Why OSCP+
The OSCP has been the gold standard for penetration testing certifications, and the new OSCP+ format raised the bar even further. After years of hands-on offensive security work, I wanted the credential to formalize my skills.
My Study Approach
I spent 3 months preparing, dedicating 3-4 hours daily. My approach was:
1. Complete all PEN-200 lab machines (including the new AD sets) 2. Practice on HackTheBox and Proving Grounds — at least 50 machines 3. Focus on methodology over tools — understand WHY attacks work 4. Document everything in a personal playbook
Active Directory Focus
The OSCP+ exam now heavily emphasizes Active Directory. I practiced AD attack chains extensively — from initial foothold through Kerberoasting, lateral movement, and domain escalation. My real-world red teaming experience was invaluable here.
Exam Day
The exam is a 24-hour practical assessment. My biggest tips:
- Enumerate thoroughly before exploiting — 80% of the work is reconnaissance - Take breaks — fatigue leads to tunnel vision - Document as you go — screenshots and notes save time during reporting - Don't get stuck on one target — move on and come back with fresh eyes
Results
I passed on my first attempt with a score well above the passing threshold. The new OSCP+ format is more challenging but also more realistic and rewarding. The Active Directory components truly test practical skills.
Advice for Aspiring OSCPs
Start with the fundamentals. Understand networking, Linux, and Windows before diving into exploitation. Build a methodology you trust, practice it relentlessly, and document everything. The exam tests methodology as much as technical skill.