Core Tool Arsenal for OSCP

Core Tool Arsenal for OSCP

Kali Linux provides the foundational platform containing most necessary tools, but customization and additions optimize efficiency. Essential enumeration tools include Nmap for port scanning, Gobuster and Feroxbuster for web directory enumeration, enum4linux for SMB enumeration, and snmpwalk for SNMP investigation. Master these tools' advanced features rather than memorizing basic syntax—understanding enables adaptation when standard approaches fail.

Exploitation tools permitted in OSCP require careful selection given Metasploit restrictions. SearchSploit provides offline access to Exploit-DB, enabling rapid vulnerability research. Compile a collection of manual exploits for common services, modifying as needed for specific targets. Python and bash scripting abilities prove invaluable for exploit modification and custom tool development. Focus on understanding exploitation rather than collecting tools.

Post-exploitation tools enhance privilege escalation and lateral movement capabilities. Linux enumeration scripts like LinPEAS and LinEnum accelerate privilege escalation discovery. Windows equivalents include WinPEAS and PowerUp. Maintain multiple transfer methods—Python HTTP servers, SMB shares, and base64 encoding—as restrictive environments require creative file movement. Build personal script collections addressing common scenarios.

Documentation tools significantly impact exam success through efficient note-taking and reporting. CherryTree provides hierarchical note organization ideal for multiple target tracking. Obsidian offers markdown-based notes with powerful linking capabilities. Develop consistent screenshot naming conventions and folder structures before the exam. Prepare report templates adapting successful previous submissions rather than creating from scratch under pressure.