AI Summary: OSCP Tricks is a comprehensive resource designed to assist penetration testers preparing for the Offensive Security Certified Professional (OSCP) exam. It encompasses various techniques across critical areas such as information gathering, web application attacks, privilege escalation on both Linux and Windows systems, and more, supplemented with external links to useful tutorials and methodologies. Notable features include categorized attack vectors, detailed enumeration guides, and checklists to streamline the penetration testing process.

README

OSCP Tricks - Updated in 2026 - Welcome and good journey!

Trigger Tips

• Information Gathering
• Web Application Attacks
• Password Attacks
• Client-Side Attacks
• File Transfers
• Linux Enumeration and Privilege Escalation
• Windows Enumeration and Privilege Escalation
• Shell and Some Payloads
• Port Forwarding and Tunneling
• Active Directory

Other Tips

• Checklist - Linux Privilege Escalation - HackTricks
• Linux Privilege Escalation - HackTricks
• Checklist Windows Local Privilege Escalation - HackTricks
• Windows Local Privilege Escalation - HackTricks
• Active Directory Methodology - HackTricks
• Wordpress - HackTricks
• Drupal - HackTricks
• Joomla - HackTricks
• Tomcat - HackTricks
• Jenkins - HackTricks

Tutorials

• Information Gathering

  • Hack The Box Academy - Network Enumeration with Nmap
  • Hack The Box Academy - FootPrinting
  • Hack The Box Academy - Attacking Common Services
  • Hack The Box Academy - Information Gathering Web Edition
  • Try Hack Me - Walking An Application
  • Try Hack Me - Web Enumeration

• Web Application Attacks

  • Hack The Box Academy - Introduction to Web Applications
  • Hack The Box Academy - Web Attacks
  • Hack The Box Academy - File Inclusion
  • Hack The Box Academy - Abusing HTTP Misconfigurations
  • Hack The Box Academy - HTTP Attacks
  • Hack The Box Academy - SQL Injection Fundamentals
  • Hack The Box Academy - Blind SQL Injection
  • Hack The Box Academy - Advanced SQL Injection
  • Hack The Box Academy - Using Web Proxies
  • Hack The Box Academy - Attacking Web Applications with ffuf
  • Hack The Box Academy - Session Security
  • Hack The Box Academy - Attacking Authentication Mecanism
  • Hack The Box Academy - Web Service & API Attacks
  • Hack The Box Academy - Broken Authentication
  • Hack The Box Academy - File Upload Attacks
  • Hack The Box Academy - Whitebox Pentesting 101: Command Injection
  • Hack The Box Academy - Command Injections
  • Hack The Box Academy - Cross-Site Scripting (XSS)
  • Hack The Box Academy - Server-Side Attacks
  • Hack The Box Academy - Introduction to NoSQL Injection
  • Hack The Box Academy - Introduction to Deserialization Attacks
  • Try Hack Me - SQL Injection
  • Try Hack Me - SQL Injection Lab
  • Try Hack Me - Authentication Bypass
  • Try Hack Me - IDOR
  • Try Hack Me - SSRF
  • Try Hack Me - File Inclusion
  • Try Hack Me - Cross-Site Scripting
  • Try Hack Me - Command Injection
  • Try Hack Me - Upload Vulnerabilities
  • Try Hack Me - Bypass Disable Functions
  • PortSwigger Web Security Academy - SQL Injection
  • PortSwigger Web Security Academy - Cross-Site Scripting
  • PortSwigger Web Security Academy - XML external entity (XXE) injection
  • PortSwigger Web Security Academy - OS command injection
  • PortSwigger Web Security Academy - Server-side template injection
  • PortSwigger Web Security Academy - Directory traversal
  • PortSwigger Web Security Academy - Access control vulnerabilities
  • PortSwigger Web Security Academy - Information Disclosure
  • PortSwigger Web Security Academy - File upload vulnerabilities
  • PortSwigger Web Security Academy - Authentication
  • PortSwigger Web Security Academy - JWT attacks
  • PortSwigger Web Security Academy - CSRF
  • PortSwigger Web Security Academy - SSRF
  • PortSwigger Web Security Academy - Business logic vulnerabilities
  • PentesterLab - From SQL Injection to Shell
  • PentesterLab - From SQL injection to Shell II
  • PentesterLab - From SQL injection to Shell III
  • PentesterLab - SQL Injection 01
  • PentesterLab - SQL Injection 02
  • PentesterLab - SQL Injection 03
  • PentesterLab - SQL Injection 04
  • PentesterLab - SQL Injection 05
  • PentesterLab - SQL Injection 06
  • PentesterLab - XSS and MySQL FILE
  • PentesterLab - RCE via argument injection - PentesterLab
  • PentesterLab - Server Side Template Injection 01
  • PentesterLab - Server Side Template Injection 02
  • PentesterLab - Express Local File Read
  • PentesterLab - PHP Include And Post Exploitation
  • PentesterLab - File Include 01
  • PentesterLab - File Include 02
  • PentesterLab - File Upload 01
  • PentesterLab - File Upload 02
  • PentesterLab - CVE-2021-33564 Argument Injection in Ruby Dragonfly
  • PentesterLab - CVE-2014-6271/Shellshock

• Shells & Payloads

  • Hack The Box - Shells & Payloads

• Linux Enumeration and Privilege Escalation

  • Try Hack Me - Linux: Local Enumeration
  • Try Hack Me - Enumeration
  • Try Hack Me - Linux PrivEsc
  • Try Hack Me - Linux Privilege Escalation
  • Hack The Box Academy - Linux Privilege Escalation

• Windows Enumeration and Privilege Escalation

  • Hack The Box Academy - Windows Privilege Escalation
  • Try Hack Me - Enumeration
  • Try Hack Me - Windows PrivEsc
  • Try Hack Me - Windows PrviEsc Arena

