17 August 2007
OSCP Certification Challenge (The Most Intense 24 Hours I've Had This Year)
I signed up for the Offensive Security 101 training back at the beginning of May, and I actually got around to going though the course material towards the middle of July. At a first glance, I really wasn't too sure what to make of it, as reading through the index of the training, I was thinking that I know most of the coursework, and maybe I had just wasted some of my bosses budget. To be honest I kind of felt this was even while I was going through the training, kinda that something was missing. Ok, so I have been in this industry for probably about 10 or so years now, and with that comes experience, but still, I enjoy learning something new. The one thing that I would say about this course though is that if you just go through the course slides and the PDF, and leave it at that, not only will you not be ready for the certification challenge if you want to try it, but there's a good chance that you won't make it. The course is a brilliant overview into the tools of penetration testing, and how to use them, but you've really got to do quite a bit of work outside of the course ware to get real benefit from it. Which really is understandable, this is a security course, not a learn Python, Perl, C++, Networking, Windows, Unix, Linux and security course. I think that the guys at Offensive Security have done an amazing job on this course and I can't wait to try their next offering! Now, onto the challenge, obviously I can't mention too much about it here, but I can say that out of all the certifications that I hold, this has got to be the one that I am the most proud to have obtained. I started the challenge at 15:00, by about 16:30 I had already gotten through the first of five hosts. I though things were going well, then I only managed to get through the second host at about 23:45. I had a couple of hours sleep between 05:30-07:30 and then carried on until 15::00. It's the most intense exam that I've ever done for a certification, and I would happily recommend it to anyone. Also having one of the Offensive Security team around to reboot the servers when needed was a godsend, so thank you for your patience ;-) I got news about 18:30 that I'd made it through, and am now OSCP (Offensive Security Certified Professional) certified! Anyone even thinking about doing this course, just take the plunge and do it, you won't regret it.