# My OSCP+ Journey
### $ whoami
I'm known as **l1nuxkid** on the internet.
I hold a degree BSc in Cybersecurity & Forensic Science a 3-year degree I genuinely appreciate, even though the syllabus was mostly *"what is malware and name the OSI layers."* Real talk, the curriculum barely scratched the surface of offensive security. I won't blame the institution entirely but I'll be honest: I attended maybe 10–15% of my final semester classes. I was too busy rooting boxes.
I graduated in 2026. And two weeks before my final university project deadline, I passed **OSCP+** on my first attempt.
This is that story.
***
### Why OSCP?
When I first heard of OSCP, I didn't fully understand what it was. I just knew it was made by the people behind Kali Linux, and it wasn't a multiple-choice cert it was a 23-hour hands-on exam. No brain dumps. No shortcuts RIGHT
I had a friend who had cleared OSCP back in 2022. When I was just entering the field, I'd ask him about it and it genuinely didn't make sense to me yet. But I watched how people reacted to that achievement. There was a certain *aura* around it. Over time, it became my dream and in 2026, I made it real.
I also held **TryHackMe's PT1 (Junior Penetration Tester)** certification, I passed in 2025 August before starting this journey, which covered web, AD, API, and network. It gave me a foundation. OSCP was the next mountain.
### The Preparation
Preparation started in **December 2025**.
I want to be clear about something upfront: I didn't prepare casually. I prepared *obsessively*. The kind where you're doing a box at 1 AM the night before your degree exam because your brain tells you that a 3-year university degree might matter less than a single OSCP certification.
(Narrator: i did the box.)
#### Resources & Platforms
Here's everything I worked through:
**Platforms:**
* **Proving Grounds Practice** =**>** 90+ machines. This was my backbone. PG is OffSec's official practice platform, and nothing prepares you for the exam methodology better. I did most machines manually, no automation tools.
* **Hack The Box** =**>** Completed almost the entire TJ Null list. Left a few absolutely brutal machines (you know the ones). A
* **Vulnlab** =**>** Did machines and **Pro Labs**: Trusted, Hybrid, Reflection, and Lustrous. These are AD-focused and rated hard they go beyond OSCP scope into advanced attacks. Huge respect to the creators: **xct (Martin M.)**, **Robit**, and **Geiseric**. Amazing platform.
* **Hack The Box Pro Labs ⇒ Dante** | **Tengu**=**>** A full penetration testing lab simulating a real corporate network. Essential for understanding pivoting and chained exploitation.
* **Hack Smarter Labs** =**>** Additional practice that helped round out my methodology.
* **OffSec PWK Challenge Course Content /** **Labs** =**>** I gave first priority to official course content then i went to finish, All 9 challenge lab networks, each containing multiple hosts (some networks had 20+ hosts, others were pure AD environments). I completed **each network twice**. I skipped Skylark and cloud modules, that's my one regret.
> I had 90-day PWK access and skipped the cloud modules. Big mistake. Don't be me.
**Community Resources (the real MVPs):**
* **IppSec** **=>** Absolute legend. Watch every single video. His thought process teaches you *how to think*, not just what to type.
* **0xdf** **=>** Blog walkthroughs of exceptional quality. The level of detail is unmatched.
* **xct / Martin M.** **=>** Content that pushed my understanding of advanced techniques.
* **s1ren** **=>** Walkthroughs that heavily shaped my enumeration methodology.
* **OffSec's official s1ren list** **=>** If OffSec themselves point to it, you follow it.
**OffSec HackTrack Sessions:** OffSec runs weekly live sessions where instructors walk through concepts in real time alongside modules. I attended these consistently. They're underrated something about watching a offsec mentor that he/she work through it live just clicks differently.
#### The Numbers (Because People Always Ask)
| Platform | Count |
| ----------------------------- | -------------------------------------------------------------- |
| Proving Grounds (PG Practice) | 90+ machines |
| Hack The Box | TJ Null list + pro labs |
| Vulnlab machines | machines + chains -> Trusted, Hybrid, Reflection, Lustrous +++ |
| Hack Smarter Labs | 10-15 Machines |
| PWK Challenge Labs | 9 networks × 2 completions |
| Total machines (approx.) | **300+ (SOUNDS SCARY RIGHT) BUT TRUE** |
This Playlist is great from S1REN who used to work at Offsec [**YOUTUBE LINK**](https://www.youtube.com/watch?v=NQ6jbKqkJ0s\&list=PLJrSyRNlZ2EeqkJa12Tu-Ezun9kXvHufN\&index=1)
#### The Methodology Mindset
I didn't chase tools. I built a methodology.
Every machine I solved taught me something about *how I think*. What do I enumerate first? When do I move on? When do I go deeper? After 300+ machines, these decisions became instinct.
Some days I solved 4 machines. On busy days, at least 1. I never broke the chain.
> *"I wasn't trying to be exceptional, I just refused to be inconsistent."*
### Life Happened (As It Always Does)
#### NullCon
In February 2026, I volunteered at **NullCon** Asia's largest cybersecurity conference (Feb 28 – Mar 1, Goa). I wasn't going to skip it. Security conferences are where the community lives, and being part of that energy is something you carry with you.
I came back on March 7th. Conference + Exploring the goa i enjoyed the trip but mising my hands on my beast MacBook
#### The University Plot Twist
After scheduling my exam for **April 6, 2026 at 10:30 AM (IST)**, my university dropped the news: external semester exams were happening. And since it was my final semester, I actually cared about passing them.
