What is an OSCP certification?
OSCP is an ethical hacking certification offered by Offensive Security (OffSec). Holding this certification validates a professional’s knowledge of penetration testing methodologies using tools inherent in the Kali Linux distribution. Kali is an open-source, Debian-based Linux distribution that enables security and IT professionals to assess the security of their systems.
Hiring cybersecurity professionals who have the knowledge required to deploy malicious hacker tools and methods is especially valuable to any security team. Intimate knowledge of the offensive strategies likely to be used against their systems is vital to building an effective defense.
Holding an OSCP certification indicates the holder has acquired essential skills required to work in any of the following roles, among others:
- Security analyst
- Computer forensics analyst
- Security specialist
- Penetration tester
- Security engineer
- Security code auditor
- Malware analyst
- Security consultant
The growing acceptance within the security industry of offensive security certifications reinforces the belief that ethical hacking is a respectable profession, not just a practical ability. This acceptance has created a demand for the subset of computer and network skills once pursued only by malicious actors.
How does an OSCP differ from a CEH certification?
There are currently two prevalent penetration testing certifications available, the Certified Ethical Hacker (CEH) and the OSCP. Each fills a unique role in the cybersecurity industry, although jobs requiring one of these certifications will often accept either.
Individuals holding a CEH certification are qualified from a vendor-neutral perspective. The CEH validates their ability to think and act like malicious hackers. This certification is suited for non-penetration testers and people who lack detailed security knowledge as it focuses less on hands-on labs and is considered more of an entry-level certification than is the OSCP.
The OSCP certification is more hands-on and is highly focused on penetration testing using Kali Linux. It is typically recommended for more experienced information security professionals who want to make a profound and meaningful move into professional penetration testing.
OSCP candidates should be able to enumerate a machine, identify vulnerabilities, and develop solutions to produce shells. It is fair to say that the OSCP is the gold standard certification for penetration testing.
According to Payscale, the average salary for a CEH is $82,966, while an OSCP brings down $96,000.
What are the OSCP exam requirements?
OffSec’s Penetration Testing with Kali Linux (PWK/PEN-200) course packages include one or more exam attempts. After completing the course, or when the student feels ready, they can sit for the OSCP certification.
Unlike some professional certifications, there are no educational or work experience prerequisites for taking the OSCP exam. OffSec suggests that candidates should have a solid understanding of TCP/IP networking, reasonable Windows and Linux administration experience, and be familiar with basic Bash or Python scripting. Candidates take the exam as the concluding portion of the OffSec training course.
Students or professionals considering an OSCP certification should be problem-solvers and analytical thinkers. OffSec has designed the preparation course and exam to test candidates’ ability to apply critical thinking to problem-solving.
Documentation Requirements
You are required to write a professional report describing your exploitation process for each target. You must document all of your attacks including all steps, commands issued, and console output in the form of a penetration test report. Your documentation should be thorough enough that your attacks can be replicated step-by-step by a technically competent reader.
The documentation requirements are very strict and failure to provide sufficient documentation will result in reduced or zero points being awarded. Please note that once your exam report is submitted, your submission is final. If any screenshots or other information is missing, you will not be allowed to send them and we will not request them.
Exploit Code
If you have not made any modifications to an exploit, you should only provide the URL where the exploit can be found. Do not include the full unmodified code, especially if it is several pages long.
If you have modified an exploit, you should include:
- The modified exploit code
- The URL to the original exploit code
- The command used to generate any shellcode (if applicable)
- Highlighted changes you have made
- An explanation of why those changes were made
Exam Proofs
Your objective is to exploit each of the target machines and provide proof of exploitation. Each target machine contains at least one proof file (local.txt or proof.txt), which you must retrieve, submit in your control panel, and include in a screenshot with your documentation.
Failure to provide the appropriate proof files in a screenshot for each machine will result in zero points being awarded for the target.
The valid way to provide the contents of the proof files is in an interactive shell on the target machine with the
type
or
cat
command from
their original location.
Obtaining the contents of the proof files in any other way will result in zero points for the target machine; this includes any type of web-based shell.
On all Windows targets, you must have a shell running with the permissions of one of the following to receive full points:
- SYSTEM user
- Administrator user
- User with Administrator privileges
On all Linux targets, you must have a root shell in order to receive full points.
Reviews
There are no reviews yet.