Offensive Security recently released an update to the format of their exam. The changes were designed to bring the exam more inline with the PEN-200 course content, which the OSCP exam is based on. The content covers Active Directory, but it was well known that Active Directory did not make up part of the exam, so many students either ignored learning about entirely, or didn’t put in too much effort.
That has now changed. With a new dedicated Active Directory set in the exam, being able to practice these skills is even more important. The below article covers the best boxes to practice on across all of the major CTF environment.
TryHackMe
If you are a complete beginner at attacking Active Directory, might be good to start with the basics.
- Active Directory Basics (Walkthrough)
- Attacking Kerberos (Walkthrough)
- Attacktive Directory (Box)
- Holo (Box)
Proving Grounds Practice
If you are a paid subscriber to the official Offensive Security CTF environment, you can target the following machines,.
- Heist
- Hutch
- Vault
The above was even confirmed on the Offensive Security discord
HackTheBox
Tried and tested, HackTheBox is a great environment to practice for the OSCP and it’s Active Directory set. The following boxes apply
- Sauna
- Active
- Forest
We will add more as we come across them! Otherwise, please let us know
