Table of contents
If you're considering taking the Offensive Security Certified Professional (OSCP) exam, you're likely wondering whether it's the right choice for you. In this article, we'll explore the key things you should consider before making a decision, including the pros and cons of the OSCP, the recognition and credibility of the certification, and the reality of what to expect from the exam.
Whos is it for?
The OSCP is a great certification for anyone interested in pursuing a career in offensive security or penetration testing. It is particularly well-suited for individuals who have a strong technical background and are comfortable with hands-on, practical learning.
If you have experience in networking, system administration, or programming, you may have an easier time with the course material. However, even if you don't have a strong technical background, you can still succeed in the OSCP program by putting in the time and effort to learn the necessary skills. It is important to note that the OSCP exam is known to be challenging and requires a significant amount of dedication and hard work to pass. If you are willing to put in the time and effort, and you have a passion for cybersecurity, the OSCP could be a great fit for you.
The Pros of the OSCP
There are many benefits to taking the OSCP, including:
The new format of the course and exam, which includes a range of exercises to help validate your learning and a detailed Active Directory module.
Access to 75 lab machines once you complete the course material, as well as additional Proving Grounds machines.
The opportunity to earn 10 bonus points on the exam by obtaining the root flag on 30 lab machines, which can be a great way to practice your note-taking and documentation skills.
The reputation and recognition of Offensive Security as a leading provider of cybersecurity training and certification.
What's In the Course?
During the OSCP course, you will learn a wide range of concepts and technologies that are essential for a successful career in penetration testing. This includes skills like:
Enumeration: Gathering information about a system or network in order to identify potential vulnerabilities. This can include techniques like running port scans with Nmap, Netcat or other tools, performing DNS lookups, and extracting information from system logs and the various open ports you will discover.
Exploitation: Using vulnerabilities to gain unauthorized access to systems or escalate privileges. This can include techniques like using buffer overflows to execute arbitrary code, leveraging known vulnerabilities with tools like Metasploit, and using social engineering techniques to trick users into divulging sensitive information.
Post-exploitation: Using access to a system to gather further information, maintain persistence, and cover your tracks. This can include techniques like using tools like Mimikatz to extract password hashes, modifying system configurations to create backdoors, and mainly reverse shells.
Tunneling/Pivoting: Understanding networking concepts like TCP/IP, routing, and subnetting, as well as tools like Wireshark and Netcat.
In addition to these general concepts, you will also learn specific techniques like using SSH tunnels and proxychains to bypass network restrictions, crafting golden tickets with mimikatz to gain unauthorized access, performing kerberoasting to extract password hashes, cracking passwords with hashcat, and exploiting SUID and SGID bits to escalate privileges. All of these techniques are commonly used by attackers and are essential for any penetration tester to understand and be able to utilize to identify and exploit vulnerabilities in systems and networks.
The Credentials of the OSCP
Earning your OSCP is a great way to demonstrate your expertise in offensive security to potential employers or clients. The certification is widely respected in the industry and can be a valuable asset on your resume.
The Recognition of the OSCP
While the OSCP is a highly respected and valuable certification, it's important to keep in mind that it is just the tip of the iceberg when it comes to offensive security. There are other, more advanced certifications available, such as the Offensive Security Exploitation Expert (OSEE) or the PEN-300 course: Evasion Techniques and Breaching Defenses - Advanced Pentesting Training which is linked to the OSEP certification. Both are more advanced and touch on different strands of offensive cybersecurity that can help you build on your OSCP knowledge and skills.
Comparing OSCP to Other Entry-Level Cybersecurity Certifications
If you're considering earning an entry-level cybersecurity certification, you may be wondering how OSCP compares to other options. Here is a brief overview of some popular alternatives:
Certified Ethical Hacker (CEH): The CEH is a certification offered by the International Council of Electronic Commerce Consultants (EC-Council) that focuses on the tools and techniques used by ethical hackers. The CEH exam is multiple-choice and includes a hands-on lab component. One key difference between OSCP and CEH is that the OSCP exam is purely hands-on, with no multiple-choice questions, while the CEH exam includes both hands-on and multiple-choice components. Additionally, the OSCP course includes more extensive lab environments for practicing skills, with 75 lab machines and additional Proving Grounds machines, The CEH course does have a CEH Lab component available for $199.
