Offensive Security Certified Professional Experience / OSCP Review

11. August 2017

Today I would like to share my experience with OSCP from the guys at Offensive Security.

Why OSCP?

There are now so many certifications in the field of information security that it is difficult to choose one. For me, criteria are the deciding factor in certifications:

  1. Learn new
  2. Apply knowledge (i.e. no multiple choice tests)
  3. It should be known and recognized
  4. Price performance

Few certifications fulfill all 4 aspects mentioned, the OSCP does.

Preparation

After searching the internet for other testimonials, there were two different opinions:

A) Advanced course in which you will not achieve anything without many years of experience in penetration testing.
B) Beginner course, which teaches you the basics and all other skills necessary to pass the exam.

After nagging my Twitter contacts, it became clear that the truth is probably in the middle.

Due to the fact that I’ve been a penetration tester for a while, I decided that I’d just continue to automate my enumeration phase and otherwise let things come to me.

Start

I opted for the 60 day package because I knew there wouldn’t be too much time for OSCP (lots of time-sensitive projects and dad of two ;-).

6 weeks later my course started and I received the materials, videos and access to the lab.

In the reviews it was recommended to finish videos and documents with the corresponding exercises before “letting off steam” in the lab. No sooner said than done: I forced myself to disregard the Lab and only did the documents, videos and exercises during the first two weeks.

Tip: First documents, videos, exercises then Lab

After two weeks I was done with this refresher, as long as you are in the subject matter you learn nothing new. Nevertheless, the documents are very well structured and explained.

I don’t want to reveal much about the lab, but there are different network segments, which are separated by different firewalls, to penetrate all systems you have to do multiple pivoting. The attacks that are carried out range from outOfTheBox exploits to client-side attacks and manual BufferOverflows, to more complex attack chains.

As I feared, I was only able to use 40% of the 60 days. Nevertheless, I was able to achieve my goal: To take over all systems in the start network segment and at least one box per other segment.

Tip: document everything & take lots of screenshots to be able to follow his work afterwards 😉 Software e.g. Keepnote

I am planning my exam for in two weeks. I felt quite confident, but wanted to practice manual buffer overflows again. For this I repeated the exercises without the help of my notes, since this went without problems I decided that this must be enough.

Tip: What should sit? Pentest Methology, Exploit Search, Manually Customize Exploits, Buffer Overflows (Basics).

OSCP exam

Again, I don’t want to and can’t give much away.

You have 24 hours to test a number of systems. Depending on the level of difficulty and obtained rights on the system, you get different number of points.

After 6 hours, I had already reached half of the achievable total score and water good things. Unfortunately, that’s how it remained for the next 14 hours.

Tip: Try Harder!

Then in the last four hours I got the remaining points to pass. For the next 8 hours, I went to bed, slept for 4 hours, and then finalized the documentation and sent it to the Offsec team….

2 business days later I would have my result:

Vielen Dank Offsec für diese spannende Reise!

You are currently viewing a placeholder content from Facebook. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.

More Information

Similar posts

I decided to set up a new team of infosec professionals, because of a lot of project requests and my [...]

25. October 2018

It’s funny that two independent companies name the “21” cybersecurity and redteaming resources in the world. But I appreciate being [...]

8. July 2019

I had a lot of fun with an anniversary edition of the podcast “Ones & Zeros, IT Simply Explained” at [...]

25. August 2020

I try to attend technical trainings regularly to get new input for my work. Therefore, in the past few months, [...]

26. November 2020