Beyond the Scan: Mastering the One-Page OSCP Workflow If your Obsidian notes feel “full” but still don’t tell you what to do next, the problem isn’t Nmap—it’s shape. Raw scan data is honest, but it’s not readable when you’re tired. When you can’t retrieve that SMB host from two days ago, you don’t just lose … Read more
Ten points. One target. Zero “I swear it worked last night.” If you’ve ever “owned” a lab box and then couldn’t recreate the path the next day without improvising, your problem isn’t intelligence—it’s a workflow that doesn’t survive fatigue. In OSCP/OSCP+ practice, that gap quietly burns time, confidence, and (when it matters) scorable proof. Keep … Read more
Mastering the OSCP+ Pivot: Precision Over Guesswork The fastest way to lose half a day in an OSCP+ lab isn’t failing an exploit—it’s building a pivot that “works” for a browser and quietly breaks everything else. That pain has a shape: mixed traffic (HTTP + SMB/AD + RDP/WinRM), proxy-ignorant tools, and DNS behaving like a … Read more
Obsidian OSCP Enumeration Template Most OSCP notes don’t fail because you “forgot a command.” They fail because, the next day, you can’t recreate what you proved—and your confidence turns into rework. This template is built for that exact moment: you’re tired, timeboxed, and one missing breadcrumb quietly costs you an hour. Keep guessing, and you … Read more
Troubleshooting Kioptrix: No IP Address in VirtualBox (Host-Only) If you’ve burned 20–45 minutes watching a Kioptrix VM boot perfectly—then sit there with no lease, no target, no IP—you already know the worst part: VirtualBox makes a broken Host-Only setup look “fine.” This guide fixes Kioptrix no IP address in VirtualBox (Host-Only) the reliable way: one … Read more
Beyond the Banner: A Disciplined Approach to Kioptrix Level 1 The fastest way to fail a “simple” box is to treat a Samba banner like a contract—and a random PoC like a magic spell. Kioptrix Level 1 Without Metasploit is where that illusion dies: the version looks old, the exploit link looks tempting, and then … Read more
The OSCP Rabbit Hole Rule The rule is simple and brutal: time is a vulnerability, and it will be exploited—by indecision. One “quick scan” becomes a museum of terminal output, and somehow you’re farther from a foothold than when you started. Definition: A 20-minute enumeration timebox that forces a decision at the buzzer. Run a … Read more
Mastering the OSCP Proof: No Theatrics, Just Receipts Nothing ages faster than a “perfect” flag screenshot you can’t defend the next morning—because the IP isn’t visible, the tab was wrong, or the interface doesn’t match your report. An OSCP proof screenshot is a single, audit-friendly image that shows the target IP address and the full … Read more
The Kioptrix TTY Upgrade Checklist “Ctrl+C prints ^C like a little protest sign—and the process just keeps running. That’s the moment Kioptrix stops feeling like a win and starts feeling like you’re operating with oven mitts on.” If your arrows spit ^[[A, editors redraw like a haunted CRT, and copy/paste turns into static, you’re not … Read more
The Invisible Debt: Triage and Hardening for Shell History Leaks A credential leak doesn’t always arrive with fireworks. Sometimes it’s a tired one-liner—run once at 2:11 a.m.—that keeps paying interest in the worst possible way. Bash/Zsh history leaks are accidental exposures of secrets—passwords, API keys, tokens, or SSH material—that get saved in shell history files … Read more
