Passed the OSCC Exam on My First Go — You Can Too!
Hi, I am back with a new certification called Offensive Security CyberCore Certified (OSCC) by Offensive Security. While it wasn’t the hardest exam I’ve taken, it can definitely be intense given the 6-hour timeframe. However, I was able to complete it in just 1 hour and 30 minutes. In this blog, I’ll walk you through how I prepared for the course, my exam strategy, and how I managed to ace it in such a short time. By the end, I hope you’ll feel confident and ready to tackle the OSCC exam yourself. If I can pass on the first go, so can you!
Exam Syllabus
The course is divided in 3 major component — Attack, Build and Defend. The course is beginner friendly and personally I found it good enough for someone who is planning to get into cybersecurity. It covers the following:
- Introduction to CyberCore — Security Essentials
- Anatomy of Cybersecurity
- Cybersecurity Frameworks and Standards
- Cybersecurity Roles
- Introduction to General Cybersecurity Skills
- Linux Basics
- Windows Basics
- Data Transformation Fundamentals
- Python Scripting Fundamentals
- PowerShell Scripting Fundamentals
- Networking Fundamentals
- Cloud Computing Fundamentals
- Enterprise Network Fundamentals
- Introduction to Network Firewalls
- Background to Contemporary AI
- Cryptography Fundamentals
- Introduction to Offensive Cybersecurity Skills
- Penetration Testing Process
- Information Gathering and Enumeration
- Understanding Web Attacks
- Attacking Endpoints
- Defense Evasion
- Offensive Cloud Fundamentals
- Introduction to Defensive Cybersecurity Skills
- SOC Management Processes
- Defensive Security Processes
- Vulnerability Management
- Malware Analysis
- Social Engineering and Phishing
- Ransomware, DDoS, and Availability
- Wi-Fi Security
- Security of Embedded Systems
- Industrial Control Systems and OT
- Risk Management in Cybersecurity
- Introduction to Build Skills for Cybersecurity
- Software Engineering Security
- Foundational Input Validation Concepts
- Cloud Architecture Fundamentals
- Introduction to Assurance Testing
- Starting and Developing a Career in Cybersecurity
I found few module more interesting to me since I know the concepts but I don’t think my fundaments are very clear in all the topics.
Exam Review and Tips
I started my OSCC exam early Sunday morning and encountered some issues when launching it. Unlike most Offensive Security exams, which are VPN-based, this one had a few differences. The exam is proctored, and after verifying your identity, you use the Offensive Security portal to begin.
Once you’re in, all the questions, along with a VPN file for practical challenges, are available on the portal. The exam consists of both theoretical and practical questions. Although I can’t disclose the exact number of questions, if you’ve completed the course, the exam should take around 2–3 hours to finish.
Some of the questions are flag-based, where you need to find specific flags, while others are multiple-choice. It’s important to select just the letters (A, B, C, etc.) as your answer for the MCQs, instead of typing out the entire option.
Attack Phase: My Favorite Part of the OSCC Exam
The attack phase was hands-down the most exciting part for me. Coming from an offensive security background, I found this section straightforward. I almost overcomplicated it, but once I stepped back, it all fell into place! I completed this section in 30–40 minutes. The lesson? Don’t overcomplicate things!
Defend Phase: Room for Improvement
The defend phase involved identifying an ongoing attack and using Splunk to analyze logs. Once you’ve figured out the type of attack, the goal is to make changes to the victim machine to block the attack.
While the concept is clear, I felt like this phase could use some improvements. From my experience, a script runs once the attack begins, and you need to stop it. I ended up trying something a bit out of scope — and surprisingly, it worked! This phase seemed a bit too simple, and I believe it could use a more thorough review from OffSec. That said, with root/admin access, you have full control to implement any needed changes. I wrapped this phase up in 40 minutes, though I did have to revert once after experimenting with new ideas.
Build Phase: Straightforward and Quick
The build phase was very direct. You’re tasked with analyzing vulnerable code and identifying what it’s vulnerable to. There’s also a cloud architecture component that tests your knowledge of overall cloud. I completed this section in 10 minutes. Since I was confident in my answers, I quickly selected the right options without needing to overanalyze the cloud-related part.
Final Thoughts
In my experience, Trust me the exam isn’t as tough as it seems especially since it’s entry-level. My key takeaway? Keep things simple. For the attack phase, following basic TryHackMe exercises can give you a great foundation. During the defend phase, think outside the box — there’s more than one way to stop an attack. And for the build phase, focus on identifying key vulnerabilities and reviewing the course material to understand cloud concepts.
Thank you
Best of luck with your preparation! Remember, it’s all about staying calm and following the process step-by-step. You’ve got this! If you need any advice or just want to chat about the exam, don’t hesitate to reach out — I’m happy to help!
