My Journey to being an OSCP

What is the OSCP?


PWK Lab and OSCP Exam Experience

  • Buffer Overflow — the material and lab machines are sufficient for this. You do not need to work on other machines that are related to the OSCP buffer overflow, but they are still good practice. Its a simple 32-bit Windows Buffer Overflow.
  • Lateral Movement and Tunneling — albeit not included in the exam, it is important to be able to practice this in a structured lab environment, as this happens often during penetration tests. Though, I had good practice of this topic from HTB, Offshore, and CRTP already.
  • Active Directory — there are certain machines that simulates an Active Directory environment. If you have not passed the CRTP(Certified Red Team Professional) or completed HTB’s Offshore Pro lab(which I both did prior to HTB), this is mandatory. But if you’ve done CRTP(even without HTB Offshore), this is not needed, as the material for that covers what’s in the PWK, almost.
  • Client-side attacks — there are certain machines that are vulnerable to this. Work on them as they are important for further Offensive Security courses(WEB-300, PEN-300).
  • Make sure your methodology is solid. Check on all ports. Check them manually too using netcat or telnet.
  • Know when to stop poking on a service or a port.
  • Learn how to take good notes. Take note of the commands and exploits that worked, so you can just copy paste them if ever you need to work on it again.
  • The exam is not a CTF, meaning you do not have to find something very obscure. Enumeration is really important.
  • Do not over complicate things.
  • Learn to take good screenshots, which is not only important in the exam report, but also is very important when you do actual penetration test work.
  • If you are on Reddit, join and other infosec related subreddits.


  • Buffer Overflow — If you understood the materials already, allot time to practice the flow using Tiberius’ TryHackMe room:
  • SANS Cheatsheets
  • Watch Ippsec’s OSCP prep playlist:
  • Read 0xdf’s blog posts and compare how you solved the machine, same with how Ippsec solved it
  • Read blogs and spend time really solving machines.
  • OSCP is a hands-on exam, your conceptual knowledge may be helpful, but it won’t be enough for the exam. For example, rather than knowing how a LFI(local file inclusion) works, you should be confident in finding which files to look for if you have LFI and what information you can get from those files to aid you in exploitation later on.




Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store



Penetration Tester | Aspiring Red Team Operator 🇵🇭