A road map for people who are just getting started in OSCP and want to succeed.

The OSCP certification is well-known in the cybersecurity industry and is still considered the peak of such qualifications. Their labs are extraordinarily well-designed and supported by 24-hour forums. The exam places a premium on time management, stress management, and the 'Try Harder' mentality. It should be noted that genuine OSCP exams have unique labs and objectives for each test, and beware of fake leaks or dumps.

Foundational Knowledge:

Begin by enhancing your fundamental skills in the following areas:

- Networking: Focus on topics such as IP, TCP, UDP, HTTP, HTTPS, DNS, DHCP, and ARP.

- TryHackMe: Obtain a monthly subscription and complete the paths "Introduction to Cybersecurity," "Complete Beginner," "Web Fundamentals," "Pre Security," and "Cyber Defence" to gain practical experience.

- Linux: Utilize resources like overthewire.org to enhance your practical knowledge. Complete at least 20 levels on OverTheWire and take the Linux 101 course on TCM Academy and the Linux Fundamentals series on TryHackMe.

- Windows: Familiarize yourself with registry hives, directory structures, the difference between x32 and x64 bit systems, command prompt, and PowerShell. Complete relevant rooms on TryHackMe to gain hands-on experience.

- Scripting Languages: Gain familiarity with code reading, debugging, writing, and scripting for automation. Focus on Python and Rust. TCM Academy offers excellent courses on Python101 and Rust101.

- Web Development Languages: Learn HTML, CSS, JS, and SQL since web application pentesting involves understanding and exploiting website code. FreeCodeCamp and PortSwigger provide comprehensive learning resources.

By preparing these fundamentals, you should be able to build a solid foundation in about a month.

Intermediate Level:

Now, let's focus on more advanced technologies and tools to further enhance your skills:

- Active Directory: Master Active Directory, as it is crucial not only for the exam but also for real-life corporate jobs. TryHackMe offers excellent paths on Active Directory.

- PortSwigger: Explore PortSwigger's web application penetration testing resources, which provide both theoretical knowledge and practical exercises. Complete as many rooms as possible to gain a solid understanding.

- TCM-PEH Course: Enroll in the Practical Ethical Hacking course by TCM Academy, which covers all aspects of penetration testing and prepares you for the OSCP exam. The course also includes Active Directory practicals.

- TryHackMe and HackTheBox: Engage in individual boxes on TryHackMe and gradually move

Advanced Level:

• Register for the OSCP Exam and complete all of your topics exercises first.

• Begin working on 'Hard' rooms in TryHackMe and HTB.

• Proving Grounds: These machines are identical to the ones you'll see on your exam. The method and technique utilized in the PG machines are the same as those expected in the OSCP test. Completing about 50 PG machines [Play+Practice].

Wishing you the best of luck in your OSCP journey.

Resources

Support us on social media