| A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z | |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1 | LainKusanagi list of OSCP like machines | |||||||||||||||||||||||||
2 | >Whoami | >What is this list for | ||||||||||||||||||||||||
3 | -Before and while doing PEN 200 course and after failing my first attempt I completed multiple machines in multiple hacking platforms. -I did all the PEN 200 course along with all the challenge labs that where introduced in the 2023 version of the PEN 200 (including the challenge lab network other people skip). -I failed my first attempt with 60 points and then passed my second attempt with 90 points. I experienced completely different exam sets in each attempt. -I also did the challenge labs added on October 2024 before my learn one subscription ended. -All of this experience gave me a good sense of what is OffSec style of boxes and what is important to know in the exam Have feedback or suggestions? Let me know here: https://x.com/unknownseeker99 https://www.reddit.com/user/JosefumiKafka/ https://www.linkedin.com/in/luis-moret-4a42ab246/ | -This is a list of machines I consider good for practice before doing the PEN 200 course, challenge labs and OSCP exam however this is not a replacement for the actual course and I recommend you to go through all of the course, exercises and challenges before attempting the exam. -The machines in this list where selected because either they teach important techniques and concepts found in the course and labs, have similar style to machines made by offsec or where in a way crucial to helping me develop my methodology and help me pass my exam. -This list overlaps a lot with the famous TJ Null list however it also filters out boxes that may be too outside of the scope of the PEN 200 and OSCP exam and includes boxes from other hacking platforms such as Tryhackme and VirtualHackingLabs, still I added some boxes in this list that may have elements harder than OSCP but I believe are worth doing as they may have some other aspect that is crucial to know and practice Support me: https://buymeacoffee.com/lainkusanagi | ||||||||||||||||||||||||
4 | Useful forks made by the community (I do not maintain these forks so they may not reflect latest changes): -List with difficulty ratings made by Jubba402 https://docs.google.com/spreadsheets/d/13YoNQuY6HC5ot-lZiX2tY9pR5mvwnp3xV6lHs78DlqQ/ -Study tracker combining this list and TJ Null list with difficulty ratings made by Obeyeater https://docs.google.com/spreadsheets/d/1nzEN0G6GzneWCfs6qte6Qqv-i8cV_j6po-tFlZAOx1k/ | |||||||||||||||||||||||||
5 | Hackthebox | Tryhackme | ||||||||||||||||||||||||
6 | Start learning to Try harder here. Don’t fully skip hackthebox some boxes have important concepts that are rare even in PG practice like SNMP and Keepass also AD ones are pretty good practice even if harder than OSCP in some ways. At the very least watch ippsec videos and take notes | More guided and friendly approach for some rooms but still great boxes and rooms for prep. Active Directory ones here are very good practice for the OSCP. | ||||||||||||||||||||||||
7 | Linux | Windows | Active Directory and Networks | Linux | Windows | Active Directory and Networks | Other recommended rooms | |||||||||||||||||||
8 | Sea | Markup | Active | Mr Robot | Steel Mountain | Attacktive Directory | SQL Injection Lab | |||||||||||||||||||
