“We are happy to inform you that you have successfully completed the Penetration Testing with Kali Linux certification challenge and have obtained your Offensive Security Certified Professional (OSCP) certification.”

I recently completed the Penetration Testing with Kali (PWK) course and exam to gain the Offensive Security Certified Professional (OSCP) certification, and it was one of the most rewarding certifications that I’ve done. There have already been many reviews on the course, and instead of  just reiterating what has been said before I would like to add some lessons I learned while going through the PWK course, lab, and exam.

My Background

I like to think that I have a fairly strong technical background. My undergraduate studies were in computer science, and my masters degree focused on computational engineering. Additionally, I’ve previously completed a number of IT security certifications including CCNA-S, CPT, CEPT, and several others. I’ve worked as a network engineer, software engineer, penetration tester, developer, and managed technical teams. I mention all these things because even with my previous education and experience I still found the OSCP exam challenging.  

Course Overview

PWK Course Material

The course material provided by Offensive Security was professional and well put together. There’s not much more I can say other than I consider the course material to be some of the best I’ve seen on the subject of penetration testing.

Lab Environment

When you sign up for the course you can purchase 30, 60, or 90 days worth of lab time (and add additional time as needed). My recommendation is to go through the course material as fast as possible, and maximize your time in the lab environment. You will have to research and learn beyond the course material to be successful on the exam. Offensive Security provides an excellent training environment to practice all the skills and techniques you will need. It’s well worth the money, and mastering the techniques you’re learning about is the only way you’ll get through the exam.

Exam Experience

After a little over 30 days of practicing on the lab environment I decided to challenge the exam. One of the things I like about the OSCP certification exam is that there is a relatively nominal fee to re-test if you fail it (at the time of this writing anyway). This aspect is much better than other certifications because I felt like the monetary risk was low- so why not give it a shot? On the day of the exam an email dropped in my inbox with specific instructions. I won’t say much about the details here. Basically, there are a number of boxes you have to compromise and capture a flag as _proof. _The last thing I’ll say about the exam format is that there are a number of restrictions about which tools  and features you are allowed to use; these restrictions alone add another level of difficulty.

Overall, I spent about 17 hours on the exam out of the 23 hours 45 minutes allowed. For me there are diminishing returns as time goes on without sleep. Meaning that the more exhausted I got the longer it took me to recognize the little things I needed to be successful, and time is not on your side with the OSCP exam.

Lessons Learned

• Attention to Detail: Little things matter. Pay attention and be meticulous.
• Always check the simple things first: Don’t immediately assume that the obvious solution is the wrong one. Check defaults, try simple passwords, etc. which leads to my next point
• Stick to your methodology: Figure out what works for you and stick to it. Create your own or use established methods, but stick to your list of tasks. Don’t get in a hurry and jump to number 4 without trying tasks 1,2, and 3.
• If you think you’re missing something, you probably are: If at some point you’re stuck on a problem, and you know there is a solution, see my first three points
• Learn to conduct research: Learning to teach yourself is one of the most beneficial skills to have. Knowing where to look for information, how to interpret the data, and how to extract meaningful conclusions is necessary for this type of work.
• Don’t rely on tools: It’s ok to use tools, but know what they are doing behind the scenes. Tools break or just don’t work sometimes. Always have a backup method including the manual way.
• One hour practicing a technique is worth days of just reading about it: Practice is far more important that just knowing about something. Until you’ve gone through the motions you have no way of knowing your capabilities.

Again, if you’re seriously interested in penetration testing this is a must-do course in my opinion.