https://cyberquestor.com/tags/prep/Recent content in Prep on thecyberquestorHugoenMon, 20 Apr 2026 00:00:00 +0000https://cyberquestor.com/oscp/prep-strategy/Mon, 20 Apr 2026 00:00:00 +0000https://cyberquestor.com/oscp/prep-strategy/<h1 id="prep-strategy">prep strategy</h1> <p>What to study, in what order, and why. Full breakdown coming — here&rsquo;s the TL;DR.</p> <h2 id="the-ordered-stack">the ordered stack</h2> <ol> <li><strong>Foundations</strong> — Linux CLI, networking basics, bash + Python</li> <li><strong>Web</strong> — OWASP top 10, Burp Suite, PortSwigger labs</li> <li><strong>Enumeration</strong> — nmap, gobuster, methodology obsession</li> <li><strong>Exploitation</strong> — public exploits, Metasploit (and then <em>without</em> Metasploit)</li> <li><strong>Privilege escalation</strong> — Linux <em>and</em> Windows. Separately. Deeply.</li> <li><strong>Active Directory</strong> — Kerberos attacks, BloodHound, lateral movement</li> <li><strong>Buffer overflows</strong> — not on the modern exam, but worth understanding</li> </ol> <h2 id="the-8020">the 80/20</h2> <p>If you only do one thing: <strong>own a lot of boxes, take obsessive notes</strong>. PG Practice + HTB retired boxes got me further than any course.</p>