EZEA VS OSCP-Exam-Report-Template

Congrats bro, I personally like notion. And use tilix for terminal segmention. Made a bash script for enumeration: https://github.com/yassirlaaouissi/EZEA

I have my exam on thr 6th of june, 09:00, amsterdam time. I have the entire public PWK network done, 25 hackthebox machines from TJ Nulls list, 10 BOF machines, an automated enum tool (https://github.com/yassirlaaouissi/EZEA), all of my notes and a healthy amount of failure anxiety for the OSCP Exam. Did most of the boxes without hints, the 5 big ones and some hackthebox machines mostly needed hints on initial foothold for me.

I made a nice enum tool, use it: https://github.com/yassirlaaouissi/EZEA

The first two weeks of my labtime went to the course material (PDF and video). After that I spent a week or two on making an enumeration tool: https://github.com/yassirlaaouissi/EZEA

Many people make tools based on steps in the methodology. I've made a tool to auromate the enumeration step: https://github.com/yassirlaaouissi/EZEA

This is kinda self advertising, but trust me. It will save you time; I use this tool to enumerate my targets. Have done around 30 PWK boxes and 7 HTB machines with it so far: https://github.com/yassirlaaouissi/EZEA

I have been using my enumeration tool EZEA (https://github.com/yassirlaaouissi/EZEA), and so far I am not disappointed I spent time on it. If anyone has suggestions on how to make this tool better, or on how to practice buffer overflows, please do tell me. Have a nice day!

Made this tool based on several other tools that can simplify the enumeration proces for OSCP-like environments. Have rooted 8 boxes so far using this tool in 2 weeks time. Here is the link, let me know how you feel about it: https://github.com/yassirlaaouissi/EZEA

I've made an automatic enumerator for myself to prevent timeloss typing all commands from scratch during OSCP. Here it is, let me know what you think about it: https://github.com/yassirlaaouissi/EZEA

I had never done any formal pentesting reports like this one, so I kind of learned it on the fly. The whoisflynn template came in clutch for me, since I just had to follow the instructions laid out and copy paste whatever I needed to. Don’t underestimate this part of the exam, and do some planning beforehand to make sure you’re comfortable and have enough time. There isn’t an upper limit to detail in the report, and I was sure I was very detailed in my writeups.

Was easy to be honest. The way I work was to create reports for all boxes I did in the PWK, proving grounds and HTB as if they were real engagements. I used a template in Joplin I found here https://github.com/whoisflynn/OSCP-Exam-Report-Template. During my practice I would document my findings as I went through and edited out things I didn't need.

As for the report, I used this template, and removed most sections such as remediation, and added another section for common tools that I used that needs to leave a link to (i.e. Nishang's repo, Feroxbuster, AutoRecon, etc.)

I used https://github.com/whoisflynn/OSCP-Exam-Report-Template for my report

I had the same thing, the template looks very differently from what I would've done on my own. In the end I decided to follow the template (or more specifically, this version, since it made more sense to me) as closely as possible, only diverging when I had to, for instance when there were certain vulnerabilities I had to exploit before I could do the actual exploit that I used to obtain a shell, but that didn't allow me to obtain a shell themselves directly. In those cases I put those explanations in the initial description.