| A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z | |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1 | LainKusanagi list of OSCP like machines | |||||||||||||||||||||||||
2 | >Whoami | >What is this list for | ||||||||||||||||||||||||
3 | -Before and while doing PEN 200 course and after failing my first attempt I completed multiple machines in multiple hacking platforms. -I did all the PEN 200 course along with all the challenge labs that where introduced in the 2023 version of the PEN 200 (including the challenge lab network other people skip). -I failed my first attempt with 60 points and then passed my second attempt with 90 points. I experienced completely different exam sets in each attempt. -I also did the challenge labs added on October 2024 before my learn one subscription ended. -All of this experience gave me a good sense of what is OffSec style of boxes and what is important to know in the exam Have feedback or suggestions? Let me know here: https://x.com/unknownseeker99 https://www.reddit.com/user/JosefumiKafka/ https://www.linkedin.com/in/luis-moret-4a42ab246/ | -This is a list of machines I consider good for practice before doing the PEN 200 course, challenge labs and OSCP exam however this is not a replacement for the actual course and I recommend you to go through all of the course, exercises and challenges before attempting the exam. -The machines in this list where selected because either they teach important techniques and concepts found in the course and labs, have similar style to machines made by offsec or where in a way crucial to helping me develop my methodology and help me pass my exam. -This list overlaps a lot with the famous TJ Null list however it also filters out boxes that may be too outside of the scope of the PEN 200 and OSCP exam and includes boxes from other hacking platforms such as HackSmarter and VirtualHackingLabs, still I added some boxes in this list that may have elements harder than OSCP but I believe are worth doing as they may have some other aspect that is crucial to know and practice Support me: https://buymeacoffee.com/lainkusanagi | ||||||||||||||||||||||||
4 | >Useful forks made by the community (I do not maintain these forks so they may not reflect latest changes): -List with difficulty ratings made by Jubba402 https://docs.google.com/spreadsheets/d/13YoNQuY6HC5ot-lZiX2tY9pR5mvwnp3xV6lHs78DlqQ/ -Study tracker combining this list and TJ Null list with difficulty ratings made by Obeyeater https://docs.google.com/spreadsheets/d/1nzEN0G6GzneWCfs6qte6Qqv-i8cV_j6po-tFlZAOx1k/ >Other useful resources for practice and study: Hacker Blueprint OSCP Practice labs https://www.youtube.com/playlist?list=PLM1644RoigJvm0L7RcK-64aVTp1vZkDv5 Derron C OSCP Practice labs https://www.youtube.com/playlist?list=PLT08J44ErMmb9qaEeTYl5diQW6jWVHCR2 | |||||||||||||||||||||||||
5 | ||||||||||||||||||||||||||
6 | OSCP-LK Practice Exam: https://buymeacoffee.com/lainkusanagi/e/542033 | |||||||||||||||||||||||||
7 | ||||||||||||||||||||||||||
8 | Hackthebox | HackSmarter | ||||||||||||||||||||||||
9 | Start learning to Try harder here. Don’t fully skip hackthebox some boxes have important concepts that are rare even in PG practice like SNMP and Keepass also AD ones are pretty good practice even if harder than OSCP in some ways. At the very least watch ippsec videos and take notes | New platform made by the Hack Smarter community | ||||||||||||||||||||||||
10 | Linux | Windows | Active Directory and Networks | Linux | Windows | Active Directory and Networks | ||||||||||||||||||||
11 | Sea | Markup | Active | BankSmarter | Slayer | ShareThePain | ||||||||||||||||||||
12 | Nibbles | Jerry | Forest | Ascension | Sysco | |||||||||||||||||||||
13 | Solidstate | Netmon | Sauna | Talisman | StellarComms | |||||||||||||||||||||
14 | Poison | Servmon | Flight | Verbose (harder) | MartiniAD | |||||||||||||||||||||
15 | Editor | Chatterbox | Return | Exception | ||||||||||||||||||||||
16 | Sunday | Jeeves | Blackfield | Samurai | ||||||||||||||||||||||
17 | Keeper | Sniper | Cicada | Assumed Breach Scenarios: | ||||||||||||||||||||||
18 | Pilgrimage | Querier | TheFrizz (harder) | Building Magic | ||||||||||||||||||||||
19 | Cozyhosting | Giddy | PivotSmarter (small network) | |||||||||||||||||||||||
20 | Codify | Bounty | Assumed Breach Scenarios: | |||||||||||||||||||||||
21 | Tartarsauce | Artic | Administrator | |||||||||||||||||||||||
22 | Jarvis | Remote | Networks: | |||||||||||||||||||||||
23 | Tabby | Buff | Odyssey (harder but good practice) | |||||||||||||||||||||||
24 | Usage | Love | ||||||||||||||||||||||||
25 | Mentor | Secnotes | Priv Esc not in scope but good practice: | Priv Esc not in scope but good practice: | ||||||||||||||||||||||
26 | Devvortex | Access | Monteverde | ShadowGate | ||||||||||||||||||||||
27 | Irked | Mailing | Escape | Welcome (Assumed breach) | ||||||||||||||||||||||
