0. Solve BoF box first
1. Use PenTest.ws
2. Use AutoRecon / Sparta and more accepted automation tools (https://falconspy.medium.com/unofficial-oscp-approved-tools-b2b4e889e707)
3. Stay calm. Chances are at some point during the exam you’re going to think you’re going to fail. It happens to everyone. When that happens, take a break and repeat to yourself that you’re prepared and that OS designed the exam in a way that it can be completed
4. When stuck on something always google the technology / HTB / ippsecrocks / VulnHub / OSCP. You won’t find the exact solution but you’re likely to find something similar that might nudge you in the right direction.
5. Make use of your Metasploit attempt if you get stuck. In the exam I came across a technology that I wasn’t super familiar with and I could have done it w/o Metasploit in a couple of hours but it only took 5 min with Metasploit.
6. You don’t always have to get a shell, maybe just read the flags
7. Don’t rush yourself. Trust me, you’ll run out of ideas before you run out of time on the exam.
8. It goes w/o saying you should do a full port scan. Enumerate weird services first (look for associated exploits)
9. Take screenshots / make notes of everything you tried (including commands) while you’re doing it. It helps you keep track of what you tried in case you get stuck and it makes sure you don’t lose your work if your VM crashes during the exam.
10. During your exam, make sure you scan your target machines properly. As this scan results you are going to refer for next 24 hours so make sure they are perfect.
11. Take breaks
12. Keep it simple
13. Every 1-hour evaluate your progress. If you think you are stuck move on or change your approach.
14. Don’t make assumptions. Try everything you can think of.
15. Use OSCP mindmaps (https://emaragkos.gr/infosec-adventures/useful-oscp-mindmaps/)
16. Study TCM courses and advise them again if needed during the exam.
17. Take TibSec’s PrivEsc courses and advise them again if needed during the exam.
18. Have a report template ready. Although you have 24 hours to write the report, you’ll be exhausted from the 24 hours you spent on the exam. https://github.com/whoisflynn/OSCP-Exam-Report-Template
19. Take backup of notes
Thank you @rana__khalil for most of them!
4. Use AutoRecon
5. Don’t rush yourself. Trust me, you’ll run out of ideas b/f you run out of time on the exam.
6. It goes w/o saying you should do a full port scan. Enumerate weird services first (look for associated exploits)
— Rana Khalil 🇵🇸 (@rana__khalil) July 16, 2020