Treat the report as a separate, 24-hour exam. Sleep, hydrate, then review every line of code you pasted, every command you typed, and every screenshot you took. The difference between an OSWE and a “failed attempt” is often just 5 hours of careful documentation.
Use relative paths and generic listener commands. Document every external command. Failure #2: Missing Code Context You show a weakness but not the surrounding code. For instance, you find a SQL injection, but you don’t show the sanitization attempt (e.g., addslashes() ) that you bypassed. The examiner needs to see why the developer’s fix failed. oswe exam report
Use Shift+Ctrl+PrtScn (Windows) or Shift+Cmd+4 (Mac). Paste into the document at full size. Advanced Tips for the OSWE Exam Report Use a Template (But Customize It) Offensive Security does not provide a mandatory template for OSWE (like they do for OSCP). However, you should build one in Markdown (converted to PDF) or Microsoft Word with styles. Treat the report as a separate, 24-hour exam
import requests target = "http://192.168.1.100/index.php?action=run" payload = "'.system('cat /var/www/local.txt').'" r = requests.post(target, data={"cmd": payload}) print(r.text) # Extracts local.txt [Screenshot of exploit output showing local.txt hash: "OSWE{8a3f...}"] Use relative paths and generic listener commands
Your goal is to provide a document that allows Offensive Security’s lab team to verify your findings.
Introduction: Why the Report is 50% of the Battle The Offensive Security Web Expert (OSWE) certification is one of the most respected and challenging credentials in the application security industry. Unlike multiple-choice exams or simple capture-the-flag (CTF) events, the OSWE exam is a grueling 48-hour practical test followed by a 24-hour reporting window .
/modules/core/logic.class.php, lines 88-94