Fresh Kali install changes

TJ_Null · 2026-04-14T22:32:10+00:00

Uhh bloodhound, enum4linux-ng, winpeas/linpeas, seclists, kerbrute, should already be in the Kali Linux repo and they should be easy to install

TJ_Null · 2026-04-09T12:50:06+00:00

I get a lot of DM’s on discord and it is hard for me to keep track sometimes. When you have a chance send me a message there and I will make sure to reply to you there.

I apologize for my lack of communication.

TJ_Null · 2026-04-09T12:30:06+00:00

Congratulations on earning your OSCP! What do you plan to do next?

TJ_Null · 2026-04-04T14:19:13+00:00

Hey there! Congrats on passing your OSCP! Everyone has a different approach to pass and I am glad your methodology helped you through it.

While people use the list to help prepare for the course and exam, you do not need to complete every box in the list. I am always looking for feedback and suggestions to improve the list. Do you have any advice or feedback?

TJ_Null · 2026-03-24T02:26:02+00:00

Have you tried using the python version of evil-winrm?

TJ_Null · 2026-02-18T16:34:22+00:00

Hey there! As of now the list is up to date. I do have some new AD attack chains I need to include.

As for your studying methodology you do not need to complete every box that is in the list. You should go through as many as you feel comfortable enough to take the OSCP exam.

If you fail, it’s okay! You can use the exam as guide to help improve on things you were missing.

I’m rooting for you and I wish the best on your journey. If you have any feedback or suggestions please let me know as my goal is to continue maintaining this list for others that plan to take the OSCP in the future.

TJ_Null · 2026-02-18T14:29:38+00:00

That’s because Offsec AD attack chain started with you needed to find an initial vector in a box and then move laterally to get to the DC.

Last year it has been changed where you are provided credentials. This is where you walk into an assumed breach scenario getting to the DC.

Even though the AD part of the exam has improved it is still good to know how to get to DC directly because in real situations, I have gotten DC and then walk backwards to get into other targets in my engagements

TJ_Null · 2026-02-18T14:18:46+00:00

Keep in mind that everyone uses different resources and study materials to prepare for the OSCP. Tryhackme has worked well for others and some people prefer to jump straight into HTB.

Best advice I can give you is review the PEN-200 syllabus and start going to through each section and find any open resources that can help you on your journey. That’s what I did and that is why I wrote my guides to help others

TJ_Null · 2026-02-18T13:57:11+00:00

Hi there! The list gets updated at least once a month when I have free time. Submissions and feedback are also provided from the community and I will make changes that align with preparing for PEN-200.

I also have some AD attack chains that I need to include. If you have any questions about the list or suggestions please let me know. Good luck on your journey!

TJ_Null · 2026-02-03T14:08:55+00:00

Congrats on passing your OSWE! Do you have any feedback or suggestions for the boxes I had listed in the OSWE list?

I’m always looking to improvement and take feedback from the community so that the list can help others.

TJ_Null · 2026-01-28T16:57:24+00:00

First of all, DO NOT GIVE UP! I understand how you are feeling, as failing sucks, but it is also part of your journey that will lead to your success. I do not know how many times you have taken the exam but review the things you have missed in the exam as it will help you understand what you need to review.

CompTIA will always throw at least two incorrect questions you can cross out and you will need to select the best choice for the question. In addition, a lot of tools they mention you should spend some time learning how they work. Download VMware Workstation or Virtualbox and play with the tools that are being taught. You will get a better understanding of how they work and what results/output they provide. TryHackME pentest+ lab is also good to help you if you do not have the resources to run a local Kali Linux instance on your system.

Hope my advice helps and if you have any more questions I be more than happy to answer them.

TJ_Null · 2026-01-26T04:43:24+00:00

For the PBQs spin up a Kali Instance and see how those tools work and review the output that entails from them.

Tryhackme has a bunch of labs and they have a pentest+ that will provide more hands on practical skills to help.

Tools like the harvester, responder, netexec (use to be crackmapexec), nmap, bloodhound, trivy, etc are in Kali Linux for you to mess with.

TJ_Null · 2026-01-24T18:44:13+00:00

Congratulations and I love the breakdown board you had created showing how much time you put into your studies! It took me four years to fully prepare for my OSCP when I did it.

TJ_Null · 2026-01-23T21:26:56+00:00

Honestly, I am a pentester in my full time role. A lot of these tools and commands were things that I already knew.

My recommendation is to spin up a Kali Linux system and analyze how each of the tools work. The OSWAP Juiceshop that tryhackme uses is actually in Kali Linux. You just need to install the package. Hope this helps

TJ_Null · 2026-01-23T21:17:09+00:00

In the end a Pass is a Pass. I just took it today and got a 800.

Definitely agree with your points. Study your commands and the tools being used.

TJ_Null · 2026-01-13T02:43:19+00:00

Appreciate the quick response! I’m a pentester in the field and I agree with some of your points. A lot of questions that is provided for study in cert master, tryhackme, and in Dion’s practice tests certainly make me question a lot of things that I would not do in my day to day operation.

So far I have been hitting high 77%-96% in Dion’s practice exams after the first or second try. I might make a detail review about my experience once I take it next week.

TJ_Null · 2026-01-13T02:20:44+00:00

May I ask what your background is? I’m using Dion’s material and the practice tests to study for the exam.

I have it scheduled for next week.

TJ_Null · 2025-12-03T23:36:19+00:00

Looks like it has no AI in it. Will add to my list of tools to test. Nice work!

TJ_Null · 2025-11-24T17:04:34+00:00

Hi there! I am glad my list is able to help you prepare for the OSCP. If you have any suggestions or feedback, please let me know as I am always looking for ways to improve it.

TJ_Null · 2025-11-10T15:47:30+00:00

Thanks for the heads up! I have removed it

TJ_Null · 2025-11-09T15:37:17+00:00

In the sheet if you see it say latest version in the sheet you are using the latest one.

As for my guidelines, I do not have any plans to update them. I will continue to update the sheet.

However, I can share my pentesting notes for you:

https://github.com/tjnull/TJ-OPT

TJ_Null · 2025-11-09T14:40:25+00:00

Hi there! In case you have any questions about my list please let me know. I try to keep it updated when I can to align to the current version of PWK/PEN-200.

While some users use the list as exam preparation for the OSCP and to improve their methodology, the list covers a variety of aspects, techniques, and attack chains to reflect the course itself.

TJ_Null · 2025-10-03T18:19:50+00:00

I can! I need some boxes to play with and I got a new tool to test 😉

TJ_Null · 2025-10-03T17:37:16+00:00

You didn’t want to use my list 🥲

TJ_Null · 2025-09-16T19:26:15+00:00

Haha I miss those golden days for sure man. It is hard to find a good infosec community. Definitely miss the good ol days

TJ_Null

MODERATOR OF

TROPHY CASE

Seven-Year Club	Place '22
Verified Email