Introduction
A curated list of community resources to complement OffSec’s official PEN-200 material.
Practice Box Lists
Community-maintained spreadsheets of machines that closely mirror the style and difficulty of OSCP exam boxes. Work through as many of these as you can before your exam until you feel comfortable solving them with minimal-to-no hints.
When working through these lists, prioritize PG boxes first. Use HTB machines to fill in gaps or for additional Active Directory practice.
TJNull's PWK List
The original community go-to list, curated by TJNull. Contains HTB, PG Practice, and VulnHub machines mapped to the PEN-200 course modules.
Lain's OSCP-Like List
Lainkusanagi’s actively maintained list of OSCP-like machines. Broader and more frequently updated than TJNull’s list, with difficulty ratings and OS tags.
Community Walkthroughs
Mostly for HTB boxes. PG walkthroughs are usually restricted to OffSec PG subscribers only.
0xdf Hacks Stuff
Detailed written writeups for HTB machines and select PG boxes. One of the most thorough and well-structured walkthrough blogs in the community.
IppSec.rocks
Keyword search across IppSec’s HTB video walkthroughs. Great for finding demonstrations of a specific technique or tool in context.
Methodologies
NTH Security’s OSCP Standalone Methodology
One of the best videos on building a structured approach to standalone boxes. A great complementary watch alongside the OSCP Methodology.Cheatsheets
Useful references for techniques and commands during both preparation and the exam itself. There are an abundance of “OSCP Cheatsheets” out there (technically including mine LOL), so I won’t be explicitly referencing them here.
The Hacker's Recipe
While not OSCP-focused, the best cheatsheet in terms of structure and depth. Also includes a companion tools reference.
HackTricks
The OG hacking cheatsheet. Do be aware that it contains a lot of content outside OSCP scope. Be careful not to fall into rabbit holes.