9 | Nibbles | Jerry | Forest | Thompson | Year of the Owl | Attacking Kerberos | Linux Privilege Escalation | |||||||||||||||||||
10 | Solidstate | Netmon | Sauna | Kenobi | Retro | Wreath Network | Windows Privilege Escalation | |||||||||||||||||||
11 | Poison | Servmon | Monteverde | GameZone | Alfred | Reset | Git Happens | |||||||||||||||||||
12 | Editor | Chatterbox | Timelapse | Skynet | Relevant | Vulnnet: Active | NahamStore | |||||||||||||||||||
13 | Sunday | Jeeves | Flight | Daily bugle | Blueprint | Enterprise | ||||||||||||||||||||
14 | Keeper | Sniper | Return | Lazy admin | Hackpark | Ledger | ||||||||||||||||||||
15 | Pilgrimage | Querier | Blackfield | Tomghost | Weasel | Recommended paths | ||||||||||||||||||||
16 | Cozyhosting | Giddy | Cicada | Rootme | AllSignsPoint2Pwnage | Assumed Breach Scenarios: | Cyber Security 101 | |||||||||||||||||||
17 | Codify | Bounty | Escape | CMesS | Anthem | Corp | Jr Penetration Tester | |||||||||||||||||||
18 | Tartarsauce | Artic | TheFrizz (harder) | Ultratech | Hack Smarter Security (harder) | Lateral Movement and Pivoting | Offensive Pentesting | |||||||||||||||||||
19 | Jarvis | Remote | Internal | Cyberlens | Exploiting Active Directory | |||||||||||||||||||||
20 | Tabby | Buff | Assumed Breach Scenarios: | Zeno | ||||||||||||||||||||||
21 | Usage | Love | Administrator | Boiler CTF | ||||||||||||||||||||||
22 | Mentor | Secnotes | EscapeTwo | Wonderland | ||||||||||||||||||||||
23 | Devvortex | Access | Certified (harder) | Silver Platter | ||||||||||||||||||||||
24 | Irked | Mailing | Puppy (harder) | Year of the Jellyfish | ||||||||||||||||||||||
25 | Popcorn | Heist | ||||||||||||||||||||||||
26 | Bashed | ProLabs: | Update: | |||||||||||||||||||||||
27 | Broker | Dante | 8/2/2025 Editor will replace Knife in htb list | |||||||||||||||||||||||
28 | Analytics | Zephyr (harder) | 9/7/2025 Added BuildingMagic to HackSmarter (new platform) list | |||||||||||||||||||||||
29 | Networked | 9/12/2025 Added ShareThePain to HackSmarter list | ||||||||||||||||||||||||
30 | UpDown | 9/19/2025 Added PivotSmarter and BankSmarter to HackSmarter list | ||||||||||||||||||||||||
31 | Swagshop | AWS (Not in the exam) | 9/26/2025 Added Ascension and Arasaka to HackSmarter list | |||||||||||||||||||||||
32 | Nineveh | Epsilon | ||||||||||||||||||||||||
33 | Pandora | Gobox | ||||||||||||||||||||||||
34 | OpenAdmin | Bucket | ||||||||||||||||||||||||
35 | Precious | |||||||||||||||||||||||||
36 | Busqueda | |||||||||||||||||||||||||
37 | Monitored | |||||||||||||||||||||||||
38 | BoardLight | |||||||||||||||||||||||||
39 | Magic | |||||||||||||||||||||||||
40 | Help | |||||||||||||||||||||||||
41 | Editorial | |||||||||||||||||||||||||
42 | Builder | |||||||||||||||||||||||||
43 | Linkvortex | |||||||||||||||||||||||||
44 | UnderPass | |||||||||||||||||||||||||
45 | Dog | |||||||||||||||||||||||||
46 | ||||||||||||||||||||||||||
47 | Proving Grounds Practice | Virtual Hacking Labs | ||||||||||||||||||||||||
48 | The real OSCP like boxes, this is just a list with the ones that are best practice and removing the overly complicated ones that are too out of scope and those that were boxes meant to be mostly for OSEP and OSED (example Kyoto and Nara) that were in TJNull list plus adding some new ones | Very under rated platform with very OSCP like machines, people that have used it really recommend it for OSCP including me. It has been very crucial help for those that have failed attempts to be able to pass and they are good practice for standalones. | ||||||||||||||||||||||||
