An Overview Of This Interview Roundup
The point of this resource is to discover and establish just how difficult the OSCP, and we ask those that have passed it.
We interview a bunch of people that have passed OSCP and ask them for advice.
Here’s a very rough two-second summary of what they said:
- Learn enumeration;
- Privilege escalation;
- Plan your time accordingly;
- Buffer overflow;
- and, use pentesting labs!
We’ve been covering Cybersecurity training for many years now and ever since it was launched, we’ve been really fascinated by the OSCP Certification.
The Offensive Security Certified Professional (OSCP) course and certification is the sequential certification to a course called “Penetration Testing with Kali Linux”.
The folks behind Kali Linux are responsible for the OSCP Course (as well as a bunch of other ones).
Here’s why we think the OSCP is the real deal and the bad-ass cybersecurity cert you can achieve: it tests the individual by assessing their penetration testing process and life-cycle through an arduous twenty-four (24) hour certification exam!
That’s right. A 24 Hour exam! Pretty awesome!
The end result is that the professional that has passed OSCP has clearly demonstrated their ability to be presented with an unknown network, enumerate the targets within their scope, exploit them, and clearly document their results in a penetration test report (which is also a requirement).
In this post, we ask current Professional Penetration Testers and Cybersecurity Professionals how they trained for and passed the OSCP Certification.
Certifications we’ve asked for advice from professionals that passed them include:
How Much Does OSCP Cost?
The cost of the OSCP certification is (at the time of writing in 2020) $800.
The price of OSCP includes lab access and an exam voucher.
At the time of writing, you get 30 days of lab access and you’ll have to sit the 24-hour exam within that time frame. Now, of course, you’d be wise to practice on other free labs which you can install on VirtualBox and that’s absolutely something we advise that you.
What’s The Difference Between CEH vs OSCP vs CISSP?
The answer is simple.
I passed CEH in 2018 and found it relatively easy but I did do a ton of work before but I haven’t passed the OSCP or CISSP so I can’t accurately compare them. What I can say, however, is that CEH and OSCP have a lot in common in the sense that they are both offensive certifications whilst CISSP is really more of a 360 view aimed at Senior Management.
CEH and CISSP are both multiple-choice based exams. CEH is three hours long whilst CISSP I believe is five hours.
OSCP is practical and very much “hands-on”, you have to try a bunch of skills to hack into a series of boxes, whilst CEH, like CISSP, is a more traditional-based assessment, i.e. multiple choice.
What Do You Have To Do To Pass OSCP?
The OSCP certification is awarded on being able to successfully crack five machines in 24 hours.
One machine (‘box’) will be the most difficult and will hold the maximum points, while the others will address your skills in being able to hack boxes using enumeration, exploitation, and post-exploitation techniques.
The vulnerable boxes are a mix of Linux and Windows systems.
What’s The Benefit Of Passing OSCP?
Being OSCP certified helps your career if you’re interested in becoming a Penetration Tester or Ethical Hacker. The fact that you can pwn machines under a strict time limit shows that you have the necessary knowledge and skills to hack into machines and systems.
Furthermore, another major benefit of passing the OSCP is that increasingly recruiters are requesting that candidates pass or have the OSCP cert, especially for roles that are aimed at Penetration Testing.
We’d absolutely encourage you to take this InfoSec cert if you’re serious about a career in Cybersecurity.
Enough Of Me Talking; Let’s Ask The Experts! The Question We Asked Was:
“What Advice Would You Give Someone Studying For The OSCP?”
Spending endless hours trying to break into certain machines with no success.
Stick to the easier machines first – if a challenge seems too hard for you for a while despite your best efforts, it probably is. Don’t lie to yourself and be overconfident. Also, gather as much information as possible. Don’t take shots in the dark unless absolutely necessary. In my opinion, the buffer overflow machines are easiest. Less luck, more logic.
I also consider myself a decent Python, C, and PHP programmer, though there always is more to learn. Python definitely helped with the exploit development part of the course.
Security Consultant at Maticmind S.p.A.
Don’t overlook the enumeration phase: everything you need is just in front of you, no hint nor question just a good enumeration.
Malkit Singh | OSCP, CREST(CPSA-CRT)
Ethical Hacker (Infosys)
Try Harder, Try Harder till you succeed. Enumerate each bit of the machine to get the next hint.
Obviously hands-on practice with Kali Linux is a must and one should always think about “what next”?
Saravana Kumar | OSCP, CEH, CIPP
Senior Security Engineer at Crypto
Try Harder! And Enumeration is the Key.
Brian Johnson | OSCP, OCCP, CEH, CompTIA N+, CISSP
Security Engineer & Podcaster
Be VERY disciplined about time management. If you’ve got a family and a full-time job like I did, make sure your significant other, kids, etc are supportive of this effort as you’ll likely need to spend many red-eye hours studying and working through the labs.
You’ll probably need to sacrifice personal/family time to succeed and obtaining the OSCP.
