ...Wash, rinse, repeat
- Once you have developed a solid workflow that you are comfortable with, this too, is an indicator that you are ready to pass the exam.
- You are comfortable with the buffer overflow process:
- A basic buffer overflow in which you are given a proof of concept should only take you about 30-45 minutes to complete.
- For this too, list item 4 still applies. Doing them should be simply walking through steps one by one.
- (Not disclosing if BOF will be on the exam but....enumerate!!)
- You have an exam strategy! VERY IMPORTANT 😲😲
- You need 70 points to pass the exam. Hear me closely: I am not allowed to tell you the values of the machines that are allocated to each system on the exam, however, with a little bit of enumeration that information can be discovered quite easily unfortunately (it is privileged information).
- Do some math and figure out what you need to do in order to get a passing grade. I repeat: Use math to figure out what you need to do to get a passing grade and do that come exam time! 😉
TLDR’ers End Here ⤴
Keep coming back!
That's all I have at the moment! ❤ THANK YOU FOR THE GREAT FEEDBACK!❤ I decided to start this blog after getting such a great response! If you like my content be sure to come back regularly! I will be adding more and more as time progresses. While you're here check out some wallpapers and other stuff.
Read other posts