Before hitting submit, read the "Exam Guide" one last time. Ensure your file naming convention (e.g., OSID-OSWE-Exam-Report.pdf ) and archive format are exactly what OffSec requested. Final Thoughts
This is the meat of the report. Break it down by machine/assignment. Discovery: How you found the bug in the source code. oswe exam report
Visual proof of every major step, especially the final "proof of concept" (PoC) showing the flag. 3. Automating the Exploit Before hitting submit, read the "Exam Guide" one last time
Don't wait until the 48 hours are over to take screenshots. Capture them during the exam while the environment is still live. Break it down by machine/assignment
Use the first few hours of your reporting window to sleep. A well-rested brain catches typos and missing steps that a sleep-deprived one ignores.
Post-Exploitation: How you reached the final goal (local/administrative access).