For OSCP I would adopt the following order:
6: Look for the parts you don;t know or can save you time/automation/scripting or parsing
2: but only sections on payload creation, shellcode, meterpreter
4: read assembly ouput near fluent
5: focus on stack overflows both in Linux and Windows. Learn the specific tools on both OS'es
Save 3, 1 and 7 for after OSCP as I think it might go to deep and you will not be able to master this in depth in time for the exam.
I am actually doing something similar but before I sign up as to save my lab time. Good luck!
@ Cyberspirit: this is how I tend to study. I try to be able to do most attacks without using any tools. Purely by scripting, abusing the shell and making use of available cmd's/tools native to the OS or API's. If this gets me stuck I use an automated tool and see if it can complete the attack. If it does I tear apart their logic until I can do it by hand myself. This cost a tremendous amount of time but allows me to perform even when tools are blocked.
Last edited by sh4d0wmanPP
on Fri Aug 24, 2012 3:10 am, edited 1 time in total.
EXIN ISO/IEC 27002: ISF & ISMAS, ITIL Foundation, Comptia Security+, CCNA, CCNA Security, Wip: OSWP