Skip to main content

OSCP Learning Points

ยท 2 min read

OSCP Certificate I wanted to learn the basics of penetration testing for some time, and had my eye on OSCP. But I started off with a TryHackMe subcription and cleared the Junior Penetration Tester path 1st. Now I feel that maybe it would've been better to jump stright to OSCP instead.

I started my exam at 2pm that Sunday, and managed to clear the 2 independent machines with relative ease. I took a break for dinner and continued working on the remaining independent machine and the AD set. About 2 hours passed and I did not make much progress for both. Frustrated, I took a step back to review the uncovered information and tools at my disposal. I decided to try a different tool and managed to gain an initial foothold in the last independent machine. Not long after, I managed to get root, thereby granting me the remaining 20 points I needed to pass (plus the 10 bonus points). It was about 12am. I spent a few hours organizing information and ensuring I had the screenshots for the report before deciding to attempt the AD set. However, I did not manage to complete it before the time ran out.

I started my subscription in Aug 2023 and took my exam on July 2024, a really slow pace but I passed on my 1st try nonetheless. Looking back, while taking the course I could've done a few things better:

  • Clear all the capstone exercises
  • Write notes for modules exercises
  • Make use of OffSec discord server earlier
  • If possible, have a study buddy

I felt that the course provided me with the basic knowledge on pentesting various systems, but I felt that it only scratched the surface. I constantly struggled to juggle various commitments while studying for OSCP, and had many moments of self doubt and uncertainty. But I'm glad I trusted the process and tried my hardest. I still have much to learn, and I look forward to my next certification.