Why did I do the OSCP certification?

Information Security

I am more an IT auditor, and on the business side of information security (at least, in theory, I still like doing many technical projects). However, it was still important for me to pursue the Offensive Security Certified Professional (OSCP) certification. At first, I was maybe interested in a career as a penetration tester (pentester) and it was indeed a good way to confirm, or not, my interest.

The OSCP certification is unique among other IT certifications. Students don’t have to “simply” learn theories and pass a multiple choices exam. To obtain the certification, students have 24 hours to gain privilege accesses to 5 servers. After that, a second 24 hours to write a report. Basically, it is a simulation of a client engagement to perform a penetration testing.

Students will learn by studying the Penetration Testing with Kali (PWK) which will introduce different methods on how to compromise servers. There is an electronic book and also really good videos. The material with allows students to have an overview of each concept. Kali is the Linux distribution maintained by Offensive-Security, previously known as BackTrack. In any case, the most important part is definitely having access to the virtual lab, Offensive Security Penetration Testing Labs. The lab is where students can exploit many machines with different types of attack. It is almost impossible to be able to pass the final exam without an impressive amount of time in the lab.

I must admit that I thought at first that it would have been easier to get through that intensive training. If you are interested in this certification, and the field of penetration testing, this is an amazing experience. However, you will need a lot of determination. You will get frustrated many times, and be stuck on many servers in the lab. Not just an hour or two, but probably for many days. It is possible to get through all servers, well, most of them… The solution is often kind of simple enough when the attack vector is discovered. After the first few servers, it is more and more an addiction to find out a way to get into a new machine.

You can always ask for help on their IRC channel, but they will never give out the solution or simply respond to… “Try Harder!". And, yes, they are serious about it. I was not sure to really understand the meaning of those two words at first. I never really ask questions in class since I prefer to figure out things on my own. Most of the time, it is simpler and resources are available online. With the OSCP, it was not the case at all. They will be happy to guide you, but their responses are still vague, even if you have solved part of the problem. You will need to be ready to learn by yourself. The PWK will not give you the solution, it is just some tools to help you after in the lab.

I did the exam in January 2016, more than 1 year ago, and I still remember the exam. Probably more difficult than most exams during my university or other certifications. When I see someone with a certification from Offensive-Security, I know that they have gone through a lot. I don’t think that I would become a pentester in my professional life. However, it is definitely an important asset to anyone working in information security. I would recommend it without hesitation.