Preparing for your OSCP certification exam

Everybody’s journey on the Offensive Security Certified Professional (OSCP) certification is different. A number of factors are at play, such as your previous experience and your learning style.

Prepare your environment

You will need a virtual machine with Kali Linux installed. You can use the VMware Workstation Player with the Kali VM for OSCP Lab.

Read the course material

Purchase the PEN-200 course and join Offensive Security’s Discord server and the forums.

Read the course material or watch the videos. Take notes.

Know what to expect on your exam day. Familiarize yourself with the exam restrictions by reading the OSCP Exam Guide and take a look at the Exam Proctoring FAQ.

Practice

Do the course exercises

Some topics like Active Directory require more time and effort. Also make sure to master basic operations like file transfer.

Hack the OSCP Lab

Go for low hanging fruits first. There are dependencies between machines. For this reason, you should always do the post-exploitation steps on every machine. Try cracking shadow files, dumping credentials from memory with Mimikatz, and look for files that could be useful later. Keep note of all credentials found in a way that is easy to use later in a bruteforce attack on other machines.

Think of other ways that a machine could be hacked. There might be other paths that you could learn from.

Go further

Do not limit yourself to the OSCP lab. Practice on other platforms like Hack the Box (HTB) for Active Directory machines. See this post.

Read public walkthrough guides of machines from other platforms like HTB. You can learn from the methodology others use.

Take notes

Make a template for taking notes about each machine, and steps that you will be able to follow during the exam. Practice documenting machines like you would do during the exam and take screenshots of proof files that comply with the OSCP Exam Guide. Create a template for your report and try documenting one machine. See what information and screenshots you will need.

Time management

Time management is a big part of the OSCP exam. Use tools like a pomodoro tracker to keep you on track and manage breaks efficiently. Dedicate a timeslot in your calendar for studying and schedule your exam.

Reassess

Take a step back and find your weaknesses. Take a look at the course syllabus and see what topics you still need to work on. It might be privilege escalation on Linux, pivoting, etc.

The Try Harder mindset

The Try Harder motto can be frustrating at first. Some people say it in a very arrogant way when asked questions from newcomers.

Once you see the Try Harder as a way of pushing your limits, not getting discouraged, and reflecting on what you did or did not do when stuck on a machine, your methodology will improve and you will be glad that you tried harder. You will need this mindset during your exam. Listen to Call Offensive Security song!