| A | B | C | D | E | F | G | H | I | |
|---|---|---|---|---|---|---|---|---|---|
1 | LainKusanagi list of OSCP like machines | ||||||||
2 | >Whoami | >What is this list for | |||||||
3 | -Before and while doing PEN 200 course and after failing my first attempt I completed multiple machines in multiple hacking platforms. -I did all the PEN 200 course along with all the challenge labs that where introduced in the 2023 version of the PEN 200 (including the challenge lab network other people skip). -I failed my first attempt with 60 points and then passed my second attempt with 90 points. I experienced completely different exam sets in each attempt. -All of this experience gave me a good sense of what is OffSec style of boxes and what is important to know in the exam Have feedback or suggestions? Let me know here: https://x.com/unknownseeker99 https://www.linkedin.com/in/luis-moret-4a42ab246/ https://www.reddit.com/user/JosefumiKafka/ | -This is a list of machines I consider good for practice before doing the PEN 200 course, challenge labs and OSCP exam however this is not a replacement for the actual course and I recommend you to go through all of the course, exercises and challenges before attempting the exam. -The machines in this list where selected because either they teach important techniques and concepts found in the course and labs, have similar style to machines made by offsec or where in a way crucial to helping me develop my methodology and help me pass my exam. -This list overlaps a lot with the famous TJ Null list however it also filters out boxes that may be too outside of the scope of the PEN 200 and OSCP exam and includes boxes from other hacking platforms such as Tryhackme and VirtualHackingLabs, still I added some boxes in this list that may have elements harder than OSCP but I believe are worth doing as they may have some other aspect that is crucial to know and practice | |||||||
4 | OSCP EXAM WILL UNDERGO CHANGES ON NOVEMBER!! THIS LIST MAY CHANGE IN THE FUTURE BE SURE TO KEEP UPDATED WITH NEWS FROM OFFSEC | ||||||||
5 | What you may need to know for Assumed Breach AD: https://www.reddit.com/r/oscp/comments/1f5ojaq/assumed_breach_ad_what_you_may_need_to_know/ | ||||||||
6 | Hackthebox | Tryhackme | |||||||
7 | Start learning to Try harder here. Don’t fully skip hackthebox some boxes have important concepts that are rare even in PG practice like SNMP and Keepass also AD ones are pretty good practice even if harder than OSCP in some ways. At the very least watch ippsec videos and take notes | More guided and friendly approach for some rooms but still great boxes and rooms for prep. Active Directory ones here are very good practice for the OSCP. | |||||||
8 | Linux | Windows | Active Directory and Networks | Linux | Windows | Active Directory and Networks | Other recommended rooms | ||
9 | Sea | Jerry | Active | Mr Robot | Steel Mountain | Attacktive Directory | SQL Injection Lab | ||
10 | Nibbles | Netmon | Forest | Thompson | Year of the Owl | Attacking Kerberos | Linux Privilege Escalation | ||
11 | Solidstate | Servmon | Sauna | Kenobi | Retro | Wreath Network | Windows Privilege Escalation | ||
12 | Poison | Chatterbox | Monteverde | GameZone | Alfred | Git Happens | |||
13 | Knife | Jeeves | Timelapse | Skynet | Relevant | Assumed Breach Scenarios: | NahamStore | ||
14 | Sunday | Sniper | Flight | Daily bugle | Blueprint | Corp | |||
15 | Keeper | Querier | Return | Lazy admin | Hackpark | Lateral Movement and Pivoting | |||
16 | Pilgrimage | Acute | Blackfield | Tomghost | Weasel | Exploiting Active Directory | |||
17 | Cozyhosting | Bounty | Cicada | Rootme | AllSignsPoint2Pwnage | ||||
18 | Codify | Artic | CMesS | Anthem | |||||
19 | Tartarsauce | Remote | ProLabs: | Ultratech | |||||
20 | Jarvis | Buff | Dante | Internal | |||||
21 | Tabby | Love | Zeno | ||||||
22 | Usage | Secnotes | Boiler CTF | ||||||
23 | Mentor | Access | Wonderland | ||||||
24 | Devvortex | Mailing | |||||||
25 | Irked | Update: | |||||||
26 | Popcorn | 9/20/2024 VulnLab list completed | |||||||
27 | Bashed | 9/25/2024 Vault added back to pg practice, I guess GPOs are in scope now | |||||||
