So over the past handful of months I’ve been taking some time and worked on the Penetration Testing with Kali Linux training, which in turn I took the Offensive Security Certified Professional exam! It took a while for me to be able to work through all the training, but as of April 27th, 2015, I am OSCP certified!
Towards the end of last summer I was able to start the training course, and had two months of lab time. I really recommend spending the first handful of days to go over the reading and video materials. They will really help you out when you’re going through the lab and you’ll know where to reference stuff at.
When you start your first couple nmap scans on the lab network, don’t get overwhelmed at the number of machines you find and the total amount of information. Take as many notes as you can, I ended up using Evernote for my notes since that will sync across all the devices I used. Keeping great notes will only help you in the long run.
In terms of the lab machines, there really is a wide range of machines across various difficulty levels. There are a handful of boxes that will seem pretty easy to exploit, but then there are a good number that will leave you banging your head against a wall. If you get too stuck, the Offensive Security forums and the #offsec IRC channel are both great resources.
I was able to get a lot of the exercises and training done in my first two months, but with the combination of work, the training, and more school work than I anticipated, I ran out of time before I finished what I wanted to and felt comfortable with. I ended up taking a bit of time off from the training and cleaned up a lot of my notes so I would be more prepared for my last attempt at the lab. This March I purchased 15 more days which would overlap with my spring break and spent every day working on the labs, attempting to get as many machines as I could. I learned a lot over the training and finally scheduled a time for my exam.
My exam was scheduled to start at noon on Friday, April 24th. I got everything as prepared as I could, had my training lab report and exercise report all straightened out, and was damn near ready to go. Once I got my exam instructions I was going to town. There were times I knew I was doing well, there were times I was super frustrated, and some times where I needed to take a step back and do something to take my mind off the challenges like make dinner or do some dishes. I ended up getting enough points to pass after about twelve hours into the exam, so I figured that was a good point to get some sleep. I woke up early the next day but didn’t score any more points. I spent a few hours putting together my exam report and I was done way earlier than I thought I’d be. I submitted all of my documentation and awaited a pass/fail email!
When I woke up to get ready for work Monday morning, first thing I saw on my phone (minus an annoying alarm clock) was an email from Offensive Security saying that I passed and had obtained my OSCP! I was beyond ecstatic to say the least!
Even though I took longer than I would’ve liked on the training and lab environment, I felt like it was well worth it. I learned a whole lot, and one of my favorite things about the lab environment is how much it felt like a real corporation. I honestly feel like I became one with the THINC.local domain and learned a bunch from it.
Now I want to spend some time looking into more exploit development and malware analysis while also focusing on finishing up my masters degree. Hell, maybe I’ll even be able to go after the OSCE soon! Thanks to Offensive Security for the training and certification and the staff for all the help!