OSCP-Exam-Report-Template-Markdown
OSCP-Exam-Report-Template
Our great sponsors
OSCP-Exam-Report-Template-Markdown | OSCP-Exam-Report-Template | |
---|---|---|
21 | 9 | |
3,300 | 913 | |
- | - | |
4.6 | 0.0 | |
2 months ago | almost 3 years ago | |
Ruby | ||
MIT License | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
OSCP-Exam-Report-Template-Markdown
-
Exam Complete -- Got enough points but am worried about the report.
Thank you! Yes, I used https://github.com/noraj/OSCP-Exam-Report-Template-Markdown and included vulnerability details, as well as how to fix the vulnerability and it got lengthy which I think was unnecessary, but I tried to make it nice and be thorough. I probably should've put more time in trying to fix the other issues I had but oh well.
- Passed OSCP about two weeks ago
- Your usual last minute exam tips request
-
OSCP report : Table of content
I am in the process of redacting my report. In fact, I have already documented all 10 machines and all exercises in the lab. However, i have still a question regarding the expected content of it, as the official template as well as some famous templates such as this one mention a whole introduction section containing among all introduction, objectives, requirements, methodologies...
-
I neglected to update the table of contents in my exam report, and it still refers to everything in the default template lol
Here a good starting point: https://github.com/noraj/OSCP-Exam-Report-Template-Markdown
-
Several questions on prep of OSWE
Also you can take a look at the OSWE Exam Report Template in Markdown I you prefer to avoid Word.
-
My OSCP Experience
I wrote my reports in Markdown using the format here. I researched more about pandoc and decided to convert my Markdown documents to docx first, edit them in LibreOffice (Page Breaks, better Table of Contents), and export them to PDF for submission Test your report conversion before the exam. This helped me figure out issues with my report conversion before the exam (issues with special characters in my terminal), and switch to a system that works. Another good report format can be found here, this one provides resources
- Tips for how to make the report writing as painless as possible?
-
Information about the lab exercise + reports for the 10 points
However things I did do right was to right the whole thing in markdown in obsidian. I used flameshot to get all my screenshots and converted the markdown to a pdf with eisvogel using this GitHub as a template https://github.com/noraj/OSCP-Exam-Report-Template-Markdown
- OSCP Report Generation
OSCP-Exam-Report-Template
-
Passing the OSCP in 8 hours(as a high school student)
I had never done any formal pentesting reports like this one, so I kind of learned it on the fly. The whoisflynn template came in clutch for me, since I just had to follow the instructions laid out and copy paste whatever I needed to. Don’t underestimate this part of the exam, and do some planning beforehand to make sure you’re comfortable and have enough time. There isn’t an upper limit to detail in the report, and I was sure I was very detailed in my writeups.
- 22 Hours Later
-
Really bad exam experience, don't wanna take it again?
Was easy to be honest. The way I work was to create reports for all boxes I did in the PWK, proving grounds and HTB as if they were real engagements. I used a template in Joplin I found here https://github.com/whoisflynn/OSCP-Exam-Report-Template. During my practice I would document my findings as I went through and edited out things I didn't need.
-
Passed second try, my thoughts
As for the report, I used this template, and removed most sections such as remediation, and added another section for common tools that I used that needs to leave a link to (i.e. Nishang's repo, Feroxbuster, AutoRecon, etc.)
- Une petite demande concernant les spécialistes en cybersécurité
- I passed OSCP, and here is how you should(nt) do it
-
everything i need to know :3
I used https://github.com/whoisflynn/OSCP-Exam-Report-Template for my report
- Report format for OSCP
-
OSCP report
I had the same thing, the template looks very differently from what I would've done on my own. In the end I decided to follow the template (or more specifically, this version, since it made more sense to me) as closely as possible, only diverging when I had to, for instance when there were certain vulnerabilities I had to exploit before I could do the actual exploit that I used to obtain a shell, but that didn't allow me to obtain a shell themselves directly. In those cases I put those explanations in the initial description.
What are some alternatives?
CherryTree - cherrytree
AutoRecon - AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
public-pentesting-reports - A list of public penetration test reports published by several consulting firms and academic security groups.
CTF-Difficulty - This cheasheet is aimed at the CTF Players and Beginners to help them sort the CTF Challenges on the basis of Difficulties.
pandoc-latex-template - A pandoc LaTeX template to convert markdown files to PDF or LaTeX.
EZEA - EZEA (EaZy Enum Automator), made for OSCP. This tool uses bash to automate most of the enumeration proces
TJ-JPT - This repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used in Joplin
nmapAutomator - A script that you can run in the background!
awesome-oscp - A curated list of awesome OSCP resources
SUDO_KILLER - A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.
pentest-notes
alacarte