r/oscp

▲ 3 r/oscp

Retry help

Hi, I failed my first try yesteday.
I went to the exam tab on the course but it says that I have to buy another exam attempt.

I bought the Learn One Annual Subscription + 3 - PEN-200 which I thought it had 2 attempts.
Did I miss sometinhg?

I got it on 2025-08-16

reddit.com
u/chuse1995 — 1 day ago
▲ 5 r/oscp

Curious about HTB or VHL

Hi everyone! Ive finished the challenge labs less ABC and secura as I want to save it as timed practice nearing my exams. I am around 1 month out from my exams and I want to get more practice on the standalones. Ive finished the PG practice except very hard rated machines and I want to get a sensing of how the community feels.

Do yall think its worth it to embark on HTB or is VHL a better choice ? Ive heard HTB is more CTF-ish and not really realistic, while VHL is good, the reviews are dated (Around 4-5 years ago)

I can safely say I can pwn 70% of the medium rated machines in PG without hints or walkthroughs at this point but I want to still get some reps in before my exam. Appreciate any guidance from anyone! Thanks :)

reddit.com
▲ 32 r/oscp+10 crossposts

SeekYou, unified host intelligence across 15 sources

SeekYou – unified host intelligence across 15 sources, runs free on Cloudflare.
- Built a tool that takes any IP, domain, or ASN and queries 15 sources in parallel: open ports, CVEs, BGP, RDAP, cert history, passive DNS, 5 threat feeds, exposed buckets, Wayback snapshots — all in one report.
- 4-layer parallel execution (total time ≈ slowest source, not sum of all).
- KV caching per source, circuit breakers, per-IP rate limiting.
- Typed diff engine — get alerted when ports open, CVEs appear, or certs expire on monitored hosts.
- Runs entirely on Cloudflare free tier (~5k lookups/day).
Source: https://github.com/Teycir/SeekYou (https://github.com/Teycir/SeekYou)

u/tcoder7 — 2 days ago
▲ 28 r/oscp

Failed OSCP Again

This was definitely tough this time. I had 60 points less than 4 hours in. Full AD compromise, two footholds. What could go wrong. I blew it big time😂. I have never been stuck like that in my life. I failed about 6 weeks ago with 10 points. My head just wasn’t in it. I had done all of Laine’s list for PG, HTB, and hack smarter. Definitely a humiliating experience. Any ideas on what I should do now to prepare for the next attempt?

reddit.com
u/CyberOK99 — 4 days ago
▲ 0 r/oscp

URGENT!! 2 weeks before exam and no PG Practice subscription by company bundle!!

Hi everyone! I have an urgente question about preparation for the exam, yes I did most of the challange labs and documented everything, i was very active on hackthebox but i saw many persons saying that PG is almost mandatory to help you pass the exam!!

Yes I have PG Play but no PG Practice, my company paid for the course + cert bundle and cant append more subscriptions now, how to proceed?

Does offsec allows 2 separated accounts for that? I want to buy the pg labs from an separated account so i am asking.

If there is someone who did only the challange labs for example, how did you guys pass! Thanks!! This is urgent

reddit.com
u/oppai_silverman — 3 days ago
▲ 7 r/oscp

Tips about how to approach the PG Machines!!

OSCP ABC and Secura done! I plan to do Relia on the weekends and do the proving grounds as next, do you guys have some tips about how to approach the PG Machines? Like lists, tips and so on? I have less than 20 days before my exam, trying to manage my time cuz i have my daily work.

I plan to do at least 20 to 30 machines on PG but i know that there is some kind of list for that, but i want to manage my time on PG before the exam and would like to know if the community has an well known set of machines to at least "do" before the official exam.

But i'm already doing this:
* Creating cheatsheets and mindmaps
* Documentation about other machines that i see on youtube when i don't have time to sit in the computer
* Practice AD on free time with some modules

Thanks!

reddit.com
u/oppai_silverman — 4 days ago
▲ 20 r/oscp

Methodology to find pre-existing CVEs

Would anyone be willing to share their methodology to find pre-existing CVEs? I've noticed while doing some labs that I'm more than fine with finding custom exploits, but when I have to search for pre-existing CVEs, I often miss them.