Security+: Security+ is a certification offered by CompTIA that covers a wide range of security topics, including network security, compliance, and operational security. The Security+ exam is multiple-choice and includes a hands-on lab component. One key difference between OSCP and Security+ is that the OSCP exam is purely hands-on, with no multiple-choice questions, while the Security+ exam includes both hands-on and multiple-choice components. Additionally, the OSCP course includes a more focused and in-depth curriculum specifically tailored to penetration testing, while the Security+ covers a wider range of general security topics.
Penetration Testing Professional (PTP): The PTP is a certification offered by the EC-Council that focuses on the skills and techniques used in penetration testing. The PTP exam is a hands-on, practical exam that requires candidates to demonstrate their skills on live systems. One key difference between OSCP and PTP is that the OSCP course includes a broader range of content, including a comprehensive online course and lab environment, while the PTP exam is purely hands-on and does not include a course component. Additionally, the OSCP exam is open book, allowing candidates to refer to notes and resources during the exam, while the PTP exam is a closed-book exam.
Overall, OSCP is unique in that it is a purely hands-on, practical certification. While other certifications may include hands-on components, the OSCP exam is entirely focused on demonstrating your ability to identify and exploit vulnerabilities in live systems. This makes OSCP an excellent choice for those who want to specialize in offensive security and build a career as a penetration tester.
A Reality Check
While the OSCP is a great entry-level certification for those interested in offensive security, it's important to be realistic about what it can and can't do for you. Earning your OSCP doesn't guarantee you a job or make you an expert in all things offensive security. It's a hands-on, practical course that will give you a strong foundation in the field, but you'll need to continue learning and growing your skills to truly excel.
My Experience with the OSCP
I took the OSCP as someone with no prior cybersecurity experience, but with a background in IT and development. I enrolled in the Learn One subscription and took the full 12 months to go through the course and lab machines, studying roughly 15 hours per week for a total of over 600 hours. I found the course material to be dense but well-organized, and the lab machines were a great way to practice what I was learning. In the end, I was able to pass the OSCP exam on my first try and earn my certification. You can read more here: 5 Tips I Wish I Knew Before Taking The OSCP Exam.
Additional Training Resources for OSCP
While the OSCP course provides a comprehensive foundation in offensive security, there are many other resources available to help you continue learning and developing your skills. Some popular options include:
TryHackMe: A platform that offers a variety of hands-on cybersecurity challenges and training courses.
HackTheBox Academy: A comprehensive online training program that covers a wide range of cyber security topics, including penetration testing, forensics, and web security.
HackTheBox Machines: A platform that offers a large number of virtual machines that you can hack and practice your skills on.
VulnHub: A collection of vulnerable virtual machines that are designed to be hacked.
These resources are a great way to continue learning and improving your skills during the course and even after completing the OSCP course. By tackling new challenges and experimenting with different tools and techniques, you can continue to expand your knowledge and expertise in offensive security.
The Offensive Security Certified Professional (OSCP) is a highly respected and widely recognized certification for those interested in pursuing a career in penetration testing or offensive security. It is a purely hands-on, practical certification that involves identifying and exploiting vulnerabilities in live systems. If you are serious about building a career in this field, obtaining your OSCP can be a valuable step on your journey.
However, it's important to keep in mind that the OSCP is just one of many certifications available in the cybersecurity industry. Other, more advanced certifications can help you build on your OSCP knowledge and skills. No matter which certification you choose, it's important to continue learning and training to stay up to date with the latest developments in the industry.
While OSCP is not the end-all-be-all of cybersecurity certifications, it is a strong foundation that can help you get started in the field. If you're serious about pursuing a career in offensive security, the OSCP is worth considering.
Get in touch
Do you have any other questions about the OSCP or other entry-level cybersecurity certifications? Don't hesitate to get in touch by tagging me on LinkedIn or Twitter. I'd be happy to help answer any questions you may have.
Did you find this article valuable?
Support Jeff Noël by becoming a sponsor. Any amount is appreciated!