OSCP — Penetration Testing with Kali Linux (PEN-200)

Section 01

01. At a Glance

About the course

OSCP is the gold standard for hands-on penetration testing — a 24-hour live exam against a real network plus a professional report. Macksofy adds 60+ hours of instructor-led bootcamp on top of OffSec's official PEN-200 curriculum, with mentor support that continues until you pass.

Section 02

02. Who Is This Course For

• Working pen-testers ready to level up to elite credentials
• Bug bounty hunters who want methodology rigor
• Security engineers moving into red-team or AppSec roles
• CEH holders ready for the next challenge

Prerequisites

• Strong networking + Linux fundamentals
• Comfort with Bash and basic Python scripting
• CEH or 6+ months of hands-on pen-test practice strongly recommended

Section 03

03. What You Will Be Able To Do

• Compromise standalone Windows, Linux and Active Directory machines under exam pressure
• Develop and modify public exploits, write Bash/Python tooling on the fly
• Pivot through segmented networks and execute lateral movement
• Write a 24-hour professional pen-test report that meets OffSec's standards
• Earn OSCP — the credential that opens senior pen-test doors in BFSI, Big Tech and consulting

Section 04

04. Curriculum — 25 Modules

Module structure and topic coverage authored by Macksofy Technologies based on the publicly-published vendor syllabus, current as of the issue date of this brochure. Vendor reserves the right to revise content; Macksofy keeps cohort material aligned to the latest release.

1. Module 01

   Module 01 · Report Writing for Penetration Testers

   3 topics
   • OffSec report standards
   • Note-taking discipline
   • Markdown / Pandoc workflow
2. Module 02

   Module 02 · Information Gathering

   3 topics
   • Passive recon — DNS, WHOIS, certificate transparency
   • Active recon — DNS brute, SMB / SMTP enumeration
   • Service banner grabbing
3. Module 03

   Module 03 · Vulnerability Scanning

   3 topics
   • Nessus essentials
   • Nmap scripting engine for vuln checks
   • Manual triage of scanner output
4. Module 04

   Module 04 · Introduction to Web Applications

   3 topics
   • HTTP request / response
   • Burp Suite proxy & repeater
   • Common architectures
5. Module 05

   Module 05 · Common Web Application Attacks

   4 topics
   • Directory traversal
   • File inclusion (LFI / RFI)
   • File-upload bypass
   • Command injection
6. Module 06

   Module 06 · SQL Injection Attacks

   4 topics
   • Manual in-band SQLi
   • Blind & time-based SQLi
   • sqlmap automation
   • DB-specific syntax (MySQL, MSSQL, Postgres)
7. Module 07

   Module 07 · Client-Side Attacks

   3 topics
   • Macro-enabled documents
   • Microsoft Office attack vectors
   • Browser-side payloads
8. Module 08

   Module 08 · Locating Public Exploits

   3 topics
   • ExploitDB workflow
   • GitHub research patterns
   • Identifying applicable CVEs
9. Module 09

   Module 09 · Fixing Exploits

   3 topics
   • Modifying public PoCs to fit target
   • Recompiling binaries
   • Cross-compiling Windows from Linux
10. Module 10

    Module 10 · Antivirus Evasion

    3 topics
    • Static signature avoidance
    • Encoders & packers
    • Custom payloads with msfvenom variants
11. Module 11

    Module 11 · Password Attacks

    4 topics
    • Hashcat & John the Ripper
    • Kerbrute & password spraying
    • SSH / RDP / WinRM brute-forcing
    • Hash dumping (Mimikatz)
12. Module 12

    Module 12 · Windows Privilege Escalation

    4 topics
    • Service / registry / scheduled-task abuse
    • Token impersonation
    • AlwaysInstallElevated, UAC bypass
    • WinPEAS / PrivescCheck workflow
13. Module 13

    Module 13 · Linux Privilege Escalation

    5 topics
    • SUID / SGID exploitation
    • Sudo misconfigurations
    • Cron-job abuse
    • Kernel exploits (carefully)
    • LinPEAS workflow
14. Module 14