My current methodology is:

  • First, search for the software name and version being used
  • Then search for just the software name if the first search doesn't output anything
  • I normally search with: searchsploit, CVE.org, and a regular google search

To improve on my methodology, I'm looking for the following things:

  • What tools / websites do you use to search for them
  • What search terms do you use: do you search for the name and version, just the name, or anything else

Any help would be great, thank you

reddit.com
u/Vegetable-Ad-5808 — 4 days ago
▲ 6 r/oscp

Exam format (machines)

So the exam consists of 4 machines, 1 AD Chain and 3 standalones. What can I expect on the 3 stand alone machines?

reddit.com
u/ForsakenGrass2268 — 6 days ago
▲ 8 r/oscp

OSCP Proctor Software / Resource Consumption

Exam is this Thursday & have been researching the OSCP proctor software. Have mixed feelings about my setup and concerned about resource consumption. Running kali from a 2015 macbook pro, 16GB RAM, 2.2 GHz i7 quad core. Not the best specs but it has served me well for the PEN200 & completed the CPTS exam with this laptop.

Has anyone experienced major issues with the proctoring software and resource consumption? I would hate to constantly resharing screens every 10 minutes, I feel that would disrupt workflow and progress.

reddit.com
u/sturmdog — 7 days ago
▲ 129 r/oscp+7 crossposts

Credentials Hunting

Built a small credential-hunting tool for authorized post-exploitation enumeration on Windows and Linux.

https://github.com/NeCr00/Credential-Hunting

The idea is simple: after gaining access to a host, the tool helps identify hardcoded reusable credentials that may support privilege escalation or lateral movement. It focuses on passwords and host-access credentials, not generic API tokens.

It runs in phases:

  1. OS-specific checks
  2. Credential databases and known credential files
  3. Suspicious filename discovery
  4. Broad filetype content scanning

The goal is to make credential discovery faster, cleaner, and less noisy during HTB-style labs, CTFs, and real-world authorized pentests.

Would love feedback from other pentesters on detection logic, false-positive reduction, and useful locations/filetypes to include.

u/Necrowtf — 9 days ago
▲ 32 r/oscp

Failed 2nd exam attempt, asking for advice

As the title says, I failed my 2nd exam attempt which I had yesterday. I ended up on 50 points with the AD root and one standalone. This is a better result compared to my first attempt in April where I only got 10 points. This exam felt harder than the first one and I feel that I'd have passed if I got my first set.

I intend to resit the exam at some point this year as I still have my LearnOne till December.

I am thinking of maybe enrolling to the TCM academy and redoing all of the Lainkusanagi by myself as I have been using hints to maximise time as I work full time as a software dev which can be mentally tasking at times and also have a family that I want to spend time with.

Anything else that people would suggest?

Though I'm gutted by the result, I should remember that I have responsibilities such as work and family and the I only started fully trying in cyber security last October when I enrolled for the eJPT (which I liked) and started with Offsec in December.

Looking forward to hearing what people say

reddit.com
u/SpeedPositive1224 — 10 days ago
▲ 4 r/oscp

does the exam change often?

after the major update in november 2024, is there any new updates like changes in the exam lab itself? if yes, how often do they change it? friend of mine had an attempt in early february, does that mean he'll be getting the same exam lab this month as well?

reddit.com
u/abu2win — 8 days ago
▲ 8 r/oscp

PG Practice without HTB

Hello guys,

I dont have so much time so, is it enough to solve only PG Practice without HTB machines .. do this allow me to pass ?

Thank in advance 🙏

reddit.com
u/Adventurous_Pop5481 — 12 days ago
▲ 4 r/oscp

Cannot reverse shell any PG machine

Hello everyone, I have the weirdest problem where I cannot reverse shell any machine anymore. I'm pretty sure it is network or firewall issue.

Anyone can help me solve this? My VM is on Bridged Mode if that is relevant.

EDIT: The issue is either resolved or the problems were only on Hepet and Mice machines.

reddit.com
u/Moneera97 — 12 days ago