My OSCP Methodology guide

My OSCP Methodology guide

Follow on twitter:

Screenshot from git site.

I’ve recently completed my OSCP exam and thought good of sharing the methodology I’ve compiled from various sources. I’ve taken at least 30 days of lab time and so far this is one of the most challenging and rewarding exams.

I’ve used OneNote during my exam, however, recently ported my methodology to SwiftnessX (, a brilliant tool for penetration testers. The methodology will be released as part of the upcoming SwiftnessX version as part of the standard libraries.

I’ve included a screenshot of SwiftnessX just to show how amazing it is.

Screenshot from git site.

OSCP Methodology



The checklist aim to assist OSCP students with a baseline methodology for the labs and exam environments. Perform each check and paste the results underneath each command table. The commands which need to be changed is highlighted during each step.


  • Scanning
  • Enumeration
  • Exploitation
  • Privilege Escalation
  • Flags
  • Post Exploitation

Non OSCP machines

Some CTF machines you can practice on before taking the OSCP challenge.

  • Kioptrix: Level 1
  • Kioptrix: Level 1.1
  • Kioptrix: Level 1.2
  • Kioptrix: Level 1.3
  • FristiLeaks: 1.3
  • Stapler: 1
  • PwnLab: init
  • Pluck: 1
  • W1R3S: 1.0.1
  • Kioptrix: 2014
  • Brainpan: 1 (Part 1 of BO is relevant to OSCP only)
  • Mr-Robot: 1
  • HackLAB: Vulnix
  • VulnOS: 2
  • SickOs: 1.2
  • /dev/random: scream
  • pWnOS: 2.0
  • SkyTower: 1
  • IMF
  • Lord of the Root 1.0.1
  • Tr0ll
  • Pegasus
  • SkyTower
  • Metasploitable 3
  • Devel, Optimum, Bastard, Grandpa and Blue from Hack The Box.


I’ve created a copy of the methodology on Dropbox Paper:

Hold out until the new version of SwiftnessX release, the methodology will surely be included. Feel free to contact me for changes or additions.

Leave a Reply

Your email address will not be published. Required fields are marked *