I just completed the most frustrating, rewarding, maddening, thrilling, awesome, challenging, blood-curdling training of my life. It concluded with a rigorous 24-hour hacking challenge that almost killed me. Although I’m now extremely red-eyed and deprived of sleep, I’m excited to tell you all about the experience – just in case you want to subject yourself to similar torture.
Learn how to be a “good guy” hacker
If I had to describe the Offensive Security Certified Professional (OSCP for short) certification to someone else in one sentence, it might be this: You will learn the hand-on skills necessary to conduct and write a complete, end-to-end penetration test.
Upon signing up for the OSCP, you will receive download links for a training PDF filled with exercises, as well as a large zip file of instructional videos that complement the written materials. You will also download and install a virtual machine running the Kali operating system, which is full of ethical hacking tools. Finally, you will setup a VPN connection to the OSCP lab environment, which contains a large number of hackable machines. It also has a Windows 7 virtual machine you will use to write scripts, debug software and test out your attacks.
Once all the technical pieces are in place, you will begin following the PDF and watching the accompanying videos to recreate all the different objectives and exercises on your Kali virtual machine. Taking extremely detailed notes and screenshots is critical, as you must do a formal write-up of everything you learn in this portion of the training (more on that in a bit).
The real fun, however, doesn’t begin until you complete the initial training and are finally ready to start attacking the various vulnerable machines in the network. These machines run a wide variety of operating systems and software, and are designed to be as “real life” as possible.
The end goal is to hack each system and get full administrative access to it – which is often called “owning” or “pwning.” This is the real heart and center of the OSCP training, and where you will spend the majority of your time. Personally, I spent over 100 hours trying to crack all the various systems.
Need help? Try harder!
If you get stuck, an online chat system is in place for you to use, with OSCP administrators available at almost all hours of the day. You can engage them in a conversation and ask for help, but you might get frustrated with the answer you get. “Try harder” is the OSCP motto, and if the administrator feels that you simply need to do more self-study and practice to find your answer, that is exactly what you will be told.
On a side note, I’ve talked with past students who were upset with this approach. Their argument was that they were paying good money for a training class, and therefore the instructors should answer their questions. I’ll admit that at times I agreed with these students, as I myself was about ready to toss my laptop into the Mississippi after burning hours on a fruitless attack. However, in retrospect, I fully support and appreciate the OSCP approach, because if you can’t cut it in the labs, there is no way you’ll pass the final challenge.
Call Jack Bauer – you’ve got 24 hours to save the day
Rather than a standard computerized test, the OSCP certification exam is a 24-hour hands-on challenge. You are given a set of brand new machines to hack and you must infiltrate each one, gain full administrator access, and steal a trophy that proves your techniques were successful. All of this must be backed up by detailed notes and screenshots.
Once the 24-hour test window closes, you then have another 24-hour period to formally write up all your notes and screenshots and submit them to the OSCP administrators along with your lab write-up. Within a few days, you will receive the final verdict from the OSCP team, and hopefully your email starts with something along the lines of…
“Dear Brian, we are happy to inform you that you have successfully completed…”
Conclusion
I really cannot speak highly enough of the OSCP training and certification. If you want to learn how hackers are actually attacking systems and networks, this is the training for you. My only warnings/recommendations for you would be the following:
- Try harder. Make sure you are ready to struggle to find answers on your own. The training materials provided are a good primer, but you need to be self-motivated and take that knowledge to the next level.
- Get a solid support system. If you have a family, make sure they are supportive of your efforts before signing up. You’re going to be spending a lot of late-night hours alone while you chug through the materials. If it wasn’t for my wife’s unwavering encouragement, I never would’ve made it.
- Manage your time well. The OSCP pricing is based on 30, 60 or 90 days access to the labs. I suggest you pick a period of time where you are going to dedicate several weeks of non-stop effort to the cause. Otherwise, renewing the training multiple times gets pricey (and stressful).
If you have questions about the OSCP or your journey to become a pen tester, we are happy to talk with you. Feel free to contact us.