    Module 14 · Port Redirection and SSH Tunneling

    3 topics
    • Local & remote SSH tunneling
    • Dynamic SOCKS proxying
    • rinetd, socat
15. Module 15

    Module 15 · Tunneling Through Deep Packet Inspection

    3 topics
    • Chisel HTTP tunneling
    • ligolo-ng pivoting
    • DNS tunneling concepts
16. Module 16

    Module 16 · The Metasploit Framework

    3 topics
    • Module structure & search
    • msfvenom payload generation
    • Meterpreter sessions & post-modules
17. Module 17

    Module 17 · Active Directory Introduction & Enumeration

    3 topics
    • AD objects, OUs, trusts
    • BloodHound + PowerView mapping
    • LDAP queries
18. Module 18

    Module 18 · Attacking AD Authentication

    4 topics
    • AS-REP roasting
    • Kerberoasting
    • Password spraying with confidence
    • NTLM relay / coercion (PetitPotam)
19. Module 19

    Module 19 · Lateral Movement in Active Directory

    3 topics
    • Pass-the-hash / pass-the-ticket
    • WinRM, WMI, PsExec, smbexec, dcomexec
    • DCSync & golden / silver tickets
20. Module 20

    Module 20 · Enumerating AWS Cloud Infrastructure

    3 topics
    • AWS CLI fundamentals
    • IAM enumeration
    • S3 / EC2 / Lambda discovery
21. Module 21

    Module 21 · Attacking AWS Cloud Infrastructure

    4 topics
    • Pacu modules
    • Privilege escalation paths
    • Lambda & metadata-service abuse
    • S3 misconfiguration exploitation
22. Module 22

    Module 22 · Assembling the Pieces (capstone)

    2 topics
    • End-to-end engagement walkthrough
    • Note-taking → exploitation → reporting
23. Module 23

    Macksofy bootcamp · Active Directory deep-dive (12h)

    3 topics
    • RBCD & shadow credentials
    • ADCS abuse (ESC1-ESC8)
    • Custom AD lab walkthroughs
24. Module 24

    Macksofy bootcamp · Exam strategy + 2 mock exams (24h)

    3 topics
    • Exam playbook & time allocation
    • Two full 24-hour mock exams with mentor review
    • Report deliverable rubric
25. Module 25

    OffSec PEN-200 self-study · 90-day PWK lab access

    3 topics
    • Official PDF + video curriculum
    • OffSec Discord community
    • Challenge labs (OSCP A / B / C)

Section 05

05. Tools You Will Operate

Section 06

06. Career Outcomes

Section 07

07. Placement Support

OSCP-certified hires are in heavy demand. Our placement desk works with BFSI giants, Big-4 consulting and product companies who actively seek OSCP holders.

• 1:1 mentorship until you pass — including post-bootcamp lab guidance
• Mock interviews modeled on real BFSI / Big-4 hiring loops
• Direct intros to hiring partners (HSBC, PwC, EY, Mahindra, fintechs)
• Career coaching for Indian + UAE markets

Section 08

08. Why Macksofy

• Vendor-true delivery — Macksofy is a hands-on cybersecurity training provider delivering practitioner-led bootcamps with exam-prep support.
• Practitioner-led delivery — every Macksofy instructor is a working OSCP / OSWE / OSEP / CISA-certified consultant on real client engagements during the week.
• Mentor support until you pass — extended access to mentor office hours and exam-day prep at no additional cost.
• Placement desk — Macksofy works with 80+ hiring partners across India and the UAE; your post-course resume, portfolio review and mock interviews are included.
• Indian classroom + online cohorts — onsite delivery in Mumbai BKC and Hyderabad HITEC City; live virtual cohorts pan-India with recordings.

Section 09

09. How to Enrol

1. Submit the enquiry form at macksofy.com/contact or call +91 99308 24239.
2. A Macksofy advisor will respond within 4 business hours with the next batch dates, payment terms and invoice.
3. Confirm enrolment via NEFT / RTGS / corporate card. EMI options available for select courses.
4. Receive welcome kit, lab credentials and the cohort calendar within 24 hours of confirmation.