Machines

• Perform all possible offensive attack stages.

• Map activity with MITRE

• Understand how and why vulnerability works

• Understand how vulnerability can be fixed on the compromised host

• Understand how vulnerability can be triggered by IDS/IPS/XIDS/NIDS

• Understand how to cover and clean-up all traces left

• Use Metasploit but:

  • Try to understand and perform same activity fully manually

  • Find/write your own scripts of automation, since Metasploit is not allowed on OSCP