OSCP Training Course Review
Introduction. This blog is designed to give a detailed analysis of the collaborative experiences from the members of Spector Security LLC on the Offensive Security Certified Professional (OSCP) training course. We will go over the different collaborative experiences, challenges and impression of the OSCP certification process. Multiple areas will be discussed to include the cost, lesson quality, lab training environment, and testing process. Please feel free to comment and ask any questions that come to mind as we review this training course.
Getting Started. 10/10 –The initial start-up of this course is fairly self-explanatory and easy to follow. The course is well organized and, even though there are a few hoops to jump through, it is a very professional virtual environment to interact with. The course can be found on Offensive Security’s main website, “https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/”.
Cost. 8/10 –The cost of this course was fair for the significant amount of training resources you receive. The initial cost is very comparable to other hands on training courses, (to which we may right more reviews on in the future). However, initial costs aside, there is another aspect of their pricing structure. Offensive Security rewards consistency and expertise. It is part of why this certification is so difficult to acquire. How they do this is by expanding the cost based on an individual’s need for additional lab time or additional re-takes of the final exam. The lab costs alone can stack up over time. For this reason, consider buying the 90-day lab access up front if your schedule is not open and/or you are newer to penetration testing.
Lesson Quality. 10/10 – The structure and quality of the lessons in this course are excellent. They are well structured and follow a logical overview of all phases of a penetration test, from reconnaissance to post exploitation and report writing. Realistically the only downside is that they can’t possibly teach you everything there is to know about penetration testing in 400 pages (but more on that in the next section). Overall the videos coincide very well with the written manual and both should be used in completing all of the exercises. Best advice that can be given is to make sure that go through every section of material and complete all of the exercises for the extra 5 points on the exam (take notes on every single thing you do, it absolutely helps). For anyone that struggles on buffer overflow, that tells me you did not complete the exercise, or you did not take thorough notes.
Lab Training Environment. 9/10 – This is an extremely fun and rewarding part of the learning process. However, this is also where extreme frustration will set in and you may want to quit based on your lack of initial success. If penetration testing is new to you (or if you are used to only using automated scanners), you may find a large portion of these labs challenging. There are approximately 40-50 labs to explore and multiple ways to complete most of the labs. They resemble the testing environment in that you have a random IP to attempt to gain a user and root privilege level in. It is very similar to the hack-the-box environments for anyone that has explored that site. Two pieces of advice to help with the labs:
1) Expose yourself to as many online tutorials of similar hack-the-box or capture the flag type labs that are out there and open now for people to publish walkthroughs. The more examples you see of how to solve these types of labs the better, then apply the same process to the OSCP labs. Furthermore, do not simply watch videos but actually follow along and complete the walkthrough yourself. You will find software you need to download, and discover subtle nuances is why things will run or not run. Penetration testing is not always an exact science, you have to test things for yourself and see why it did or did not work.
2) Identify the “low hanging fruit”, meaning take your time and find the labs that have easy solutions. This means first identifying ones with common vulnerabilities during your recon and exploit them first. This will increase your confidence and make it a more enjoyable process than just starting randomly and perhaps failing multiple times.
Testing Process. 10/10 – The final exam is a challenging event, regardless of the time preparing for it. There are no short cuts here and you are banned from using any automated programs and can only use Metasploit exploits for one IP (an attempt of a MSF exploit counts as a use; purely shell connections are allowed across multiple exam IP’s). You have a total of 24 hours (you will probably use it all) and another 24 to complete the report. This lab is exhausting but extremely rewarding when you finally complete it. Our advice is as follows:
1) Take the exam seriously, make sure you sleep before and are prepared to dedicate two entire days to the test.
2) Have good notes and prepare beforehand, but do not get discouraged if you fail, it is part of the process. Most people take multiple attempts before they pass.
3) Start with the buffer overflow. If you completed the exercise and took good notes, it should be an easy 25 points every time.
4) Prepare you report writing outline and answers to the exercises ahead of time. This will make day two of the exam far less stressful. Offensive Security provides an acceptable outline of the exam results online.
Final Conclusion. Score of 9/10 – Overall this is an amazing test and verification of your abilities as a penetration tester. It deals more with the raw skills of a penetration tester (does not deal with pivoting into other networks or computers as much as other tests). However, the labs and test are extremely challenging to a lot of people and it is more of a test of skill, than it is an instructional course. If you rely purely on the information taught in the manual you will not pass, you need outside knowledge and experience (and that takes time). So, start with the simple and build up from there, this level of knowledge and expertise takes time and perseverance.
A summary of our advice is as follows:
- Take thorough notes and complete all of the course material.
- Complete the exercises and gain the extra 5 points for the exam.
- Use walkthroughs of similar style lab environments so that you can see examples of how to complete the labs before diving into them blind (for people that have less experience).
- Identify the easier “low hanging fruit” and target those in the labs first.
- Take the exam seriously, make sure you sleep before and are prepared to dedicate two entire days to the test.
- Do not get discouraged if you fail the exam. Part of getting this certification is proving that you will push through the life sucking failures to get to a successful finish in the end.
- Start the exam with the buffer overflow.
- Prepare your reports ahead of time as much as you can to make the documentation easier on the day of the exam.