Oswe Exam Report Work ◆

A high-level overview of the systems compromised.

Before you hit "submit" on the OffSec portal, run through this checklist: oswe exam report work

Don't fluff the report with generic definitions of SQL injection. Focus on this specific SQL injection. 2. Structuring Your OSWE Report A high-level overview of the systems compromised

These must be shown in their original location via a terminal/command prompt. oswe exam report work

If a colleague followed your report, could they recreate your exploit from scratch without guessing?

Explain the "Why." Why did the code fail? (e.g., "The application uses an unsafe eval() call on user-controlled input in functions.php at line 42.")

Ensure your Python/Perl/Bash scripts are included in the report and are easy to copy-paste.