The OSCP Page

Congratulations for deciding to try harder!

While there are no spoilers for the OSCP on this page, here is a small collection of resources that would be useful for pentesters, system administrators and OSCP candidates. If you are willing to try harder, go ahead and explore.


There are plenty of resources on the Internet. I trust your Googling skills are sufficient to enumerate resources; I do not need to re-invent the wheel. However, I would like to make some mention of what I think are important, and perhaps under-appreciated.

1. Nmap’s Scripting Engine: Many think of nmap as a port scanner. That is correct, but it is able to do far more. Its scripting engine is capable of picking up vulnerabilites, enumeration, and in some cases, even performing command execution!

2. Lab Environment: Many people I know who take the OSCP do take the labs as some sort of capture-the-flag. It isn’t all about proof.txt. It’s about trying as many different things you can think of, exploiting in as many different ways, and trying all sorts of ideas. Once the lab time expires, finding a lab environment as diverse, as rich will be difficult. Treasure the lab time to do things you would do in a network penetration test, such as pivoting! Some people use the lab environment to perform

3. Privilege Escalation: The OSCP discusses privilege escalation in brief. However, the subject of privilege escalation can easily span across so many different areas that one could write a book about all of that. Thankfully, there are some shorter basic guides for Linux and Windows that are “standard reference” for today’s pentesters. The subject of Windows privilege escalation is rich and diverse, far more than simply “getsystem”.

If you use Facebook, you can join a study group.

The Journey
Refer to the main blog. Parts one, two and three are linked for your reference.

Vulnerable Machines

Personally I have created some machines that are OSCP-like. They resemble the rough spirit of the OSCP, though in no way should they be treated as similar to any examination or lab machine.

I have currently 1 machine featured on Vulnhub, and I expect to write a few more. The hostnames for these machines are indicated, and a short sypnosis about these machines will be provided.

MERCY: This was a machine that was destined for a beginner CTF, until I realised it might not have been too prudent to introduce a few of those concepts in this machine for a beginner CTF. Try harder and root this box; this box was the very first box written, and was in dedication to passing the OSCP and those that were with me on the journey. If you must spoil yourself with a walkthrough, a friend has kindly helped make a video walkthrough here.

BRAVERY: currently awaiting appearance on Vulnhub. (This will be updated upon publication.)

DEVELOPMENT: currently awaiting appearance on Vulnhub. (This will be updated upon publication.)

JOY (working name): 15% done. A lot of testing needs to be done.

TORMENT: currently to be tested with some friends.

Simultaneously, I am also working with some friends who run Wizard-Labs, a penetration testing environment. If you want to find Windows boxes to practise on, you may be able to find some creations over here.