# External Resources ### More Lab Practice * [Offensive Security Proving Grounds (Practice)](https://www.offensive-security.com/labs/individual/) - At $20/month, Proving Grounds Practice was the best external resource I encountered to simulate like boxes. I also found it to be much more helpful than the course labs for the following reasons: * Boxes designed and vetted by Offensive Security that mirror the exam boxes, both difficulty rating and techniques required. * Dedicated (i.e. not shared like OSCP labs) * Clear difficulty rating of easy, medium, and hard. These ratings were in line with the exam boxes I encountered. * Box hints for initial access and privilege escalation that don't give the answer away but give direction of what to focus on. * Box walkthroughs which I found to be much more helpful than the Offensive Security forums. The walkthroughs are very thorough and helped me understand why I missed something. ### Buffer Overflow * [Tib3rius Buffer Overflow Pentest Cheatsheet](https://github.com/Tib3rius/Pentest-Cheatsheets/blob/master/exploits/buffer-overflows.rst) - Learn to use the Mona Immunity debugger, which saves a lot of time in testing for badchars. * [Tib3rius' TryHackMe buffer overflow prep room](https://tryhackme.com/room/bufferoverflowprep) - This room provides 10 buffer overflow challenges that are very similar to the buffer overflow encountered on the exam. ### Windows and Linux Privilege Escalation * Tib3rius has created the following Udemy courses for $20 each and they are well worth the money. The OffSec coursework touches on both Linux and Windows privesc but the Udemy courses cover most all privesc techniques likely to be required in the exam. * [Windows Privilege Escalation for OSCP & Beyond!](https://www.udemy.com/course/windows-privilege-escalation/) * [Linux Privilege Escalation for OSCP & Beyond!](https://www.udemy.com/course/linux-privilege-escalation/) ### Pentesting Techniques/Resources * [Books.hacktricks.xyz](https://book.hacktricks.xyz/) ### Shells * [Github PayloadsAllTheThings](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://www.blakejarvis.com/oscp/oscp-external-resources.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.