28 | Broker | 9/28/2024 Added Cicada to htb list | |||||||
29 | Analytics | 10/1/2024 Added Builder to htb list | |||||||
30 | Networked | 10/13/20234 Added SPX to pg practice list | |||||||
31 | UpDown | ||||||||
32 | Swagshop | ||||||||
33 | Nineveh | ||||||||
34 | Pandora | ||||||||
35 | OpenAdmin | ||||||||
36 | Precious | ||||||||
37 | Busqueda | ||||||||
38 | Monitored | ||||||||
39 | BoardLight | ||||||||
40 | Magic | ||||||||
41 | Help | ||||||||
42 | Editorial | ||||||||
43 | Builder | ||||||||
44 | |||||||||
45 | Proving Grounds Practice | Virtual Hacking Labs | |||||||
46 | The real OSCP like boxes, this is just a list with the ones that are best practice and removing the overly complicated ones that are too out of scope and those that were boxes meant to be mostly for OSEP and OSED (example Kyoto and Nara) that were in TJNull list plus adding some new ones | Very under rated platform with very OSCP like machines, people that have used it really recommend it for OSCP including me. It has been very crucial help for those that have failed attempts to be able to pass and they are good practice for standalones. | |||||||
47 | Linux | Windows | Windows Active Directory | Linux | Windows | ||||
48 | ClamAV | Kevin | Access | Techblog | Steven | ||||
49 | Pelican | Internal | Resourced | Backupadmin V2 | Aaron | ||||
50 | Payday | Algernon | Nagoya | Web01-Dev V2 | Anthony | ||||
51 | Snookums | Jacko | Hokkaido | Web01-Prd V2 | Jennifer | ||||
52 | Bratarina | Craft | Hutch | Forum | WinAS01 | ||||
53 | Pebbles | Squid | Vault | Quick | AS45 | ||||
54 | Nibbles | Nickel | Tiki | Trace | |||||
55 | Hetemit | MedJed | Helpdesk V2 | React | |||||
56 | ZenPhoto | Billyboss | VPS1723 V2 | ||||||
57 | Nukem | Shenzi | CMS02 V2 | ||||||
58 | Cockpit | AuthBy | Records | ||||||
59 | PyLoader | Slort | Trails | ||||||
60 | Clue | Hepet | Dolphin V2 | ||||||
61 | Extplorer | DVR4 | Crash | ||||||
62 | Postfish | Natural | |||||||
63 | Hawat | Mantis | |||||||
64 | Walla | Fed V2 | |||||||
65 | PC | CMS01 | |||||||
66 | Apex | Tracking | |||||||
67 | Sorcerer | JS01 | |||||||
68 | Sybaris | PBX | |||||||
69 | Peppo | Code V2 | |||||||
70 | Hunit | Teamspeak | |||||||
71 | Readys | CMS101 | |||||||
72 | Astronaut | FW01 | |||||||
73 | Bullybox | Core | |||||||
74 | Marketing | Websrv01 | |||||||
75 | Exfiltrated | Mon02 | |||||||
76 | Fanatastic | Graphs01 | |||||||
77 | QuackerJack | PM V2 | |||||||
78 | Wombo | Tracker | |||||||
79 | Flu | ||||||||
80 | Roquefort | ||||||||
81 | Levram | ||||||||
82 | Mzeeav | ||||||||
83 | LaVita | ||||||||
84 | Xposedapi | ||||||||
85 | Zipper | ||||||||
86 | Ochima | ||||||||
87 | Fired | ||||||||
88 | Scrutiny | ||||||||
89 | SPX | ||||||||
90 | |||||||||
91 | Proving Grounds Play | VulnLab | |||||||
92 | Mostly boxes from vulnhub hosted by offsec for free | Platform with realistic scenarios, really good for learning Windows and AD exploitation. | |||||||
93 | Linux | Linux | Windows | Active Directory and Networks | |||||
94 | Amaterasu | Sync | Escape | Baby | |||||
95 | Loly | Data | Job | Baby2 | |||||
96 | Potato | Build | Job2 | Breach | |||||
97 | Stapler | Phantom | |||||||
98 | BBScute | Sweep | |||||||
99 | Gaara | ||||||||
100 | Blogger | Chains: | |||||||
101 | Trusted | ||||||||
102 | Reflection | ||||||||
103 | Hybrid | ||||||||
104 | Lustrous | ||||||||
| A | B | C | D | E | F | G | H | I | |
|---|---|---|---|---|---|---|---|---|---|
1 | LainKusanagi list of Post-OSCP Red Teaming Machines | ||||||||
2 | >Work in Progress | ||||||||
3 | |||||||||
4 | |||||||||
5 | Hackthebox | ||||||||
6 | Linux | Windows | Active Directory and Networks | ||||||
7 | ScriptKiddie | Querier | Sauna | ||||||
8 | Aero | Forest | |||||||
9 | Mailing | Intelligence | |||||||
10 | Atom | Cascade | |||||||
11 | Compiled | Monteverde | |||||||
12 | Acute | Blackfield | |||||||
13 | Return | ||||||||
14 | Timelapse | ||||||||
15 | StreamIO | ||||||||
16 | Office | ||||||||
17 | Freelancer | ||||||||
18 | Blazorized | ||||||||
19 | Manager | ||||||||
20 | |||||||||
21 | ProLabs: | ||||||||
22 | Zephyr | ||||||||
23 | |||||||||