Muhammed Bassem | OSCP, OSCE, ISO 27k1 LA, GSEC
Security Engineer at Klarna
You should master the exploit development and privileges escalation techniques, follow the technical blogs for g0tmi1k, security-tube, fuzzy security, c0relan, offensive security, Infosec Institute, SANS reading room, Blackhat/ DEFCON/ Hackinthebox Conferences youtube channels, opensecurity, theamazingking, samsclass, GitHub resources and play CTF.
Martin Voelk | OSCP, OSWP, CCIE
Chief Information Security Officer (CISO) at GigIT, Inc.
Hands-on practice. Theoretical knowledge is not enough and the more lab time you can get the better. The OSCP labs are great.
Grant Boudreau | OSCP, OSWP, CompTIA Server+, CompTIA Security+
Consultant, Cyber Security at MNP
Try to pwn every lab machine.
There is a different skill gained from every machine.
It helped me pass my OSCP exam as two machines were very similar to two of the lab machines.
Yamal Patel | OSCP, CEH
Senior Security Consultant & Team Lead at Synopsys Inc
Try Hard. Try Harder.
Hand On practice is a must. Give dedicated time to exploit each machine in different Lab networks and increase your skillset to do Python scripting along with that.
Don’t lose your concentration throughout the Lab period and stay focused.
Andres Amado | OSCP, eCPTX
Pentester & Security Analyst
Perseverance and effort!
Hamed Farid | OSCP, ITIL, CEH, OSCE, Corelan Advanced
Senior Penetration Testing
Luka Sikic | OSWE, OSCP
Learn privilege escalation.
Kaleem Shaik | OSCP
Senior Security Assurance Analyst at Emirates
Learn buffer overflow and privilege escalation. Do labs well.
Sparsh Owlak | OSCP, CEH
Senior Consultant at EY
Do not underestimate or assume anything. More you’ll try, more you’ll learn
Prem Kumar | OSCP
Vulnerability Analyst at Booking.com
Be through with your basics.
Ahmed Mohamed | OSCP, CISSP
Enterprise Information Security Consultant at Canon
Get yourself familiar by practicing on the machines at vulnhub.com where you will arm yourself with more than the skills you need to pass OSCP.
Naveen Vivek | OSCP, OSCP, CCNA
Penetration tester at Schneider Electric
Try to finish at least 30 machines OSCP lab and then give a try. Then it will be easier to pass OSCP on time.
Ye Yint Min Thu Htut (OSCE, OSCP, CREST CRT)
Offensive Security Engineer
Please do not be discouraged if you failed. Try Again, Try Harder and earn your OSCP Certification.
Choudhary Muhammad Osama | OSCP, 100W OPESEC, 210W CICS
Penetration Tester and Application Security Researcher
Master yourself in privilege escalation and try to work on some vulnerable machines available at “VulnHub” to get the knowledge of privilege escalation.
Ajay Choudhary | OSCP, Crest CRP
Keep an Eye on Enumeration.
Ferdi Bak | OSCP
Cyber Security Professional at VHL IT Security Training BV
Strategy, Methodology and Time Management are key. Make up a strategy to avoid rabbit holes, plan your available exam time well and create a battle plan and stick to it.
Nikhil Kumar | OSCP, OSWP, CEH
Information Security Team Lead
Complete at least 30 machines in the lab before trying to tackle the exam. Learn buffer overflow before the exam: Vivek Ramachandran buffer overflow videos were very helpful for me.
Jason Bernier | OSWP, GCIH, MCSE, CEH, RHCSA, VCP5
Senior Penetration Tester at BAE Systems
Sticking with it and putting in the time to get it done. Also, you need to enumerate, enumerate, and enumerate some more!
Herm Cardona | OSCP, OSWP, CompTIA A+, CompTIA Security+, ISACA
Ethan Kurt | VCP6-DCV, LPIC-1, MCITP, CCNA, CIW, MTCNA, MTCUME
Cyber Security Threat Hunter
Know your target and time management.
Passion is the most important thing to pass the OSCP exam.
Penetration testing is the only thing you are doing when you have nothing to do. If you are a proficient (Python and C) programmer, it would help you a lot. Unfortunately, you cannot expect to pass the OSCP exam only with Python skill. You also need to know networking protocols and how are they working.
There’s no doubt that employers highly regard the OSCP.
It’s a bit tricky to compare CEH against OSCP because both have their merits and in fact, it also depends on what Cybersecurity role you are looking to get into.
OSCP, like CEH, can be considered as being more offensive, and passing one or both of these certifications would certainly help you to become a Penetration Tester if that is the career path you’re seeking.
Turning again to my dear friend Phantombuster, or, you can use a dedicated Chrome AddOn which will do the same thing. The benefit of using Phantombuster for this hack is that you can automate it...
Use Google Search Console for two easy hacks to grow your traffic. The first hack is to determine your top referrers, then double down on syncing up that traffic that comes from that...