OSCP progress

This is my penetration testing study tracker for my OSCP exam planned for February 2022.


[COMPLETED] PEN-200 - Penetration Testing with Kali Linux materials

Status: Completed July 2021


[In progress] HackTheBox - Active Directory 101

Description: Active Directory exploitation labs, using HTB official walkthroughs.

Timeline: October 2021

Status

Machine Difficulty Platform Status Notes
Forest Easy Completed ASREPRoast, DCSync
Sauna Easy Completed ASREPRoast, DCSync
Active Easy Completed Groups.xml, Kerberoasting
Blackfield Hard Completed ASREPRoas, Dumping LSASS and NTDS.dit,Password spraying, SeBackup and SeRestore privilege abuse
Resolute Medium Completed Active Directory, LDAP anonymous bind, PowerShell Transcription logging, DnsAdmins privileged group abuse
Reel Hard Completed Active Directory, Service misconfiguration (FTP, SMTP), Client-side attacks (Office), Permissions abuse, sensitive information leak
Sizzle Insane    
Mantis Hard    
Cascade Medium Completed Active Directory, LDAP Enumeration, SQLite databases, RE .NET Assemblies, TightVNC Password Extraction, AES Encryption, AD Recycle Bin
Multimaster Insane    

[In progress] HackTheBox - OSCP-like machines

Description: Here is the status of my progress in completing the OSCP-like machines (new list) from @TJ_Null.

Timeline: October 2021 - December 2021

Status

Machine Difficulty Platform Status Notes
Lame Easy Completed  
Shocker Easy Completed  
Bashed Easy Completed  
Nibbles Easy Completed  
Beep Easy Completed  
Sense Easy    
Valentine Easy Completed  
Sunday Easy    
Irked Easy Completed  
Friendzone Easy Completed  
Legacy Easy Completed  
Blue Easy Completed  
Devel Easy    
Optimum Easy    
Granny Easy    
Arctic Easy    
Grandpa Easy    
Bounty Easy    
Jerry Easy Completed  
Cronos Medium Completed  
Niniveh Medium Completed  
SolidState Medium Completed See my writeup
Node Medium    
Poison Medium    
Tartarsauce Medium    
Silo Medium    
Bastard Medium    
Kotarak Hard    
Conceal Hard    
Brainfuck Insane    
Additional machines        
Netmon Easy Completed  
Active Easy    
LaCasaDePapel Easy    
Jeeves Medium    
Bart Medium    
Devoops Medium    
Hawk Medium    
Lightweight Medium    
Tally Hard    
Falafel Hard    
Jail Insane    

[Planned] Buffer Overflows

Timeline: November 2021 - December 2021

[TBD]


[Planned] PEN-200 - Penetration Testing with Kali Linux Labs

Description: Below is my progress on the PWK Labs. Of course, only machines published in the PEN-200 Labs Learning Path will be named.

Timeline: Resume on January 2022

Status

Machine Platform Status
Alpha Completed
Beta Completed
Alice Completed
Disco Completed
Susie [TBD] In Progress
Hotline [TBD] Not Started
Chris [TBD] Not Started
Mailman [TBD] Not Started
XOR-APP59 [TBD] Not Started
Sean [TBD] Not Started
Bethany [TBD] Not Started
[redacted] In Progress
[redacted] Completed
[redacted] In Progress
[redacted] Not Started
[redacted] Not Started
[redacted] Not Started
[TBD]    

[good-to-have] HackTheBox - Dante Pro Lab

Description

Dante is a modern and beginner-friendly Pro Lab that provides the opportunity to learn common penetration testing methodologies and gain familiarity with tools included in the Parrot OS Linux distribution.

Timeline: December 2021

Status

Machine Platform Status
DANTE-FW01    
DANTE-ADMIN-DC02    
DANTE-ADMIN-NIX05    
DANTE-ADMIN-NIX06    
DANTE-DC01    
DANTE-NIX02    
DANTE-NIX03    
DANTE-NIX04    
DANTE-NIX07    
DANTE-SQL01    
DANTE-WS01    
DANTE-WS02    
DANTE-WS03    
DANTE-WEB-NIX01