The Secret to Passing OSCP: My Journey and Tips

The Offensive Security Certified Professional (OSCP) certification is known as one of the toughest certifications in cybersecurity. Some people struggle to pass it even after multiple attempts, and many are too intimidated to even start. But then there are the few who face the challenge head-on and emerge victorious.

The question is, how do they do it?

In this blog, I’ll share my journey, struggles, and strategies that helped me pass the OSCP and achieve what once felt impossible.

My Motivation for Pursuing OSCP

For most people, OSCP is a stepping stone to getting hired as a penetration tester. But for me, it was more than that — it was a personal goal. I wanted to see my name followed by “OSCP” and prove to myself that I could do it.

I began my cybersecurity journey with the Junior Penetration Tester path on TryHackMe back in 2022. From there, I moved on to HackTheBox, solving their labs, but something always felt off. I would get stuck and frustrated, wondering how others seemed to crack challenges effortlessly while I struggled.

That’s when I decided to push myself further and enrolled in the Certified Penetration Testing Specialist (CPTS) course by HackTheBox. It was incredibly difficult, but after seven long months of hard work, I passed.

Unfortunately, CPTS didn’t open the career doors I had hoped for. That’s when I decided to go after something I had once thought was out of my league — the OSCP.

Facing the OSCP Challenge

I purchased the Learn One plan. I started by reading through the course material, and because I already had a decent foundation, I completed the text-based course in about a month.

Next came the labs, where the real preparation began. I practiced intensely for 1.5 months, sharpening my skills and pushing myself beyond my limits. Finally, I felt ready to take the exam.

Key Preparation Tips for OSCP Success

1. Take Notes Religiously

Always document every command, technique, and observation during your practice. Keeping detailed notes will save you time and stress during the exam.

• I personally used Notion, but there are other great tools like OneNote and Obsidian.
• Choose a tool that suits your workflow — what matters most is staying organized.

2. Build a Methodology

A solid methodology is your roadmap during the exam. Without one, it’s easy to get lost and waste time.

• Start developing a structured approach early in your preparation and refine it as you progress.
• Your methodology should cover enumeration, exploitation, privilege escalation, and documentation.

3. Master Time Management

Time management is critical in the OSCP exam. Practice solving machines within a set time frame to build confidence and speed:

• For stand-alone machines, set a 2-hour timer.
• For Active Directory (AD) lab sets, aim for a 4-hour timer (applies to OSCP A, B, and C).
• Avoid over-relying on walkthroughs — challenge yourself to solve labs independently first, even if it means struggling.

4. Learn from Writeups (the Right Way)

If you’re stuck and have exhausted all your options, it’s okay to refer to writeups. However, don’t just copy solutions.

• Take the time to understand the new technique or approach you learned.
• Add it to your notes so you can incorporate it into your methodology.

My First Attempt

I made my first attempt with confidence but failed. The failure hit me hard. That night, I couldn’t even get out of bed. After coming so far, failing felt devastating.

But then I realized I had two choices: give up or keep moving forward. I had already invested so much effort, and giving up wasn’t an option.

Let’s take a pause and see where I messed up.

I managed to solve half of the Active Directory (AD) set and one stand-alone machine in just three hours. Impressive, right? I even had 10 bonus points. At that moment, I thought I had passed.

Little did I know, I was about to mess everything up.

After solving half of the AD set, I got stuck. I spent hours trying everything I could think of but couldn’t get past the last checkpoint. The mistake I made was repeating the same techniques over and over for eight straight hours without taking a break. My brain was completely fried.

Exhausted and frustrated, I gave up early and went to sleep.

A few days later, I pulled myself together and tried again. This time, I knew what to expect from the exam. I realized that it wasn’t the technical difficulty of the exam that got me — it was the stress and the lack of time management.

The Way to Conquer Any Offensive Security Exam.

Let me start with this: keep it simple.

The exam isn’t hard — yes, I know that sounds crazy, but it’s true. Trust me, the techniques taught in the course are more than enough to get you through. You don’t need fancy attacks or complicated tricks. Stick to the basics, and you’ll be fine.

Why Do People Say the Exam Is Hard? Here’s the thing: the difficulty isn’t in the technical challenges but in the stress and time management.

Think about it — what if Offensive Security gave you 10 days to pass the exam, like HackTheBox does for CPTS? Would you feel the same level of stress? Probably not. The key difference between CPTS and OSCP is the intense time pressure and the mental strain it creates.

How to master these skills?

• Take breaks every two hours. Even if you don’t feel like you need a break, just take it. It’ll trick your brain into staying in a calm state. Also, take a break every time you fetch a flag.
• Stay calm if something doesn’t work, and don’t try fancy tricks. Instead, take a break, and when you come back, enumerate again with a calm and relaxed mind. You likely overlooked or missed something, and that’s where your methodology comes into play. Read through your methodology to see if you forgot to enumerate anything, and stay confident. As soon as you start stressing, your brain will stop thinking clearly, and you’ll end up trying everything in desperation and exhausting yourself.

Other Key Tips

• If something isn’t working as intended, don’t hesitate to reset the machine. I’ve seen people complain about issues that were resolved with a simple reset. While I didn’t face this problem, it’s worth keeping in mind.
• As you progress through the exam, take detailed notes of your process. Before you finish, recheck your screenshots to ensure they’re complete and clearly show the required evidence.
• When writing your report, ensure it’s easy to follow for anyone reading it. Properly paste the flag screenshots as per Offensive Security’s guidelines, and maintain a professional and structured format.

Turning Failure into Success

I took time to analyze my weaknesses. I identified where I went wrong and focused on strengthening those areas. I also worked on improving my time and stress management, which were critical during the 24-hour exam.

Even though I never felt “ready,” I took my second attempt after another month of preparation. This time, I passed!

The feeling of seeing “Congratulations!” on the screen was indescribable. It wasn’t just about earning a certification — it was about proving to myself that I could overcome this seemingly impossible challenge.

Passing an Offensive Security exam is as much about mental strength as it is about technical skills. Stay calm, stick to the basics, and trust your preparation. With the right mindset, success is inevitable.

Bonus

Tools of Trade

1. I used Penelope to pop shells and manage them effectively. However, I strictly avoided using it for any form of automatic exploitation.
2. For tunneling and port forwarding, Ligolo-ng was my go-to tool. Its simplicity and efficiency made it indispensable during my preparation.
3. CrackMapExec / NetExec: Essential for enumeration and exploitation in Active Directory environments.
4. RunasCs: A powerful utility for privilege escalation and credential management.
5. AutoRecon: Great for automating initial enumeration tasks and saving time during reconnaissance.

OSCP-Like Machines I Practiced On

1. VulnLab Machines I practiced extensively on VulnLab machines before my second attempt.
2. HackTheBox and TjNull’s List My prior experience with HackTheBox gave me an edge. I also followed TjNull’s list, which is a curated collection of OSCP-like machines.
3. Offensive Security Playground I solved around 30 lab machines from the Offensive Security playground, which helped solidify my skills and understand the OSCP environment better.