Sec+ Secured. The Grind Continues: OSCP Ahead.

MichaelMichael
4 min read

I passed the CompTIA Security+

That might sound like a simple statement, but it carries a lot behind it:

Late nights, mental blocks, frustration, breakthroughs, and a constant voice in the back of my head asking, “Are you really about this, or just pretending?”

Turns out, I’m really about this.

Security+ wasn’t hard. But it was humbling.

When I first cracked open the study material, I figured it’d be a straightforward exam. Just another cert.

But the deeper I got, the more I realized this wasn’t a memorization game; it was mindset training.

They don’t just want to know if you can define CIA Triad or TLS vs SSL; they want to know if you understand why it matters, how it plays out in real systems, and what could go wrong if you miss something small.

And trust me, it’s always the small things that are overlooked.

The Test: PBQs, Traps, and Curveballs

The test hit harder than I expected.

  • Multiple choice? More like multiple traps. You get two answers that look right and have to figure out which one is more right.

  • Performance Based Questions? This is where people struggle. You’re thrown into a scenario and expected to apply layers of security concepts like triage, patching, network segmentation, and access controls in real time.

I didn't rush through it. I sat there, thought carefully, ignored distractions, and relied on my preparation. In the end, that mindset got me through. And it's that same mindset I'm sharpening now, because what's ahead isn't just a test. It's a challenge.

Next Mission: The OSCP

The Offensive Security Certified Professional (OSCP) isn't a multiple-choice exam. It's 24 hours of pure problem-solving: five machines, real-world vulnerabilities, and no guidance. You break in, escalate privileges, document everything, and write a professional report to prove you earned your access. And if you don't succeed? You start over. No excuses. No shortcuts. But that's the challenge I want because I'm not here just to learn cybersecurity — I'm here to live it.

How I’m Preparing for the OSCP

Right now, my learning is structured like this:

  • Labs on Hack The Box and TryHackMe, practicing enumeration, privilege escalation, post-exploitation tactics, and active directory attacks.

  • Daily tooling practice with nmap, Burp Suite, Gobuster, Metasploit, BloodHound, Impacket, and others.

  • Buffer overflow labs, learning the art of memory corruption and custom exploits.

  • Documenting everything. I don't just hack; I take notes as if I'm going to teach it. This approach helps me understand what I'm doing even better.

What’s Coming: Notes, Walkthroughs & Content Creation

I’m done keeping this journey to myself.

Starting now, I’m turning my study notes, machine write-ups, and findings into public documentation.

Why? Because I remember being the person scouring Reddit and forums just trying to figure out how to get past an exploit step. If I can make it clearer for someone else, or at least let them know they’re not alone in the struggle, then that’s a win.

Here’s the plan:

  • Posting walkthroughs for boxes I complete (Hack The Box, TryHackMe, VulnHub, etc.)

  • Creating Markdown-formatted notes for each topic I study, including enumeration, privilege escalation, pivoting, web app exploits, and more.

  • Launching a blog section specifically for OSCP preparation, organized by machines, concepts, and tools.

  • Eventually, I will start creating video walkthroughs that break down machines step-by-step.

Final Thoughts: Stay Dangerous. Stay Disciplined.

Passing Security+ was a solid milestone, but I'm not stopping there. Next up is the OSCP. This challenge is different; it's not just about gaining root access, but about who you become in the process. It's about the mindset, the method, and the discipline. It's about understanding not only how to exploit a system, but also why it works, when to act, and how to analyze it afterward.

If you’re putting in the work too, let’s connect. I’m sharing it all — the wins, the setbacks, and everything I learn along the way. No one makes it to the top alone. The grind continues. Let’s get after it.

Author Bio:

Pen tester in the making. Locked in on the OSCP. Breaking boxes, documenting the process, and learning the craft—one exploit at a time. Still a student and always will be. Stay tuned.

0
Subscribe to my newsletter

Read articles from Michael directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Michael
Michael