Skip to content

Tag: Try Harder

OSCP CHALLENGE, ACCEPTED…AND PASSED!

Oh my, it’s been a journey for the past year. A lot of hard work and a lot of sleepless nights but it’s been well worth it. I earned my Offensive Security Certified Professional certification!

I’ve worked in various Desktop Support roles for a long time and I’ve wanted move more into Cyber Security, hopefully into a role as a ethical hacker or also know as a penetration tester.

I’ve spent a lot of time studying and working through various security related courses, obtained a few certifications from CompTIA (the Security+ and CySA+), spent a lot of time reading all that I can and practicing my ethical hacking skills every chance I got.

OSCP is the Offensive Security Certified Professional certification, offered by Offensive Security, the same organization that produces Kali Linux. It’s a practical 24 hour exam in which you are granted access to an isolated lab of 5 machines whereupon you perform a simulated Penetration Test. You must compromise enough machines to earn 70 points or more to pass. You must also write up a full Penetration Testing report for all the work you did.

Sounds simple? No, it’s not. I won’t sugar coat it, it’s tough. It’s not like spending time working through CTF machines at TryHackMe or Hack the Box although if you are looking to obtain the OSCP, I highly recommend both of those resources.

It’s a of learning more and more about systems then you ever thought you knew. I don’t want to sound arrogant but I’ve been working in Desktop related roles for 30+ years. I know a lot.

When I started this journey, I thought that was enough. Frankly it wasn’t. Thirty years of knowledge and I was literally back in school again and honestly learning new things everyday. Heck, even during my exam, I learned something new and updates my working notes documents accordingly.

So, how does one prepare to sit for the OSCP challenge?

There are many ways to prepare. For me, outside of the PEN-200 course from OffSec, the resources below I found immensely helpful. If I had chance to go back in time and start this again, it’s the one thing I would have done differently. I would recommend going through this list before you purchase your course and lab time from Offensive Security. That way, you have a solid skill set from which to work from and make very good use of the course labs.

Lastly, I would like to plug the OSCP community on Reddit (https://www.reddit.com/r/oscp/). This is a place that you can ask pretty much any question you have and find a useful answer. The amount of help you can find here is really a tribute to the InfoSec community.

As for the exam, I received some very good advice from someone and frankly it’s what I did. Plan to fail on the first exam. With all that you are expecting to happen, just plan to spend money on a second exam voucher and don’t sweat failing your first exam. Most people don’t pass the first time around, myself included.

Always remember, failure will teach you more than success. How you apply what you learn is how you find success. That’s what it means to “Try Harder!”

Until next time and good luck to anyone pursuing their OSCP!