The Penetration testing with Kali Linux courseware contains a PDF file and instruction videos on all subjects. The course covers many different subjects such as passive and active information gathering with many different tools but also writing simple buffer overflows exploits for Windows and Linux and privilege escalation techniques for both operating system. You will also learn about exploiting web applications, perform password attacks, tunnelling and how to use Metasploit. The full course syllabus is available here:
It is helpful if you have prior knowledge of networking basics, scripting/coding and maybe some hacking and enumeration techniques in general when you start the course. Every subject is explained very well in the courseware and starts from basic. However, you really need to learn a lot during this course in a very limited timeframe. Especially when you do this course beside a full time job like most of us. Any prior knowledge will speed up the learning, lower the learning curve and save you some time.
Tips for the OSCP courseware
- Follow the courseware first and then start practicing in the labs.
- Use additional sources to learn more. A list of great online and offline sources is at the bottom of this article.
- Join the offensive security PWK forums and social media and talk to other people. You can learn a lot from other people too, especially when you have little or no practical experience on the subject. InfoSec is often a passion and a way of living so people are often quite nice and willing to share information and educate people who share the same passion (read last paragraph for what questions to ask and what not).
The best part of the learning path to OSCP certification are the labs. The OSCP labs contain several networks with over 50 servers to practice your ethical hacking skills on. The operating systems on these hosts vary from Windows XP, Windows 2008 server and Windows 7 to different Linux/Unix based operating systems such as Debian, Ubuntu, CentOS, FreeBSD, Fedora and more. Some operating systems are old (there’s even a Windows 2000 server) and some are very recent like Windows 8.1 The lab also contains several clients performing automated tasks which can be targeted to learn about client side exploitation.
The main goal for each machine is to get a shell on the machine with administrator privileges and collect the contents of a proof.txt file on the Desktop. Some machines contain a networksecret.txt file besides the proof file. These machines are configured with a second network adapter which allows you to use the machine as a pivot point and access an otherwise unavailable network. The contents of the network secret files allows you to revert machines in other subnets from the student panel. The OSCP student panel is accessible through the VPN connection and is an interface to revert machines, use Offensive Security’s Crackpot and to (re)schedule your exam.