OSCP Blog Series – List of Exercises and Extra Miles Exercises in OSCP

OSCP Blog List of exercises in OSCP 2

OSCP Blog List of exercises in OSCP 2

Well as I explained the importance of Lab reporting in my previous post, the reporting requires lot of effort as we need to cover all the exercises , extra mile exercises and minimum 10 Lab machines in that. This is worth doing as 5 marks from OSCP Lab Reporting makes a huge difference in OSCP result sometime as well as have other benefits which I have clearly explained in my previous post.  The PWK 2.0 have 104 exercises and 1 Extra mile exercise. In this post I am going to publish a list of exercises and extra mile exercise for ease of the student so that they can get a basic idea of the effort required in reporting and plan their course execution accordingly.

Note: I will not post any technical details about the exercises as this is against the Offensive Security policy. I will only list down the exercises with the exercise number and module name so that you can easily refer this list during your course.

You can refer all the module names from the OSCP syllabus which is publicly available at :

https://www.offensive-security.com/documentation/penetration-testing-with-kali.pdf

Based on the modules listed in the above OSCP syllabus, I will list the exercises and extra mile exercises.

 

Module – Penetration Testing with Kali Linux: General Course Information
Exercise – None

Module – Getting Comfortable with Kali Linux
Exercise – 2.4.3.4

Module – Command Line Fun
Exercises –
3.1.3.2
3.2.5.1
3.3.5.1
3.5.3.1
3.6.3.1
3.7.2.1
3.8.3.1
3.9.3.1

Module – Practical Tools
Exercises –
4.2.4.1
4.3.8.1
4.4.5.1
4.5.3.1

Module – Bash Scripting
Exercise – 5.7.3.1

Module – Passive Information Gathering
Exercises –
6.3.1.1
6.4.1.1
6.5.1.1
6.7.1.1
6.12.1.1
6.13.2.1

Module – Active Information Gathering
Exercises –
7.1.6.3
7.2.2.9
7.3.2.1
7.4.2.1
7.5.1.1
7.6.3.6

Module – Vulnerability Scanning
Exercises –
8.2.4.2
8.2.5.2
8.2.6.1
8.3.1.1

Module – Web Application Attacks
Exercises –
9.3.4.1
9.4.1.3
9.4.2.5
9.4.3.2
9.4.4.5
9.4.4.7
9.4.4.10
9.4.5.4
9.4.5.9
9.4.5.11
9.4.5.13

Module – Introduction to Buffer Overflows
Exercise – 10.2.5

Module – Windows Buffer Overflows
Exercises –
11.1.1.2
11.2.3.1
11.2.5.1
11.2.7.1
11.2.9.1
11.2.10.1
11.2.10.2 – Extra Mile Exercise

Module – Linux Buffer Overflows
Exercises –
12.2.1.2
12.3.1.1
12.5.1.1
12.6.1.1
12.7.1.1

Module – Client-Side Attacks
Exercises –
13.2.2.1
13.3.2.1
13.3.3.1
13.3.4.1

Module – Locating Public Exploits
Exercise – 14.3.1.1

Module – Fixing Exploits
Exercises –
15.1.3.1
15.1.4.1
15.1.5.1
15.1.6.1
15.1.7.1
15.2.3.1
15.2.4.1

Module – File Transfers
Exercise – None

Module – Antivirus Evasion
Exercises –
17.3.3.2
17.3.3.4

Module – Privilege Escalation
Exercises –
18.1.1.13
18.1.2.1
18.2.3.2
18.2.4.1
18.3.2.1
18.3.3.1

Module – Password Attacks
Exercise – 19.4.2.1

Module – Port Redirection and Tunneling
Exercises –
20.1.1.1
20.2.1.1
20.2.2.2
20.2.3.1
20.3.1.1
20.4.1.1
20.5.1.1

Module – Active Directory Attacks
Exercises –
21.2.1.1
21.2.2.1
21.2.3.1
21.2.4.1
21.2.5.2
21.3.3.1
21.3.4.1
21.3.5.1
21.4.2.1
21.4.3.1
21.4.4.1
21.5.1.1

Module – The Metasploit Framework
Exercises –
22.1.3.1
22.2.1.1
22.3.3.2
22.3.7.1
22.4.1.1
22.5.4.1
22.6.1.1

Module – PowerShell Empire
Exercises –
23.1.3.1
23.3.1.1

Module – Assembling the Pieces: Penetration Test Breakdown
Exercises –
24.2.2.2
24.5.1.1

 

 

Author: Yogesh Prasad

Information Security Professional | Cyber Security Expert | Ethical Hacker | Founder – Hackers Interview

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe Us