OSCP - How to Write the Report
My OSCP Experience Writeup: / my-oscp-experience
Writing a good report after taking the OSCP exam can be a matter of passing or failing. A good report will contain thorough details of how the systems were exploiting and how the vulnerabilities can be mitigated. Here are some tips to help you succeed in writing the OSCP report!
OSCP is an amazing offensive security certification and can really boost your cybersecurity career. It provides an opportunity for training and learning new ethical hacking techniques.
Grammarly Affiliate Link: grammarly.go2cloud.org/aff_c?...
Using this link to sign up for Grammarly, even the free version, will help me too!
Join my new Discord server: discord.gg/9CvTtHqWCX
Follow me on Twitter: / 0xconda
If you found this video helpful and would like to support future creations, please considering visiting the following links:
Patreon: / conda
Buy Me a Coffee: www.buymeacoffee.com/conda
Merch: conda.creator-spring.com/
Amazon affiliate link (anything purchased through this link will provide me with a small commission): amzn.to/3hsHzD2
Пікірлер: 59
finally! A good example of reporting. Now we don't have to waste paid time figuring out all that. Thank you!
Much awaited video!!!(I was just thinking of requesting you the exact video). Thanks a lot man.
Excellent video mate...that was very helpful.
Thanks for sharing! I look forward to leveraging this when I take this exam.
@c0nd4
3 жыл бұрын
Awesome! I'm sure you'll crush it
this is awesome , keep going
Thanks for this. Just submitted my report, I seriously nearly vomited after obtaining 60 points on the exam (10 bonus points, confirmed with offsec staff) and then spent nearly 15 hours straight piecing the report together, ensuring I had everything - literally every command (screenshot PLUS copiable output), fixes from online, severities, proofs, modified exploits, links to EVERY single tool I used - this video is making me feel a lot better lol. My stomach still hurts though. This exam experience has been traumatizing.
@c0nd4
Жыл бұрын
The exam is certainly tough. Now you're experiencing the hardest part - waiting for the passing email!
@the_terrorizer
Жыл бұрын
@@c0nd4 I had no idea how debilitating it would be lol 😂 thanks again! I have a few upcoming junior testers/PWK students that I am pointing to this video for reporting purposes
Great video! Thank you
Thanks for the upload.
@c0nd4
3 жыл бұрын
No problem!
Thanks for it bro ..
Watching this has made me feel a bit more confident now. My notes are already detailed enough to make my report easier to generate.
@c0nd4
3 жыл бұрын
Awesome, I'm glad to hear! If you take proper notes, you don't have to stress very much about the report. Good luck!
@tejasanerao1842
3 жыл бұрын
Hey, Did you copy paste the terminal output just like he did in this video or you added screenshots? I am not sure if we can paste the output directly instead of screenshot
Awesomeeeee !!!
Great tutorial, thank you for sharing
@c0nd4
3 жыл бұрын
Glad you enjoyed it. Thank you for the support!
Thanks : )
Very Helpful
@c0nd4
3 жыл бұрын
Thank you!
It seems like you don’t have to be super verbose when detailing what you did. For example, “CD to this directory, chmod +X this script, and moved to my main directory and ran script.” I could imagine that level of detail would be insane and definitely isn’t needed on a Pentest report. Great video!
@c0nd4
2 жыл бұрын
Yeah I'd agree with that. But for the OSCP exam specifically, I'd recommend being as verbose as possible so they understand you have clearly demonstrated the required knowledge to pass and there's no steps skipped.
when i see you i owe you a beer or a drink whatever you drink haha, I love this thanks. Downloaded already :) Bless you.
@c0nd4
3 жыл бұрын
Lol I'm glad I could help. Thanks for the support!
Thx for the video. Always when you said MoinMoin it sounded so Hamburg-ish ;-)
@c0nd4
3 жыл бұрын
No problem! Glad you liked it
thx bro
Needed this! I have my exam this Thursday 🤞
@c0nd4
3 жыл бұрын
Good luck! Remember to take a lot of breaks. Keep your mind sharp and you'll do great!
@Andyjamesg
3 жыл бұрын
@@c0nd4 Thank you! 🤓
@Urbancorax2
2 жыл бұрын
How was your exam, buddy?
@Andyjamesg
2 жыл бұрын
@@Urbancorax2 I failed. I got 55 points though. Booking it again at the end of this year and will hopefully pass this time
@Urbancorax2
2 жыл бұрын
@@Andyjamesg Best of luck, man!
Would this be the same way to write the lab report of the 10boxes?
I have to say this video is awesome!!! I will be taking my exam in 2 days and it makes sort of more confident now after watching your video... Just curious what if I've already done my lab report and it is not in the best format it could be (cuz it had been done some time ago b4 this video came out). But apparently i don't want to/can't redo it, so how strict is OSCP with the bonus point giving?
@c0nd4
3 жыл бұрын
Good luck with the exam! Unfortunately I'm not sure how strict they are with the lab report points. I didn't do the lab report or any of the exercises when I did PWK.
@Urbancorax2
2 жыл бұрын
How was your exam?
@tobiascang1717
2 жыл бұрын
@@Urbancorax2 LOL couldn't pass it man. Only got the BOF and a low shell
@Urbancorax2
2 жыл бұрын
@@tobiascang1717 going to re-take the exam?
@tobiascang1717
2 жыл бұрын
@@Urbancorax2 not so soon haha, not skilful enough
Hey Conda I had a quick question. I use the root account on my Kali and I don't ever use sudo to run commands. You reckon they would expect you to use sudo in the exam or am i overthinking it? Thanks
@c0nd4
3 жыл бұрын
It won't matter what user you are running as. It's all the same. Good luck!
@theone4808
3 жыл бұрын
@@c0nd4 thanks man
JSpell online works to ;)
Hey, is it fine to copy paste the output of terminal like you did in this video or we have to submit screenshots only? I am confused about this.
@c0nd4
3 жыл бұрын
I did a mixture of both when I took OSCP
@tejasanerao1842
3 жыл бұрын
@@c0nd4 Ooh!! Thanks ✌
Hello buddy, can you share your report template? I want to copy the box of that code block
Why I cant search securityfocus?
I have the question about Penetration section. In the template, there is the sentence: _OSXXXX was able to successfully gain access to X out of the X systems._ I don't understand the gain access and systems. Does **systems** mean the number of systems regardless of whether open or not (nmap result). and **access** means open of the nmap result?
@c0nd4
2 жыл бұрын
That sentence is referring to how many machines you comprised. If the exam has 5 machines and you root 2 and have a low privilege shell on 1, you'd say that you were able to gain access to 3 out of the 5 systems. Hope this helps to clarity.
@MASAbirokou
2 жыл бұрын
@@c0nd4 😄Thank you for your speedy replying. I understand.
So in the report you can't just put pictures with comments you also have to put the output of the programs in text maybe have more writing than screenshots. If I understood correct.
@c0nd4
Ай бұрын
It's been a few years since I did the OSCP now, so the official requirements may have changed. The idea of including all of the commands in text blocks was so that the person reviewing your report could easily copy and paste commands instead of having to type them all out. Same with script modifications.
nice one but can I ask for a favour plsssssss