Best Active Directory Practice for OSCP

Offensive Security recently released an update to the format of their exam. The changes were designed to bring the exam more inline with the PEN-200 course content, which the OSCP exam is based on. The content covers Active Directory, but it was well known that Active Directory did not make up part of the exam, so many students either ignored learning about entirely, or didn’t put in too much effort.

That has now changed. With a new dedicated Active Directory set in the exam, being able to practice these skills is even more important. The below article covers the best boxes to practice on across all of the major CTF environment.


If you are a complete beginner at attacking Active Directory, might be good to start with the basics.

  • Active Directory Basics (Walkthrough)
  • Attacking Kerberos (Walkthrough)
  • Attacktive Directory (Box)
  • Holo (Box)

Proving Grounds Practice

If you are a paid subscriber to the official Offensive Security CTF environment, you can target the following machines,.

  • Heist
  • Hutch
  • Vault

The above was even confirmed on the Offensive Security discord


Tried and tested, HackTheBox is a great environment to practice for the OSCP and it’s Active Directory set. The following boxes apply

  • Sauna
  • Active
  • Forest

We will add more as we come across them! Otherwise, please let us know


Mark like CTF's, his home lab and walks on the beach. He holds SANS certifications in Forensics and Information Security. Currently working in the cybersecurity field.
Back to top button