OSCP Preparation Roadmap: From Zero to Certified

Your Complete OSCP Journey

The Offensive Security Certified Professional (OSCP) is one of the most respected certifications in cybersecurity. This hands-on certification proves you can hack your way through real-world scenarios.

Prerequisites

Recommended Background:

6+ months Linux/Windows administration

Basic networking knowledge (TCP/IP, routing)

Scripting experience (Python, Bash, PowerShell)

Familiarity with security concepts

Before You Start:

Budget: $1,649 (90 days lab access + exam)

Time commitment: 300-500 hours study

Equipment: Dedicated PC with virtualization

Phase 1: Foundation Building (4-6 weeks)

Linux Mastery

Terminal fundamentals

File permissions and ownership

Process management

Shell scripting basics

Networking Deep Dive

OSI model understanding

TCP/IP stack internals

Common protocols (HTTP, SMB, FTP, SSH)

Wireshark packet analysis

Programming Skills

Python for automation

Bash scripting for enumeration

PowerShell for Windows attacks

Phase 2: Core Hacking Skills (8-10 weeks)

Enumeration

Master the art of information gathering:

**Port Scanning:** nmap, masscan, rustscan

**Service Enumeration:** banner grabbing, version detection

**Web Enumeration:** directory bruteforcing, subdomain discovery

**SMB Enumeration:** enum4linux, smbclient, smbmap

Exploitation

Learn to exploit common vulnerabilities:

Buffer Overflows:

Stack-based overflows

SEH (Structured Exception Handler)

Writing custom exploits

Shellcode development

Web Application Attacks:

SQL Injection

Cross-Site Scripting (XSS)

File inclusion (LFI/RFI)

Command injection

Privilege Escalation:

Linux:

SUID binaries

Kernel exploits

Cron jobs

NFS exports

Windows:

Unquoted service paths

DLL hijacking

Registry keys

Token impersonation

Phase 3: PWK Course (12 weeks)

Study Strategy

Week 1-2: PDF & Videos

Read entire PDF (853 pages)

Watch all video modules

Take detailed notes

Set up lab VPN

Week 3-6: Easy Machines

Start with easier boxes

Document every step

Build methodology

Create cheat sheets

Week 7-10: Medium/Hard Boxes

Tackle challenging machines

Practice pivoting

Network enumeration

Multi-stage attacks

Week 11-12: Exam Prep

Review weak areas

Practice buffer overflows daily

Time yourself on boxes

Organize notes

Lab Tips

**Don't Use Metasploit (Much)**

- Saves for exam (one use allowed)

- Learn manual exploitation

- Understand what exploits do

**Take Screenshots**

- Every step documented

- Proof screenshots (flag.txt + ipconfig/ifconfig)

- Build good habits for exam

**Make Notes**

- What worked, what didn't

- Commands that were useful

- Lessons learned

Phase 4: Practice Platforms

TryHackMe

Recommended Paths:

Offensive Pentesting

Red Team path

Buffer Overflow Prep room

Hack The Box

OSCP-Like Machines:

Lame, Legacy, Devel (Easy)

Optimum, Grandpa, Granny (Easy)

Sense, Solidstate (Medium)

Proving Grounds Practice

Best for OSCP Prep:

Official OffSec platform

Similar difficulty to exam

$19/month subscription

Exam Strategy

The 24-Hour Challenge

Exam Structure:

5 machines to compromise

24 hours for exploitation

24 hours for report writing

70 points needed to pass

Point Distribution:

2 machines: 25 points each (50 total)

2 machines: 20 points each (40 total)

1 machine: 10 points

Time Management

**Hour 0-2:** Enumeration

Scan all 5 targets

Identify easy wins

Plan attack order

**Hour 2-12:** Active Exploitation

Start with 25-point machines

Document everything

Take breaks every 2 hours

**Hour 12-18:** Persistence

Stuck? Move to different machine

Try different attack vectors

Review notes

**Hour 18-24:** Final Push

Focus on partial points

Clean up documentation

Prepare for report

Report Writing

Must Include:

Executive summary

Methodology

Detailed findings per machine

Screenshots with timestamps

Remediation recommendations

Tools Arsenal

Enumeration

**nmap:** Port scanning

**gobuster:** Directory bruteforcing

**nikto:** Web vulnerability scanning

**enum4linux:** SMB enumeration

Exploitation

**searchsploit:** Exploit database

**msfvenom:** Payload generation

**Burp Suite:** Web proxy

**sqlmap:** SQL injection

Privilege Escalation

**linpeas/winpeas:** Automated enumeration

**GTFOBins:** SUID exploitation

**PayloadsAllTheThings:** Technique database

Post-Exploitation

**chisel:** Tunneling and pivoting

**mimikatz:** Credential dumping (Windows)

**Impacket:** Network protocol attacks

Common Pitfalls to Avoid

**Relying on Metasploit**

- You only get one use on exam

- Learn manual exploitation

**Skipping Enumeration**

- "Try Harder" doesn't mean guess

- Enumerate thoroughly first

**Not Taking Breaks**

- Burnout is real

- Step away when stuck

**Poor Documentation**

- Document as you go

- Don't rely on memory

Post-Certification

Career Impact:

Average salary: $95,000-$130,000

Pentesting job openings

Red team positions

Security consulting

Next Steps:

OSWE (Web exploitation)

OSED (Exploit development)

OSEP (Evasion techniques)

Ready to start your OSCP journey? Contact us for mentorship and training resources.