OSCP+ Exam
Ever since I got my CPTS certification, I have been aiming to get the OSCP. I was lucky enough to get a discount for black friday last year and purchased the course + one exam attempt. I had two months of Pen-200 course access and that was it. I also practiced with proving grounds boxes, I did not have a lot of time on my hands since I was working almost a full time job while also doing a my master’s. Unfortunately I failed my first attempt with 30 points, but I was able to pass with full points on my second attempt. I will try to provide tips on how I passed and what I would recommend for people studying for it.
The Pen-200 Course
The course ia pretty bad in my opinion, if you want to learn, you are better off getting a student subscription for 8 euros a month on Hack The Box and doing the CPTS path. The path covers almost all, if not all of the pen-200 course for a fraction of the cost, not to mention, it is way cheaper.
The only value I got out of that course was doing the OSCP A,B and C mock exams and maybe a gist of how offsec labs and boxes worked, but I think doing a couple of proving ground labs already does that.
OSCP A, B and C
I think these are a pretty realistic set of mock exams, I think you can get full points on all of them within 16 hours, you are doing well and you can most likely pass the exam.
My Study Plan
I only had about 3 hours per day to study for the exam so the first month I was doing the course, I gave up on it because, after doing the CPTS, it felt really lackluster and it just could not compare. I then purchased the proving grounds monthly subscription and would do about 2-3 labs per day, some days I would do more and other I would’nt do any. Before my first attempt I had done about 50 proving grounds labs.
First attempt
I was a nervous going into my first attempt, but once it started it did not really bother me. I went ahead and started with the AD set, and immediately hit a brick wall. I was panicking because AD is my favorite topic, and I am really confident in it. I spent about 30 minutes on it without getting anything and decided to do the standalones. I was able to get 30 points in around 2 or 3 hours before deciding to go back to the AD set. I knew that I had to at least get a flag in the AD set, otherwise I would not have enough points to pass. Sadly, I never got unstuck and time ran out before I could get past the first flag.
Second attempt
A month passed and nothing really changed, yes I did some HTB machine to practice, since I had already gone over most of the proving ground boxes, but I think that did not change my methodology too much. The exam started and, again went straight for the AD set. Luckily, I was able to get all 40 points in 40 minutes! Things were looking good this time around. I took a break before tackling the standalones. I was scared that I would get hard ones since the AD set I got felt really easy, but that wasn’t the case. I achieved a passing score in the next three hours. I had 80 points and 20 hours left, so I spent the rest of my time doing the report, and once that was done I went and did the last standalone that I was missing. I got 100 points and had the full report done with about 3 hours to spare.