What is OSCP?

From Wikipedia:

Offensive Security Certified Professional (OSCP, also known as OffSec Certified Professional) is an ethical hacking certification offered by Offensive Security (or OffSec) that teaches penetration testing methodologies and the use of the tools included with the Kali Linux distribution (successor of BackTrack).

Why will you need a notes system?

You could be actively working as a penetration tester or you could be preparing and studying for a certification exam such as Offensive security certified professional. In both cases, a set of notes maintained in your repository where you can search for commands, concepts or use cases that could aid you in the task you are performing is necessary for a productive studying and/or working.

Who Are These Notes For?

  • Cybersecurity students preparing for offensive security certified professional certificate
  • Professionals who are actively working in the field and need a set of ready and concise red team and penetration testing notes.
  • Savvy learners who want to quickly master penetration testing without having to read hunderds of pages.

The OSCP Study Notes Catalog

This is a 1487 pages of notes that will guide and help you prepare for and pass the OSCP exam.

Table of contents:

– Information Gathering and Reconnaissance

– Network and Web Exploitation

– OS & Application Exploitation

– Databases Exploitation

– AntiVirus & IDS/IPS Evasion

– Password Cracking

– Reverse Shells

– The Metasploit Framework

– Windows Privilege Escalation

– Windows Active Directory Exploitation

– Linux Privilege Escalation

– Supplementary Materials

  • Windows System Administration
  • Linux System Administration
  • Database Administration
  • Regular Expressions

Page Count: 1487

Format: PDF

oscp study notes
oscp study notes
oscp notes
oscp notes

Testimonials (LinkedIn)

How to buy the book?

You can buy the booklet directly by clicking on the button below

Buy OSCP Notes in PDF

After you buy the booklet, you will be able to download the PDF booklet along with the markup files if you want to import them to Obsidian software.

Understand the Exam Format and Requirements

Take a look here at the exam changes implemented in 2024.

Before you start preparing, familiarize yourself with the exam structure:

  • Duration: 24 hours (plus an additional 24 hours to submit the report).
  • Exam Structure:
    • You are provided access to a virtual network with several machines that need to be compromised.
    • Machines vary in difficulty and points, and you need 70 out of 100 points to pass.
    • Scoring:
  • 3 stand-alone machines (60 points in total)
    • 20 points per machine
      • 10 points for initial access
      • 10 points for privilege escalation
  • 1 Active Directory (AD) set containing 3 machines (40 points in total)
    • For the Active Directory exam set, learners will be provided with a username and password, simulating a breach scenario.
    • 10 points for machine #1
    • 10 points for machine #2
    • 20 points for machine #3
  • Possible scenarios to pass the exam (70/100 to pass)
    • 40 points AD + 3 local.txt flags (70 points)
    • 40 points AD + 2 local.txt flags + 1 proof.txt flag (70 points)
    • 20 points AD + 3 local.txt flags + 2 proof.txt flag (70 points)
    • 10 points AD + 3 fully completed stand-alone machines (70 points)
  • Report Submission: You must submit a penetration testing report within 24 hours after the exam. The report must contain:
    • Steps taken to exploit the machines.
    • Screenshots as evidence of each step.

Create a Study Plan

The OSCP exam requires focused preparation, so create a structured study plan.

  • Timeframe: Most candidates take 3 to 6 months to prepare thoroughly, though this depends on prior experience.
  • Daily Commitment: Allocate at least 2-4 hours a day for studying, practicing, and working on labs.
  • Weekend Focus: Dedicate weekends or longer study sessions to more in-depth penetration tests or practice exams, which simulate the actual OSCP environment.

Enroll in the PWK Course (Penetration Testing with Kali Linux)

Offensive Security offers a course called Penetration Testing with Kali Linux (PWK) that includes:

  • A PDF guide with over 800 pages.
  • Training videos covering key concepts.
  • A lab environment with multiple machines that simulate real-world environments.