So I made a plan:
* Don't stress about college until April 13–15
* Stay completely focused on OSCP until then
* Give the university exam, survive it, come back
The night before my degree exam? I did a box. At that point, I genuinely thought: *"This 3-year degree has no value compared to what I'm building."* That was the mindset. (And for the record I passed both ( result didn't came from university yet but i am confident.)
### Exam Day April 6, 2026
The exam started at **10:30 AM IST**.
I had dry fruits and Red Bulls ready. Clean setup. VPN connected. Full focus mode.
#### The First Hour
Got **10 points** in the first hour. Clean. Felt good. Pushed for more.
Then hit a wall. Spent the next **5–6 hours** on the same target. Nothing. The kind of stuck where you're going in circles and your brain starts lying to you.
**Key decision:** Switched the target entirely. Within a reasonable time, I rooted another machine. **10 + 20 = 30 points**.
#### The Sleep That Wasn't
With 30 points secured, I decided to take a 1-hour nap to reset. Fresh eyes, fresh mind good strategy.
I lay down. Closed my eyes.
My brain immediately said: *"You have put too much money and time into this. You cannot sleep."*
I got up. Drank a Red Bull. Took a 5-minute walk.
Came back. Two hours later another standalone machine compromised. (inner me appreciating the decision to not to sleep)
**30 + 20 = 50 points.**
Then I methodically pushed through the **Active Directory** set and completed it.
Over the entire 23-hour exam window:
* 2 Red Bulls
* Water
* Zero food (too focused, too wired)
#### The Final Hours
I finished the exam objectives in roughly **20 hours**. The remaining 2 hours I spent going through everything again checking screenshots, verifying steps, making sure nothing was missing.
I did not use any automation tools. Everything was manual. Every step, every exploit, every privilege escalation done by hand, understood in full.
### The Report
As soon as the exam ended, I did not sleep.
I started building my report immediately mapping attack vectors, documenting each step, aligning findings with CVSS scores and CVE IDs where relevant. The report took **6 hours**.
Submitted. Done.
Then I went and ate my first meal in 24 hours. Came back. Started doing CTFs on CTFtime. Still didn't sleep kept checking my email every few minutes.
*Does my cert come? Does my cert come?*
### The Email
**23 hours after submitting the report:**
> *Subject: Penetration Testing with Kali Linux - OSCP Certification Exam Results*
>
> Dear l1nuxkid, We are pleased to inform you that you have successfully completed the Penetration Testing with Kali Linux (PWK) certification exam and have obtained your OffSec Certified Professional (OSCP+) certification.
I read it twice. Then checked the sender address. (I do cybersecurity, of course I verified the email header.)
**BOOM. BINGO.**
### Acknowledgements
This wasn't a solo run. People who genuinely made a difference:
* **IppSec, 0xdf, xct, s1ren, Subh (x4c1s)** community pillars who give their knowledge freely
* **Kunal Kumar** for the HTB subscription
* **Vikram Pawar** for PG Practice access
* **Prep buddies** Prateek Jaiswal, Aditya Sharma, Fazil Subair, Gourav (good luck on your exams!)
* **OffSec Discord community** and **Jay-Ann Ypil** genuinely supportive space
* **Jainil Malaviya, Abdulaziz Alenzi, Sudheesh G L** always there when I had beginner-level doubts
* **Vulnlab creators** xct, Robit, Geiseric for building something genuinely great
* **My friend who cleared OSCP in 2022** for being the aura I chased
### What's Next?
OSCP is a checkpoint, not a finish line.
Right now I'm:
* **Strengthening web exploitation** working through CWEs on HackTheBox (HTB's web-focused path)
* **PortSwigger Web Security Academy** systematic coverage of web vulnerabilities
* **CTFs** actively playing on CTFtime
* **Job hunting** applying for entry-level penetration testing roles in India
If you're hiring, my DMs are open.
### Advice for Anyone Preparing
1. **Build a methodology, not a toolbox.** Tools change. Thinking doesn't.
2. **PG Practice is non-negotiable.** Do as many as you can. It's closest to exam feel.
3. **Watch IppSec.** Not for the answers. For the thought process.
4. **Do the AD labs.** AD is a huge part of the exam. Vulnlab's Trusted and Hybrid are excellent.
5. **Don't skip the cloud modules.** (Unlike me. Don't be me.)
6. **Attend the HackTrack sessions.** Live, real-time learning hits differently.
7. **One box a day minimum.** Consistency beats intensity.
8. **Report as you go.** Have a template ready before exam day.
9. **Mindset over momentum.** You will get stuck. Everyone gets stuck. Breathe, switch targets, come back.
> *"If you stay consistent and trust your preparation, OSCP is achievable."*
### Final Thoughts
Passing OSCP+ on my first attempt while volunteering at a security conference, dealing with university exam chaos, and running on Red Bull and stubbornness was one of the most satisfying things I've done.
Not because of the cert. Because of everything the process built in me.
The discipline. The methodology. The ability to sit in front of a machine that isn't giving you anything, and keep going anyway.
**Try Harder** isn't marketing. It's what happens when you have no other choice.
### Memes Section (You Knew This Was Coming)
***
*Find me on X / Twitter:* [*@secsystemd*](https://x.com/secsystemd)
*Offensive Security Enthusiast | OSCP, OSCP+, PT1 | Web, Network & AD Penetration Testing | Cloud Pentesting*
*Currently open to entry-level penetration testing roles India based, remote friendly.*
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://l1nuxkid.gitbook.io/l1nuxkid-docs/certification-archive/my-oscp+-journey.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.