OSCP (non-technical) Tips

After recently completing my OSCP (2nd exam attempt) I wanted to give a few non-technical tips since most guides out there seem to focus mostly on the technical side.

The approach I took for the second attempt differed a lot from the first, especially from a non-technical point of view. Whilst these tips may not be for everyone, hopefully they will help some.

Take breaks often.

The technical portion of the exam runs over 24 hours, which can be pretty gruelling, especially since you’re staring at a screen for most of that time. After a while, your brain will start to shut down and you’ll be getting stuck on simple problems.

Taking a break alleviates this, but make sure it’s a proper break of 15–20 minutes. Go grab a tea/coffee/hot chocolate and go sit away from the screen to physically and mentally take some time to reset.

In my first attempt I barely took any breaks and felt completely drained before the halfway mark. With the breaks in the second attempt, this was a completely different story.

Sleep

Offensive Security clearly state they expect students to sleep — so do it! Even if it is only for a few hours it will give you much needed rest once the short breaks no longer work to reset you.

Whether you want to break it up in to a few short naps or take a longer period of sleep is up to you, but it’s highly recommended.

Background tunes

I found having some background music helped break the deafening silence. Pick some tunes that breakup the silence but won’t distract you (shoutout to chilledcow lofi study beats on youtube).

Don’t stress the proctor

For some the idea of an unknown face pointing a webcam at you for 24 hours can seem pretty stressful, but I found once I started the exam I almost forgot they were there. They won’t interact with you other than when you advise them you’re taking a break so there wasn’t really any stressful moments there at all.

Try and enjoy the process

At the end of the day, you’re probably doing OSCP because you enjoy hacking or penetration testing and have wanted to challenge yourself to learn more. Essentially that’s all this is — a multi-target CTF or penetration test compressed in to 24 hours. It can sound pretty daunting, but if you try to enjoy the process I found it helps a lot.

Good luck!