OSCP Review
- mpolymath
- 0
- on Oct 07, 2023
Synthesis
Value of content : 10/10
OSCP is a strange beast, its real value lies in its likelihood to get you a job as a junior penetration tester.
In terms of getting you hired to pentest I cannot think of a better certification internationally.
That is why I value it at a 10/10.
The course basically goes over all vector of attacks (Not including all attacks for Active Directory and Buffer Overflows) and explains the essentials you need to pentest.
Buffer overflows which were previously part of the course have been removed it is a shame but it is what it is.
You are expected to practice relentlessly the techniques taught in the course and the labs.
Assimilating the course material is not enough, you must practice until these attacks become second nature.
The real learning happens in the challenge labs, some emulate the exam and others just teach you various attacks.
This is where the real learning begins, make sure to not stay stuck and constantly refer to the official discord channel for hints as there are enumerable rabbit holes.
As an example I was on a machine trying to privilege escalate for 1 hr and found nothing, after consulting the discord channel it was pointed out that said machine had no root user flag and no means to escalate on it. Theoretically I could of worked days on this machine wasting my time, there were no indications that this machine was different from the others, no means to discern that this was a “trap”.
I would advise taking the labs as another means of learning and have the right amount of balance between pushing through and moving on. Looking for hints on discord can be part of the learning process, just find out what the next step is and try to solve the one after that without discord.
The Active Directory attacks are honestly lackluster in OSCP.
I recommend taking the CRTP to learn these attacks as it is much better suited.
OSCP will teach you what you really need to be a pentester, the necessary theory and the habit to persevere, to try new things and to be methodical with your approach.
Overall it is the certification I am most proud of, and the exam is honestly so much fun. A colleague of mine said what he enjoyed about offensive security is you learn something new every exam and it was definitely the case for me.
So much fun in fact that I am now aiming to get my OSCE³.
Cost to value ratio : 10/10
I recommend the learn one subscription it is not cheap at $2499 but well worth it as anyone can in 1 year find the time to learn the required skills.
This course is expensive but considering the doors it opens I consider it worth it. However if you are on a budget go elsewhere, plenty of cheaper great learning material out there. It will however be more difficult to get that job as pentester without the OSCP.
Do I recommend it : Yes
Again yes I recommend it, it requires work and effort to get through it and you will feel great once on the other side.
What it does well :
What OSCP teaches well is the initial foothold part of a penetration testing, that is where it shines. You will encounter countless ways to get the initial access to machines from the labs. It is also great at muscle memory, by the end of your certification you should be able to pivot in a network with the greatest of ease and try exploit after exploit for hours on end without flinching. It teaches perseverance the Try Harder modo is really something they stand by and as a person who recruits pentester for living its a mentality I look for in all my auditors, it is what you can’t really teach, that hunger to go above and beyond.
Room for improvement :
I would have several recommendations, first of all the Active Directory part of the course is lackluster. CRTP is much more suited to learn these type of attacks. It was also a big let down that Buffer Overflows are no longer part of the course, they are fun to learn and something pentesters should understand.
The lab is very CTF like and does not resemble the environnements you will audit once you become a pentester.
It would be great if they incorporated realistic environnements in the labs just as a means to prepare their students for real engagements.
Overall the labs were great, there were however some machines in the labs that require restarting before they can be exploited. Also there are countless rabbit holes some are honestly just ridiculous, prepare to be frustrated over and over again. But then again that is what builds the Try Harder mentality so maybe its an effective learning method after all.
Overall evaluation :
- The course teaches theory well, it covers the essentials of cybersecurity and pentesting.
- The labs are great I had a lot of fun.
- The exam is the best I have had so far, love the format, nothing like pressure to get the pipes flowing.
- The course is very expensive but worth the investment.
- I highly recommended it on my end, you like challenge ? You thrive on pain ? This will suit you well.
Recommendations for exam preparation :
- Ressources:
Best notes I have encountered :
https://onedrive.live.com/?authkey=!AE_gXz4ANnMhJIc&id=4149EBCF4A8A1BD0!1849&cid=4149EBCF4A8A1BD0&parId=root&parQt=sharedby&o=OneUp
Guide:
https://nagendrangs.medium.com/how-i-passed-oscp-with-110-points-in-7-hours-first-attempt-without-metasploit-d6d7f6156444 - Tips:
Do the course material quickly and get the bonus points.
Do all the labs.
Use the practice exams (OSCP A/B/C) wisely, take them as if you had 24 hours to complete them.
Discord is your friend you learn nothing from staying stuck in a rabbit hole.
If you can do the CRTP beforehand I highly recommend it, it will make the Active Directory part of OSCP a breeze.
In the exam start with the Active Directory set, and once you root it do the standalone machines.