My Journey to Passing the OSCP

Passing the OffSec Certified Professional (OSCP) certification was more than just an achievement for me — it was the realization of a dream I had nurtured since 2021. Looking back, the journey was full of challenges, late nights, and a lot of learning, but every step was worth it.

The Preparation Phase

The thought of achieving this certification stayed in my mind for years, but the timing was never right.

Fast forward to June 8, 2024 — the day I officially started my OSCP journey. I knew it wouldn’t be easy, but I was ready to give it my all.

However, my journey wasn’t without challenges. On July 18, 2024, My country Bangladesh experienced an internet blackout as student protests against the government jobs quota scheme turned violent.

Internet MEME

I was worried and wondering if I could complete my OSCP preparation in time! But After five days of a complete shutdown, the internet was fully restored on July 24, and I made up for the lost time by diving straight into the challenge labs. Despite the disruption, I managed to complete all of the challenge labs before my lab time expired. Balancing my preparation with my full-time job as a Jr. SOC Analyst was tough. However, my previous experience in pen testing and CTF was helpful. Here’s how I structured my preparation:

  1. Course & Exercises: I’ve read each chapter, taken notes and completed the exercises but didn’t watch the videos.
  2. Challenge Labs: I’ve completed all the challenge labs and documented everything. Skylark took me a few days to complete.
  3. OSCP Like Boxes: I merged TJ Null’s and LainKusanagi’s OSCP Boxes lists into a single spreadsheet (here) and solved all the boxes of Proving Grounds and HTB.
  4. CPTS Path: In addition to the official course material, I’ve also completed 50% of the Certified Penetration Testing Specialist (CPTS) path from HackTheBox, which complemented my learning and found beneficial.

I learned that enumeration is key. If something didn’t work, it was often because I had missed a detail during enumeration.

The Exam Day

I scheduled my exam on November 26, 2024. The OSCP is a 23 hours and 45 minutes exam and it consists of an Active Directory network and 3 standalone machines, to achieve full points we have to gain root or administrative privilege. Following that, we are given an additional 24 hours to write and submit a detailed professional report.

I started with AD, which took me around 3.5 hours. This boosted my confidence significantly. From there, I moved on to the other machines.

It took me around 7 hours to achieve the pass mark. I took a few breaks in between. After reaching the pass mark, I began cross-checking my notes to ensure I didn’t miss any critical details that would be necessary for writing the report.

Reporting

Once the hacking phase was over, the reporting phase began. Writing the report is just as critical as the hacking itself. I spent the next few hours carefully documenting every step I took, ensuring my explanations were clear and detailed. I treated this report as if I were presenting it to a client — clear, concise, and professional.

On December 1, 2024, I received the email: “OSCP Certification Exam Results” 🎉.

OSCP Certificate

Alhamdulillah all the hard work, sleepless nights, and perseverance paid off.

Alhamdulillah

Reflections

Passing the OSCP in just five months, despite the challenges I faced, taught me several invaluable lessons:

  1. Perseverance Pays Off: There were moments when I felt stuck or frustrated, but pushing through those moments made all the difference.
  2. Documentation is Critical: Whether during the exam or in real-world engagements, keeping detailed notes is essential.
  3. Practice Makes Perfect: The hands-on experience from challenge labs, Proving Grounds, and Hack The Box played a crucial role in enhancing my skills.
  4. Never Stop Learning: The OSCP is just one step in a lifelong journey of learning and growth.

Today, I’m proud to say I’m the first individual from Bangladesh to achieve the newly enhanched OSCP+ certification. It’s an honor and it motivates me to keep pushing the boundaries in cybersecurity.

Closing Thoughts

To anyone aspiring to take the OSCP: You’ve got this. Stay focused and put the effort — every challenge is a step toward success. There will be tough moments, but remember persistence is key. Keep learning, keep experimenting, and don’t be afraid to fail. Stay disciplined, stay motivated, and celebrate your progress along the way. In sha Allah your dedication will pay off. You can do it!


Thank you for reading my OSCP journey. If you’re preparing for the OSCP and need advice, feel free to reach out. I’m always happy to help!

OSCP Certificate

OSCP+ Certificate