• File Transfers

  • Hack The Box Academy - File Transfers

• Public Exploits (Localizing, Code Review, Improvements)

  • Try Hack Me - Vulnerabilities 101
  • Try Hack Me - Exploit Vulnerabilities
  • Try Hack Me - Vulnerability Capstone
  • Try Hack Me - Intro PoC Scripting

• Port Forwarding and Tunneling

  • Hack The Box Academy - Pivoting, Tunneling, and Port Forwarding
  • Try Hack Me - Wreath

• Active Directory

  • Hack The Box Academy - Introduction to Active Directory
  • Hack The Box Academy - Active Directory Enumeration Attacks
  • Hack The Box Academy - Active Directory LDAP
  • Hack The Box Academy - Active Directory PowerView
  • Hack The Box Academy - Active Directory BloodHound
  • Hack The Box Academy - Kerberos Attacks
  • Hack The Box Academy - Using crackmapexec
  • Hack The Box Academy - Password Attacks
  • Hack The Box Academy - Attacking Enterprise Networks
  • Try Hack Me - Active Directory Basics
  • Try Hack Me - Attacktive Directory
  • Try Hack Me - Attacking Kerberos
  • Try Hack Me - Breaching Active Directory
  • Try Hack Me - AD Enumeration
  • Try Hack Me - Lateral Movement and Pivoting
  • Try Hack Me - Exploiting Active Directory
  • Try Hack Me - Post-Exploitation Basics
  • Try Hack Me - HoloLive

• Pentest Report

  • Hack The Box Academy - Documentation & Reporting

Machines List

As you go through the list of machines, remember the changes that have occurred in the exam and disregard what has come out of the exam since the last relevant change. PEN-200 (PWK): Updated for 2023

• Lainkusanagi OSCP Like
• TJ_Null’s OSCP Prep - Youtube
• HackTheBox - Active Directory machines (OSCP) - Youtube
• Hack the Box - Forest - Active Directory - Youtube
• Beco do Exploit - Hack 30 machines in 30 days! - Youtube

-> Platforms

• PEN-200 (PWK)
• PG Practice
• Hack The Box
• Try Hack Me
• Vulnhub

Overview and Articles

• From Doubt to OSCP: My 5-Month Journey, First Failure, and Final Win - Omar Tamer
• My Journey to OSCP/OSCP+ exam - Bikram kharal
• OSCP+ Preparation Guide 2026: Complete Roadmap to Pass First Try - Hackerdna
• Conquering the OSCP+: A Guide to the Mental Marathon - Joshua Alwin
• My OSCP+ Journey Through Try Harder Concept (Failed, Failed, then Passed) - Yoga Bayu Aji Pranawa
• What the OSCP Really Tests (And What It Taught Me) - Payge W.
• Mastering OSCP+ in 2025–26 The Updated Exam, My Fails, Wins & how you can do it! - zeroDaykt
• Getting the Most Value Out of the OSCP: After the Exam - Kieran Croucher
• OSCP EXPERIENCE AND PREPARATION 2025 - Chidurala Tharun teja
• OSCP Mindset - Dave Probert
• My 3-Month Journey to Passing the OSCP on the First Try - KingOfPiratez
• OSCP+ what I learned & what matters most - real redinna
• How I Achieved 100 Points in OSCP in Just 3–4 Months — My 2025 Journey - Got Root?
• My OSCP Preparation and Exam Experience - Berkay Çarıkçıoğlu
• How I Conquered OSCP+ in 5 Months - Rahul Ravishankar
• My Journey to OffSec Certified Professional+ (OSCP+): from zero to hero - Ramazan
• The day I pass OSCP Exam | My OSCP Journey 2024 - Chananya Choosak
• My OSCP exam experience — The most intense 48 hours of my life! - Vineeth Jagadeesh
• The World’s First OSCP+ Exam Review - Tunahan TEKEOGLU
• Mastering the OSCP: A Comprehensive Guide to Preparation - Very Lazy Tech
• OSCP+: Step-by-Step Guide to Success - Astik Rawat
• How I passed the OSCP - nr_4x4
• OSCP 2024: A New Era in Cybersecurity Certification - MatSec
• OSCP: What Changed in 2024? - Motasem Hamdan
• My OSCP Journey in 2024: Learning How to Learn and Mastering the Art of Studying - Rian Friedt
• OSCP in 2024. My journey. - Dante
• How I passed my OSCP in 2024 - Suvam Adhikari
• How I passed OSCP+ in 2024 - Ruben Sousa
• OSCP 2024 Review - Cupochino
• OSCP 2023 version — A Small write-up on preparation and my exam experience - Neelamegha Kannan S
• Overview OSCP - rodolfomarianocy
• The road to OSCP in 2023 - Thexssrat
• Beginner’s To OSCP 2023- Daniel Kula
• OSCP Reborn - 2023 Exam Preparation Guide - johnjhacking
• OffSec OSCP Review & Tips (2023)- James Billingsley
• 2023 OSCP STUDY GUIDE (NEW EXAM FORMAT) - JOHN STAWINSKI IV
• The Journey to Becoming an OSCP - 0xBEN
• Exame OSCP - Jornada e Dicas - DECRIPTO SEC
• OSCP — Cracking The New Pattern - Jai Gupta

• For those who are old school and still don’t know: Buffer Overflows have been removed from the PEN-200 material and the OSCP exam since 2023, making it no longer necessary to study them.

Template Report

• OSCP Exam Report - OffSec
• OSCP Exam Report Template Markdown - noraj

Exam Guide

• OSCP+ Exam Guide - OffSec

Good preparation ;)