This is my first post on my blog: OSCP Review - My Journey 2025. In this post, I’m going to share my thoughts and experiences with both the course and the exam.

oscp+ cert

Background experience

My experience with hacking began in 2021 during my cybersecurity studies. The first platform where I was learning cybersecurity concepts, mainly in a CTF style, was CTFLearn. During my studies, I also explored sites like OverTheWire, and more CTFs on picoCTF. In early 2022, I started watching John Hammond’s videos, doing rooms on TryHackMe, and trying to copy the steps on my own. From then on, I started getting excited about hacking and doing more rooms on TryHackMe. Soon after, I began watching IppSec’s videos and solving HackTheBox machines, but the platform was on a different level compared to THM.

A key moment in my life was getting my first job in cybersecurity, and more specifically in pentesting. It happened in mid-2022, with about one year of experience doing boxes on both THM and HTB. By doing web application and Active Directory penetration tests, I gained some of the experience required to pass the OSCP.

From 2023 to 2025, I finished my master’s degree in cybersecurity and gained lots of experience working in pentesting. I completed 68 boxes on HackTheBox and around 140 rooms on TryHackMe. In 2024, I passed CRTP - my first cybersecurity certification - which gave me a feel for a time-limited exam with report writing. The main difference was that CRTP was not proctored and therefore significantly less stressful. During that time, I also completed several modules on HackTheBox Academy. The most valuable, in my opinion, were the Pivoting module, the AD Enumeration & Attacks module, and the Attacking Enterprise Networks module, which turned out to be a “mini” OSCP course. On April 24, 2025, I bought the OSCP and started digging into the course.

Course materials

As I had previous experience in cybersecurity, I will review the materials from two different perspectives: that of a beginner interested in the cybersecurity world and looking for a first job, and that of an enthusiast who wants to delve into the details, learn some tricks, and quickly pass the exam.

The course is meant for beginners with almost zero experience. From that perspective, the overall quality of the materials is very high. The amount of content is sufficient to get into security, and it really teaches the mindset and methodology required to perform not so basic penetration tests. I felt the relevance of the topics in my day-to-day job tasks while doing Active Directory and web application testing. However, I would not consider the materials to be a deep dive into pentesting.

With my background experience, I would say that 70-80% of the content was mostly a refresher and helped structure my existing knowledge. I was happy that there were some tips and tricks I didn’t know, and which turned out to be useful in my actual job. I was a bit disappointed that the course included modules that were strictly informative and whose content was not included in the exam. From a learner’s perspective, this could be considered extra knowledge for free, but as someone focused on passing the exam, I felt like I was wasting money.

Comparing the materials with the CRTP course, I can say that CRTP, which focuses on Active Directory enumeration and exploitation, taught me the methodology in more detail than the OSCP. Taking CRTP also helped me move more confidently with PowerShell in an Active Directory environment.

I would also say that the HTB Academy modules I took had more detail and were easier to understand than the Active Directory-related modules in the OSCP course. In general, I liked the HTB modules more than the OffSec course.

Preparing for the exam

My main preparation for the exam was the 3-month course. During it, I completed all the module labs. My main mistake in the learning journey was being lazy and not doing enough challenge labs, as I only touched Lab 1 – Medtech. Besides that, after the course had ended, I gave myself around one month of additional preparation on other platforms.

The list of boxes I used was the LainKusenagi list, which in recent years has become more popular and receives more frequent updates than the legendary TJ Null list. From that list, I completed 15 HackTheBox boxes and 7 Proving Grounds Practice boxes.

With a solid background, having completed the course, and having solved many boxes, I was quite confident that I could take the exam and pass it.

Exam

I booked my exam for August 21, 2025, at 13:00. I was thinking about dividing the 24 hours into two days - around 11 hours on the first day, with the rest reserved for sleep and the second day. The plan was to have flexible time slots with a reasonable amount of sleep in between. In a perfect world, I thought about earning the passing score of 70 points on the first day and going to sleep peacefully, knowing that I had passed the exam.

The exact schedule of my exam is presented below.

12:45 - 13:30 - pre-exam requirements check; I had some technical problems with the proctoring and received an additional 30 minutes of exam extension
13:30 - 17:30 - the start was really stressful for me; I only gained 20 points (10 from AD and 10 from a standalone machine) in 4 hours
17:30 - 18:00 - break and meal
18:00 - 21:00 - the AD set was pwned and I had 50 points there; the stress was gone and motivation came back
21:00 - 23:30 - found 2 more flags from standalone machines, effectively passing the exam with 70 points
00:00 - 06:00 - sleep
06:30 - 10:00 - reviewing all the screenshots, repeating the exploitation paths, and taking more screenshots for the report
10:00 - 11:00 - break and meal
11:00 - 13:00 - final boss: finding the remaining flags and trying to reach 100 points
13:00 - 13:15 - literally found the root flag of the last machine in the last few minutes before the end of the exam

With the 30-minute extension, I finished the exam at 13:15 the next day, whereas normally it would have ended at 12:45.

The next 24 hours were dedicated to preparing the report. I read quite a few OSCP reviews and came across the SysReptor tool, which already had an OSCP report template available.

To sum up, during the exam I found all the flags (100 points) and wrote a 58-page report. Then, within five days, I received my certificate. Since I took the new edition of the OSCP exam, I also received an OSCP+ certificate valid for three years.

Tips and Tricks

At the end, I will give you some tips and tricks for the OSCP, as you are probably preparing for the exam.

Think (a lot)

First of all, the exam does not only test your knowledge, but mostly your creativity, mindset, methodology, and time/stress management. I would say that theoretical exams are for testing knowledge, but the OSCP is different. It’s practical and proctored.

You might know how to do an nmap scan, you might know how to do a SharpHound scan, and you might know how to exploit a certain vulnerability, but you might not necessarily be able to do it without thinking.

Many tools for one technique

You’ve probably been in a situation where some tools were not working while others were. I suggest testing different tools for web scans, different payloads for reverse shells, and different host enumeration tools before the exam. The more tools you have in your arsenal, the more prepared you are for different scenarios.

Take notes from labs

While working through the course materials, take notes, especially from labs and challenge labs. Then, you can compare your notes with those of other learners on their github repositories and merge them where useful. Validate the quality of the commands, and this will save you a lot of time searching the Internet for a working command.

Take breaks

The 24-hour exam is a marathon (at least mentally), so take breaks. Take a walk, do some stretching, and clear your mind for a moment when you’re stuck. Most of the time, it’s worth it.

Enumerate and enumerate?

In many reviews I’ve read, enumeration is described as the key, and… it depends on the exam set. I didn’t need heavy enumeration to move forward. For me, it was more about thinking what to do next and how to do it.

Google, my friend

Google will be your friend for those 24 hours. Don’t forget to google anything that stands out, and try adding the word “exploit” if you don’t find what you’re looking for.

Luck is not optional

I think I had a lot of luck during the exam. Maybe that’s why I didn’t need to enumerate that much. Or maybe it was intuition earned from doing so many boxes before. The exam set is also chosen randomly, so luck plays a role here too. Either way, I think luck has an impact on whether you pass or fail (fortunately or unfortunately).