OSCP Overview & Exam Strategy
Setting Up Your Practice Lab
A proper lab environment is essential for OSCP preparation. This lesson guides you through setting up your attack machine and practice targets.
Hardware Requirements
Minimum Specifications
| Component | Minimum | Recommended |
|---|---|---|
| RAM | 8 GB | 16+ GB |
| CPU | 4 cores | 8+ cores |
| Storage | 100 GB free | 250+ GB SSD |
| Network | Stable internet | Wired connection preferred |
Note: You'll be running virtual machines, so more RAM and CPU cores directly improve your experience.
Attack Machine: Kali Linux
Kali Linux is the standard for OSCP. OffSec provides it and the exam expects familiarity with it.
Installation Options
Option 1: Virtual Machine (Recommended for beginners)
├── Download: kali.org/get-kali (VM image)
├── VMware Workstation/Player or VirtualBox
├── Allocate: 4 GB RAM, 2 CPUs, 80 GB disk
└── Network: NAT or Bridged
Option 2: Bare Metal (For dedicated machines)
├── Download: kali.org/get-kali (installer)
├── Boot from USB
└── Full disk installation
Option 3: WSL2 (Windows Subsystem for Linux)
├── Windows 10/11 with WSL2 enabled
├── Install from Microsoft Store
└── Limited for some network tools
Post-Installation Setup
After installing Kali, run these commands:
# Update system
sudo apt update && sudo apt upgrade -y
# Install additional tools
sudo apt install -y \
seclists \
gobuster \
feroxbuster \
bloodhound \
neo4j \
crackmapexec \
evil-winrm \
chisel \
ligolo-ng
# Clone useful repositories
mkdir ~/tools && cd ~/tools
git clone https://github.com/carlospolop/PEASS-ng.git
git clone https://github.com/samratashok/nishang.git
git clone https://github.com/PowerShellMafia/PowerSploit.git
Virtualization Platform
VMware vs VirtualBox
| Feature | VMware | VirtualBox |
|---|---|---|
| Performance | Better | Good |
| Snapshots | Excellent | Good |
| Networking | More options | Basic |
| Cost | Player is free | Free |
| OSCP Labs | Recommended | Supported |
VMware Workstation Player is free for personal use and handles the PEN-200 VPN connection better.
Network Configuration
For lab practice, understand these network modes:
NAT (Network Address Translation):
├── VM shares host's IP
├── VM can access internet
├── Host cannot reach VM directly
└── Good for: Internet access, basic labs
Bridged:
├── VM gets own IP on network
├── VM appears as separate device
├── Other devices can reach VM
└── Good for: Network scanning practice
Host-Only:
├── VM can only talk to host
├── No internet access
├── Isolated environment
└── Good for: Offline labs (VulnHub)
Practice Target Platforms
PEN-200 Labs (Required)
When you purchase PEN-200, you get access to OffSec's lab network:
Lab Network Structure:
├── Student Network (starting point)
├── IT Department
├── Dev Department
├── Admin Department
└── Active Directory Environment
Access via:
└── OpenVPN connection (provided by OffSec)
Proving Grounds (Recommended)
OffSec's Proving Grounds offers OSCP-like machines:
| Tier | Cost | Machines | Difficulty |
|---|---|---|---|
| Play | Free | ~20 | Easy-Medium |
| Practice | $19/month | 60+ | Medium-Hard |
HackTheBox
| Tier | Cost | Access |
|---|---|---|
| Free | $0 | Active machines only |
| VIP | $14/month | All retired machines |
| VIP+ | $20/month | VIP + priority access |
For OSCP prep, VIP is recommended to access the TJ Null list machines.
Building Offline Labs
For practicing without internet, use VulnHub machines:
Local Lab Setup
1. Download VulnHub OVA files
└── vulnhub.com
2. Import into VMware/VirtualBox
3. Configure Network:
└── Set both Kali and target to Host-Only
4. Verify connectivity:
└── ping [target-ip] from Kali
Recommended Starter Machines
| Machine | Skills Practiced |
|---|---|
| Kioptrix 1-5 | Linux enumeration, exploitation |
| Mr. Robot | Web attacks, privilege escalation |
| DC 1-9 | Active Directory basics |
| Stapler | Comprehensive pentesting |
| SickOS 1-2 | Web apps, post-exploitation |
Tool Organization
Keep your tools organized for quick access during the exam:
~/tools/
├── enumeration/
│ ├── PEASS-ng/ # LinPEAS, WinPEAS
│ └── enum4linux-ng/
├── exploitation/
│ ├── windows/
│ │ └── PowerSploit/
│ └── linux/
│ └── linux-exploit-suggester/
├── shells/
│ ├── nishang/ # PowerShell shells
│ └── webshells/
├── wordlists/
│ └── -> /usr/share/seclists # Symlink
└── scripts/
└── custom/ # Your personal scripts
VPN Configuration
For PEN-200 labs and the exam, you'll connect via VPN:
# Connect to OffSec VPN
sudo openvpn your-lab.ovpn
# Verify connection
ip addr show tun0
# Test connectivity to lab
ping [lab-gateway-ip]
Exam Tip: Test your VPN connection and Kali setup multiple times before exam day. Technical issues during the exam consume precious time.
Snapshot Strategy
Take VM snapshots at key points:
Snapshot Timeline:
1. Fresh Install - After initial Kali setup
2. Tools Installed - After installing all tools
3. Configured - After customizing environment
4. Pre-Exam - Clean state before exam
This allows quick recovery if something breaks.
With your lab environment ready, let's move to information gathering techniques in the next module. :::