OSCP (Offensive Security Certified Professional) Exam Survival Guide

Window: Global | Practical pen-testing exam | 24 hrs

Must-do topics

• Enumeration: Nmap, Netcat, SMB, SNMP, LDAP, HTTP methods
• Exploitation: buffer overflow basics, privilege escalation, reverse shells
• Post-exploitation: pivoting, persistence, loot creds, cleanup
• Reporting: detailed steps, screenshots, commands used

Top traps (avoid)

• Jumping into exploit without full enumeration
• Ignoring low-hanging fruit (default creds, misconfigs)
• Forgetting local privilege escalation after shell
• Weak documentation — points lost without proof

Time split

• 24 hrs: ~20 hrs lab + 4 hrs report writing
• Strategy: 2 easy boxes → 1 medium → 1 hard; leave time for report

Last-48h checklist

• Practice 1 buffer overflow end-to-end
• Revise privilege escalation scripts (Linux + Windows)
• Build report template; include commands & outputs
• Cheat sheet of enumeration commands

Quick facts

• Windows priv esc: service misconfig, unquoted paths, UAC bypass
• Linux priv esc: SUID, cron jobs, kernel exploits, misconfigured sudo
• Reverse shell basics: bash, nc, powershell

Speed tactics

• ENUM → ENUM → ENUM (don’t skip)
• Keep notes clean; one-liner commands in report
• If stuck: re-scan, try alternate ports, escalate laterally

Day-of mini-plan

• 1 hr warm-up: enumeration drill
• Write report in parallel → don’t leave all for end
• Keep calm — OSCP rewards persistence + documentation