It’s been 14th day since I started to study for Offensive Security Certified Professional (OSCP) certification. People say that OSCP is not for beginners, yeah, I say the same too. The path to OSCP is like an upside down and you are a lone explorer in the world full of unexplored areas.
When I say unexplored, it is like a parallel world that exists on our world. What I mean to this, is you just don’t randomly discuss Privilege Escalation or Reverse Shell exploitation with your wife or with your non-IT friends. They’ll just tell your screws must be loosen.
Luckily, over my past few experiences, I already got some small head start for my journey. I already got CCNA for networking, and some low level programming (ASM) (thanks to https://www.unknowncheats.me/forum/index.php). I still have a lot of work to do as this is only just a small head start and not the full context.
I can describe my head start as Information scattered all over and just waiting them to be connected to become Knowledge.
Now, if you are truly zero knowledge with OSCP topics. I don’t recommend taking it unless you are really determined and fully committed to it. It is really really really frustrating especially when seeing ridiculously mind blowing numbers and alphabets popping-off your screen.
The above screenshot is a windows debugger used to debug applications. It is usually used as stack analyzer for buffer overflow exploitation. But that’s not all, it can do a really lot of things. Quite overwhelming right? But hey, just like I said, with proper planning, we can achieve OSCP too.
My Roadmap
My roadmap is simple. I first gathered some materials to watch/review/memorize and try. Luckily, I found a website that offers exact content from OffSec: https://pwk.hide01.ir, yup, FREE! without paying. Now, as advised by a lot of people who took OSCP too, you might wanna try subscribing to HackTheBox VIP (15$) & Offsec Proving Grounds (20$) subscription first after/during studying for hands-on experience.
Next thing, when I feel I am confident with the tools and get to pawned a lot of machines, I will now start to subscribe to PEN-200. I just did get a local copy of exact course content first so I can study what I will face during the course proper. Also, I don’t want to start my lab subscription when I don’t even know what’s inside the course. In short, I just did some fail safe option than losing a lot of money for subscription if I didn’t finish the course on-time.
In the end, you are still forced to subscribe to PEN-200 subscription because they don’t offer an Exam Only option.
I know my journey is still long. I will constantly make writeups here in my blog during my journey towards OSCP.
Thanks for reading! More updates soon! ?