All restrictions are mentioned in the exam guide that will be sent just before the exam starts.

It will prepare you for occasions when you can't use your favorite tool, and will have to find a way around it. Knowing more than one way to accomplish a task will be handy.

Because those are the rules.

But seriously, if you don't just rely on MSF or a vulnerability scanner in the labs, you shouldn't face any problems in the exam either.

I had the same question, after the practice lab with metasploit I said, ok, I got a little easy fun, now every single computer I hack it has to be done without metasploit at all.

Sometimes I want to use it when I cannot escalate, but keep going.... TRY HARDER.

I did the same thing. Any machine that you pwn with metasploit, do it again without using it. Build up a collection of exploits that you know are reliable so you can quickly use them when you need to.

Do as me, I have not started OSCP yet but am reading various books and spending time with Smashthestack.org

- Script any enumeration and other tasks that take time. Also script tasks for gathering information on systems you compromised, do it both for a Windows and Linux environment. I modified various public scripts into a customized one that does generate the right amount of data for me.

- Test your shellcode and make a reliable archive!!! I once spend a few hours trying to escalate privs just to find out the shellcode I used was broken...

- Learn various ways to escalate privs manual on Windows and Linux. They are very different and getting some hands on will give an advantage I think.

- Find a suitable way to keep track of information uncovered and for preparing your report. I am looking at the various notekeeping tools as right now I just use Notepad and well it is hmmm messy.