OSCP Journey

My OSCP journey began in 2019. I was fortunate to have my employer at the time pay for the 3-month access pass for the PWK course. And I didn’t do squat with it… I let it expire, but fortunately I changed roles at that employer and had a new manager who offered to renew it for another 3 months. And still, I did nothing with it….

My 2nd PWK course expired right before the 2020 pandemic started. Incidentally, I started a new role at a new company literally the week the country shut down. I was also teaching during this time (a cybersecurity boot camp at UT Austin) and though my new job and teaching duties kept me busy, there was still some time to kill.

I setup some virtual happy hours during the first few months the country was shut down, and we often worked on some Hack the Box (HTB) machines during these meetings. I also found some time in the evenings to work on HTB machines, often found while Googling “OCP HTB labs” or similar machines. I tried to do one a week while I was teaching, but after that cohort finished I tried doing a machine every 1-2 days.

I approached the HTB machines by doing the walkthroughs. I focused on walkthroughs that did not utilize Metasploit, and even wrote a few myself and submitted them to Hack the Box (most of them are below). While either following walkthroughs, or writing my own, I started collecting notes on how to use tools, commands that might be frequently used, and getting familiar with the overall pentesting process.