Introduction

In December 2022, I purchased the Learn One subscription for OSCP. I began studying the content at January 2023 since at the time I was focusing on obtaining other certificates such as:

• AZ-900
• SC-900
• MS-900

Once I successfully obtained those certificates I shifted my focus solely on OSCP. In the beginning it was difficult to go through the OSCP content since Offensive Security Student Mentors are only allowed to give hints about exercises. This forced me to digg deeper into things which I did not understand and after doing this for a while I got used to Thinking Out Of The Box or as Offensive Security says Try Harder.

Restart

When I was about 35% finished with the OSCP course materials, Offensive Security released a new version of OSCP. In the new version the content and the lab machines were significantly improved. The Buffer Overflow section was completely removed on the new PEN-200, when I had spent 50-hours learning it.

Try Harder

I started studying OSCP (2023) at April 2023 when it was released to everyone. I studied for every single day for 4-hours and on saturdays and sundays I spent more than 12-hours studying and after doing this for 3 months I had completely completed all the course content. The lab machines took me a month to finish and I pwned 57/57 lab machines.

Preperation

Once I completed all the course materials and lab machines, I decided to focus on Providing Play Grounds to improve my penetration testing skills. Here's a list of Providing Play Ground machines that I would highly recommend trying out:

• DRV4
• Slort
• Shenzi
• Heist
• EvilBox One
• MoneyBox
• Sar

After finishing 100 Providing Play Grounds machines I decided to focus on Hack The Box machines. Here's a overview of the machines I would recommend doing for OSCP.

• MonitorsTwo
• Busqueda
• PC
• Sunday
• Irked
• Lame
• Shocker
• Beep
• Blue
• Sense
• Networked
• Pilgrimage
• Sau
• Legacy
• Optium
• Bastard
• Sniper

After I successfully compromised all these machines, I decided to book my exam and from there I solely focused on improving my notes for the exam.

Exam

When I was going to take the exam I was about 15-minutes late since I thought the MD5 hash would be sent to me on email 30-minutes before the exam starts. However, that wasn't the case since the MD5 Hash was included in the booking confirmation email. The exam was difficult in the beginning but it became easier once I started Thinking Out Of Box. Here's a overview of the time I spent on all the machines:

• Active Directory Set (3 Machines): 4 Hours
• Standalone Windows Machine (1 Machine): 5 Hours
• Linux machines Standalone (2 Machines): 4 Hours

I managed to compromise all the machines within 13 hours so I spent the last 3 hours ensuring that I had all the necessary screenshots for the report and after confirming that I had all the screenshots I decided to end the exam and go to bed. The next day I spent 16 hours writing the report to ensure everthing in the report was perfect and after submitting it I decided to go to bed. When I woke up the next day I saw on the Offensive-Security Portal that I had successfully passed Offensive Security Professional Certification! You can view the certification from following link:

• Security Certified Professional Certification

I became extremely happy after passing OSCP since I spent the last 7 months studying for the certfiication. However, I know this is just the beginning of my long journey!