28 | Popcorn | Heist | EscapeTwo (Assumed breach) | Arasaka (Assumed breach) | ||||||||||||||||||||||
29 | Bashed | Certified (Assumed breach) | Anomaly (harder / network) | |||||||||||||||||||||||
30 | Broker | Puppy (harder) | Lumon Industries (Assumed breach) | |||||||||||||||||||||||
31 | Silentium | Timelapse (harder) | 404 bank (Harder) | |||||||||||||||||||||||
32 | Networked | Signed (Assumed breach) | NovaCart (Harder) | |||||||||||||||||||||||
33 | UpDown | |||||||||||||||||||||||||
34 | Swagshop | ProLabs: | AWS (Not in the exam) | |||||||||||||||||||||||
35 | Nineveh | Dante | Sns_secrets | |||||||||||||||||||||||
36 | Pandora | Zephyr (harder) | Static | |||||||||||||||||||||||
37 | OpenAdmin | |||||||||||||||||||||||||
38 | Precious | AWS (Not in the exam) | ||||||||||||||||||||||||
39 | Busqueda | Epsilon | Update: | |||||||||||||||||||||||
40 | Monitored | Gobox | 4/19/2026 Silentium will replace Analytics in htb list | |||||||||||||||||||||||
41 | BoardLight | Bucket | 4/20/2026 Added Samurai to HackSmarter list | |||||||||||||||||||||||
42 | Magic | Facts | 5/3/2026 Added NovaCart to HackSmarter list | |||||||||||||||||||||||
43 | Help | 5/10/2026 Added ShadowGate to HackSmarter list | ||||||||||||||||||||||||
44 | Editorial | 5/15/2026 Added MartiniAD to HackSmarter list | ||||||||||||||||||||||||
45 | Builder | |||||||||||||||||||||||||
46 | Linkvortex | |||||||||||||||||||||||||
47 | UnderPass | |||||||||||||||||||||||||
48 | Dog | |||||||||||||||||||||||||
49 | Cctv | |||||||||||||||||||||||||
50 | ||||||||||||||||||||||||||
51 | Proving Grounds Practice | VulnLab / Hackthebox | ||||||||||||||||||||||||
52 | The real OSCP like boxes, this is just a list with the ones that are best practice and removing the overly complicated ones that are too out of scope and those that were boxes meant to be mostly for OSEP and OSED (example Kyoto and Nara) that were in TJNull list plus adding some new ones | VunLab is an amazing platform focused on red teaming, the platform recently joined hackthebox and vulnlab boxes will become available in hackthebox. For simplicity sake VulnLab and Hackthebox will keep being separate lists. | ||||||||||||||||||||||||
53 | Linux | Windows | Active Directory and Networks | Linux | Windows | Active Directory and Networks | ||||||||||||||||||||
54 | ClamAV | Kevin | Access | Sync | Escape | Baby | ||||||||||||||||||||
55 | Pelican | Internal | Nagoya | Data | Job | Baby2 | ||||||||||||||||||||
56 | Payday | Algernon | Hokkaido | Build | Job2 | Breach | ||||||||||||||||||||
57 | Snookums | Jacko | Vault | Forgotten | Lock | Sweep | ||||||||||||||||||||
58 | Bratarina | Craft | Bamboo | Sendai | ||||||||||||||||||||||
59 | Pebbles | Squid | Treat it like a small network | |||||||||||||||||||||||
60 | Nibbles | Nickel | SkillForge (Linux) | Chains: | ||||||||||||||||||||||
61 | Hetemit | MedJed | Trusted | |||||||||||||||||||||||
62 | ZenPhoto | Billyboss | Priv Esc not in scope but good practice: | Reflection | ||||||||||||||||||||||
63 | Nukem | Shenzi | Hutch | Hybrid | ||||||||||||||||||||||
64 | Cockpit | AuthBy | Resourced | Lustrous | ||||||||||||||||||||||
65 | Clue | Slort | ||||||||||||||||||||||||
66 | Extplorer | Hepet | Assumed Breach Scenarios: | |||||||||||||||||||||||
67 | Postfish | DVR4 | Heron (Chain) | |||||||||||||||||||||||
68 | Hawat | Mice | AWS (Not in the exam) | |||||||||||||||||||||||
69 | Walla | Monster | Pathway | |||||||||||||||||||||||
70 | PC | Fish | ||||||||||||||||||||||||
71 | Apex | Proving Grounds Play | ||||||||||||||||||||||||
72 | Sorcerer | |||||||||||||||||||||||||
73 | Sybaris | Mostly boxes from vulnhub hosted by offsec for free | ||||||||||||||||||||||||
74 | Peppo | Linux | Windows | |||||||||||||||||||||||
75 | Hunit | Amaterasu | Sams | |||||||||||||||||||||||
76 | Readys | Loly | ||||||||||||||||||||||||
77 | Astronaut | Potato | ||||||||||||||||||||||||
78 | Bullybox | Stapler | ||||||||||||||||||||||||
79 | Marketing | BBScute | ||||||||||||||||||||||||
80 | Exfiltrated | Gaara | ||||||||||||||||||||||||
81 | Fanatastic | Blogger | ||||||||||||||||||||||||
82 | QuackerJack | FunboxEasyEnum | ||||||||||||||||||||||||
83 | Wombo | GlasgowSmile | ||||||||||||||||||||||||
84 | Flu | |||||||||||||||||||||||||
85 | Roquefort | |||||||||||||||||||||||||
86 | Levram | |||||||||||||||||||||||||
87 | Mzeeav | |||||||||||||||||||||||||
88 | LaVita | |||||||||||||||||||||||||
89 | Xposedapi | |||||||||||||||||||||||||
90 | Zipper | |||||||||||||||||||||||||
91 | Workaholic | |||||||||||||||||||||||||
92 | Fired | |||||||||||||||||||||||||
93 | Scrutiny | |||||||||||||||||||||||||
94 | SPX | |||||||||||||||||||||||||
95 | Vmdak | |||||||||||||||||||||||||
96 | Mantis | |||||||||||||||||||||||||
97 | BitForge | |||||||||||||||||||||||||
98 | WallpaperHub | |||||||||||||||||||||||||
99 | Zab | |||||||||||||||||||||||||
100 | SpiderSociety | |||||||||||||||||||||||||