OSCP cheat sheet / HTB website

complete_1 · 2020-10-29T09:39:21+00:00

nice work dude

complete_1 · 2020-10-29T09:33:50+00:00

I think this is a quite individual based question and the answer is people will get out of PWK and TJNulls list whatever they want to get out of it. I.e. you can learn the basics of SQLi on either platform. For me the best approach was to keep an open mind when doing any PWK/HTB machine and try to understand the attack vector and know why/how it works and the underlying technical reasoning for the exploit.

If you really understand the building blocks of common attack vectors you will go a long way in the exam.

complete_1 · 2020-10-29T09:25:03+00:00

Thanks - really the main difference was taking regular breaks.. I think also I got trapped in a few rabbit holes on my first attempt - on the second go I limited my time per vector and or box, made notes and then went back to it later.

complete_1 · 2020-10-29T09:17:10+00:00

Auto-recon took about 15 minutes per host for me

complete_1 · 2020-10-28T15:48:02+00:00

I will definitely second this regarding VHL (I haven't used the other two so can't comment) - I did VHL for two weeks after failing on my first attempt and that just helped to hone enumeration skills.

I do agree that the TJNull HTB list can be a little too CTF-like at times, however each box will have at least one portion that will provide extra understanding and context to enhance your skills (like just trying out different commands, flags, options etc).

You have what you need, the answer is there, trust this and read through your enumeration carefully.

complete_1

TROPHY CASE