Post

Passing OSCP: A Strategic Certification or Just a Popular Badge?

Posted
Offsec Says You Must Try Harder.
Offsec Says You Must Try Harder.
By yuznumara
4 min read
Passing OSCP: A Strategic Certification or Just a Popular Badge?

In this article, I will try to explain why and how I took the OSCP, share my experiences, and provide some key insights. You will find the courage you need to pass here, as well as how to manage the 3-month process. You’ll also reflect on why you should or shouldn’t pursue this certification. Overall, I recommend evaluating exam day tips before taking the test. Let this be the last “how I passed OSCP” article you read.

My Background

I studied Electronics Engineering in college, and at the same time, I worked as a software developer. In my last year of college, i started working as a penetration tester in a corporate company, and now I’ve been working mostly in application-based and local network security for 1,5 years.

I knew almost nothing about Active Directory, But I knew how to learn, and I knew that’s what really matters.

If you have a basic level of knowledge in cybersecurity, know how to learn, and believe you can stay focused for 90 days, the exam will be easy for you.

Motivation

Honestly, getting a certificate has never been important to me. Some people are really keen on collecting them, but I’ve never been like that. The reason I got this one is because most companies and their clients know its name. Maybe it will help me get a raise or open up new opportunities. But on the other hand, this exam is just a summary of what I already know, packaged with a badge.

Preparation

I have completed almost all of Tj Null’s list. Honestly, I think most HackTheBox machines are a waste of time. Instead, it makes more sense to get Proving Grounds and work on those machines.

If possible, don’t clutter your mind with different things. Just try to understand OffSec’s mindset by using only the materials OSCP provides, anticipate the questions they will ask, and memorize the exam format. For this, the Proving Grounds Practice labs will be quite sufficient.

Actually, it’s not about how many machines you’ve solved, how well you know Active Directory, how fast you are, or how many “how I passed OSCP” articles you’ve read. It’s about understanding the OSCP exam format. It’s about knowing how to study and what to focus on. Don’t try to learn everything; focus on identifying what you need to learn.

Exam Day Tips

  • If possible, start the exam early in the morning.
  • If you’re used to it, I can’t say much, but in my opinion, don’t eat early in the morning. Eating will use up your energy for digestion, and it might make it harder to focus. My suggestion is to start intermittent fasting two weeks before the exam and fast during the exam as well. With a slightly empty stomach, you won’t need to take time out to eat, and since you’re not overeating, your brain will function better. Fasting triggers our hunting instincts and makes us more proactive.
  • Definitely take breaks. Even if it’s not necessary, make sure to take a 5–10 minute break every hour. During these breaks, focus on your breathing and remind yourself that you’re confident. After all, this exam is mostly about time and stress management. If you’ve completed the course and solved the labs but still fail the exam, it could be because you couldn’t manage your stress.
  • Don’t underestimate the 10 points, and make sure to earn the bonus points. After meeting the necessary conditions, send an email to the OffSec team to confirm whether you’ve earned the bonus points and ensure you get the 10 points.
  • While quickly solving the Proving Grounds labs, use a specific cheat sheet you’ve prepared for OSCP. This way, your hands and eyes will become accustomed, and by turning the knowledge into reflexes, you’ll maintain momentum and stay focused during the exam.
  • When you find yourself overthinking, coming up with extreme ideas, or trying to chain vulnerabilities to create complex scenarios, stop and rest. The exam is much simpler than that.

Final Thoughts

Is OSCP the most logical certification among its competitors? I can answer that depending on what you want. If you’re pursuing this certification because it’s well-known, to showcase it on your CV, to stand out in job applications, or to catch a client’s attention, then you’re definitely on the right track. Yes, the areas it covers are valuable, and I can’t say it doesn’t teach anything. However, if your only goal is to learn, I’d suggest spending your money on more important things. Maybe a nice dinner with your wife, a family breakfast, or a good drill set. In my opinion, it’s always more logical to act according to your purpose, and instead of getting this certification just because everyone else is, it’s better to view it as a tool on the path to your goal.

Thanks

Thanks for reading this article. If you have any questions about this article or about anything, you can ask me from Linkedin. I’d be very happy to help.

Blogging, OSCP
pentesting
This post is licensed under CC BY 4.0 by the author.

Trending Tags

pentesting htb oscp software