The PWK course is essential as it provides the foundational knowledge and practice labs you need for the exam. Here’s how to make the most out of it:

  • Go through all the labs: The PWK labs contain various machines of different difficulty levels. Try to compromise as many machines as possible, focusing on learning both user and root access.
  • Take Notes: As you go through the labs, take detailed notes about the techniques, commands, and exploits you use.

Sharpen Your Hacking Skills

The OSCP tests your practical hacking skills, so focus on building hands-on experience:

Key Skills to Master:

  • Linux Basics: You should be very comfortable with Linux commands, file systems, and permission structures.
  • Windows Privilege Escalation: Learn techniques to escalate privileges in Windows, including bypassing UAC, exploiting weak services, and abusing misconfigurations.
  • Linux Privilege Escalation: Practice finding SUID binaries, misconfigurations, or kernel vulnerabilities to gain root access on Linux systems.
  • Active Directory Exploitation: Familiarize yourself with basic Active Directory enumeration and exploitation techniques.
  • Scripting: Learn how to automate tasks using Python, Bash, or PowerShell. These skills can help with reconnaissance and exploitation.

Practice with CTF Platforms

  • Hack The Box (HTB): Offers a variety of machines with varying difficulty levels. Focus on those tagged with “OSCP-like” to simulate exam conditions.
  • VulnHub: Hosts downloadable vulnerable machines that can be set up locally. Many machines are designed to mimic OSCP exam machines.
  • TryHackMe: Provides guided walkthroughs and vulnerable machines to practice hacking techniques.

These platforms will help you build your skills and expose you to various real-world vulnerabilities.

Get Comfortable with the Tools

Familiarity with the tools in Kali Linux is essential for passing the OSCP. Here are the most commonly used tools:

  • nmap: For port scanning and service discovery.
  • netcat (nc): For reverse shells and simple server/client connections.
  • Metasploit: While using Metasploit is limited in the exam (you can only use it once), it’s important to know how to exploit vulnerabilities manually.
  • Gobuster / Dirbuster: For directory enumeration.
  • Burp Suite: For web application attacks and exploiting vulnerabilities like SQL injection.
  • John the Ripper / Hashcat: For password cracking.
  • Nikto: For basic web vulnerability scanning.

Report Writing

The OSCP report is an essential component of the exam, and good reporting can make or break your result. To ensure you pass:

  • Document Everything: During the exam, take screenshots and record every step you take to exploit machines, including commands and output.
  • Write Clearly: Make your report concise but detailed. Focus on:
    • Steps to compromise the machine: From initial enumeration to privilege escalation.
    • Exploits used: Explain the vulnerabilities and provide proof.
    • Screenshots: Include screenshots as evidence for each step (e.g., access gained, flags retrieved).

Simulate the Exam Environment

About two weeks before the exam, simulate the exam conditions:

  • 24-hour mock exam: Create a mock scenario where you attempt to root multiple machines within 24 hours and write the report within the next 24 hours.
  • No external help: Stick to the tools, techniques, and methodology you’ve practiced. Avoid relying on hints, guides, or external assistance.

Time Management During the Exam

On exam day, managing time is critical:

  • Start with Enumeration: Begin by scanning the network and enumerating open services for all machines. Use tools like nmap and Gobuster to gather information.
  • Prioritize Machines: Go after machines that you find easier first. Don’t get stuck on any one machine for too long.
  • Break the Exam into Chunks: Allocate specific times to work on each machine, and take breaks to avoid burnout.

What about the notes updates?

if you have been watching my YouTube Channel, you definitely know that those who subscribe to the second tier of my channel membership they instantly get access to a vast catalog of cybersecurity, penetration testing, digital marketing, system administration and data analytics notes catalog for just 10$ along with the ability to receive all notes updates as long as they are subscribed so what does that mean?

This means if you want to stay up to date with the changes and updates to the notes and get access to other categories, I encourage to join the channel membership second tier instead.

However, if you are fine with downloading the current version of this section of the notes then you can buy this booklet instead for a one-time payment.

Will the prices of this booklet change in the future?

Once another version of this booklet is released, which it will, the price will slightly change as the booklet will include more contents, notes and illustrations.

Checkout also the below playlist I created for those preparing for OSCP