49 | Linux | Windows | Active Directory and Networks | Linux | Windows | |||||||||||||||||||||
50 | ClamAV | Kevin | Access | Techblog | Steven | |||||||||||||||||||||
51 | Pelican | Internal | Resourced | Backupadmin V2 | Aaron | |||||||||||||||||||||
52 | Payday | Algernon | Nagoya | Web01-Dev V2 | Anthony | |||||||||||||||||||||
53 | Snookums | Jacko | Hokkaido | Web01-Prd V2 | Jennifer | |||||||||||||||||||||
54 | Bratarina | Craft | Hutch | Forum | WinAS01 | |||||||||||||||||||||
55 | Pebbles | Squid | Vault | Quick | AS45 | |||||||||||||||||||||
56 | Nibbles | Nickel | Tiki | Trace | ||||||||||||||||||||||
57 | Hetemit | MedJed | Treat it like a small network | Helpdesk V2 | React | |||||||||||||||||||||
58 | ZenPhoto | Billyboss | SkillForge (Linux) | VPS1723 V2 | ||||||||||||||||||||||
59 | Nukem | Shenzi | CMS02 V2 | |||||||||||||||||||||||
60 | Cockpit | AuthBy | Records | |||||||||||||||||||||||
61 | Clue | Slort | Trails | |||||||||||||||||||||||
62 | Extplorer | Hepet | Dolphin V2 | |||||||||||||||||||||||
63 | Postfish | DVR4 | Crash | |||||||||||||||||||||||
64 | Hawat | Mice | AWS (Not in the exam) | Natural | ||||||||||||||||||||||
65 | Walla | Monster | Pathway | Mantis | ||||||||||||||||||||||
66 | PC | Fish | Fed V2 | |||||||||||||||||||||||
67 | Apex | CMS01 | ||||||||||||||||||||||||
68 | Sorcerer | Tracking | ||||||||||||||||||||||||
69 | Sybaris | JS01 | ||||||||||||||||||||||||
70 | Peppo | PBX | ||||||||||||||||||||||||
71 | Hunit | Code V2 | ||||||||||||||||||||||||
72 | Readys | Teamspeak | ||||||||||||||||||||||||
73 | Astronaut | CMS101 | ||||||||||||||||||||||||
74 | Bullybox | FW01 | ||||||||||||||||||||||||
75 | Marketing | Core | ||||||||||||||||||||||||
76 | Exfiltrated | Websrv01 | ||||||||||||||||||||||||
77 | Fanatastic | Mon02 | ||||||||||||||||||||||||
78 | QuackerJack | Graphs01 | ||||||||||||||||||||||||
79 | Wombo | PM V2 | ||||||||||||||||||||||||
80 | Flu | Tracker | ||||||||||||||||||||||||
81 | Roquefort | |||||||||||||||||||||||||
82 | Levram | |||||||||||||||||||||||||
83 | Mzeeav | |||||||||||||||||||||||||
84 | LaVita | |||||||||||||||||||||||||
85 | Xposedapi | |||||||||||||||||||||||||
86 | Zipper | |||||||||||||||||||||||||
87 | Workaholic | |||||||||||||||||||||||||
88 | Fired | |||||||||||||||||||||||||
89 | Scrutiny | |||||||||||||||||||||||||
90 | SPX | |||||||||||||||||||||||||
91 | Vmdak | |||||||||||||||||||||||||
92 | Mantis | |||||||||||||||||||||||||
93 | BitForge | |||||||||||||||||||||||||
94 | WallpaperHub | |||||||||||||||||||||||||
95 | Zab | |||||||||||||||||||||||||
96 | SpiderSociety | |||||||||||||||||||||||||
97 | ||||||||||||||||||||||||||
98 | HackSmarter | VulnLab / Hackthebox | ||||||||||||||||||||||||
99 | New platform made by the Hack Smarter community | VunLab is an amazing platform focused on red teaming, the platform recently joined hackthebox and vulnlab boxes will become available in hackthebox. For simplicity sake VulnLab and Hackthebox will keep being separate lists | ||||||||||||||||||||||||
100 | Linux | Windows | Active Directory and Networks | Linux | Windows | Active Directory and Networks | ||||||||||||||||||||