Skip to content

OSCP- One Page Repository

Hello Everyone. This is the one page repository for OSCP learners.

1. Kali Linux Basic knowledge

2. Learn Basics Bash Scripting and Python Language

3. Recon: Learn about network reconnaissance

4. Vulnerable Machines

Now move to vulnerable machines. There are two main websites for practice on vulnerable machines.

Hackthebox machines and Vulnhub Machines. There are multiples infosec guys who has written blogs related to these machines for community. First thing you need to do, read blogs for 5 machine and try to understand the approach for start on these machines.

TjNull has shared a list which has OSCP related boxes.

Vulnhub List

Hackthebox List

5. Public Exploits

Most of the time in OSCP you will need to use a public exploit on your target to see if you can obtain a shell on it. With that exploit you may need to modify shellcode or even parts of the exploit to match with your system to obtain a connection from your target.

SearchSploit - Offline kali Database -

6. File Transfer

There are multiple ways to transfer the files from attacker system to target system.


  • VBS Script
  • SMB Server
  • HTTP Server
  • FTP Server
  • TFTP Server
  • Powershell
  • Debug.exe
  • Certutil


  • Python Server
  • Curl
  • Wget
  • Netcat
  • FTP
  • PHP
  • SCP - SSH

7. Privilege Escalation

  • For Practice on Local Machine:

  • Windows Privilege Escalation

  • Linux Privilege Escalation

8. Web App Vulnerabilities

  • Vulnerable Application for Practice:
  • Metasploitable 2
  • Multidae

9. Buffer Overflow

10 Pivoting & Port Forwarding

HTB Boxes to Prepare for OSCP (Youtube Playlist):

  • Windows Privilege Escalation
  • Winpeas
  • Powerup
  • Sharpup
  • Seatbelt
  • Windows Priv checker

  • Linux Privilege Escalation

  • Linux smart enumeration
  • Pspy64
  • Linpeas
  • Lpe
  • Linux Exploit Suggester
  • Beroot
  • Bashark
  • Linux priv checker
  • Password Cracking
  • Online Tools for Password Cracking:
  • Wordlists:
  • In Kali: /usr/share/wordlists
  • Seclists: apt-get install seclists You can find all of his password lists here:
  • Online Password Crackers: ​