OSCP Review as a Normal Student
< Note: This post was written in August 2019, and has been ported to this new blog of mine >
I became an OSCP on 07/28/2019! During my preparation, I've read through multiple OSCP Reviews, only to find most of them were written by: experienced sys admins/developers (5+ years), Rockstar students (who have been hacking FBI/CIA/NSA since the age of 13), or extraordinary people who have done OSCP by studying OSCP like a full-time job. So I'll leave my version of the review here, from an ordinary IT-related major undergrad student.
My main goal of this review is to give courage to fellow undergrad/grad students, and what to expect going into OSCP. Technical tips and tricks will come in future blog posts.
This review will not have the typical structure of...
What is OSCP --> How's the course/lab --> How's the exam --> Tips for Exam, etc. This review will focus more on what kind of background you need to have, deciding if OSCP is the cert you want to go after, and the value of OSCP for students. You might think “hey I just want OSCP. Go on with the technical tips already”, but I have seen way too many people blindly desiring the OSCP certification because it is well-known in the security industry. It’s never a bad idea to actually know what you are putting yourself into first.
Lastly, as a personal opinion, please take this review with a grain of salt. I'm just a random student on the internet.
Table of Contents
- My personal background
- Technical background
- Is OSCP right for me? Am I ready to take OSCP?
- Value of OSCP
- Time Commitment for OSCP
- My OSCP course/lab/exam stats
1. My personal background
I've started to learn IT about 1.5 years ago, when I changed to my new major. Before then, I didn't know anything about programming, networking, pentesting, etc. I was interested in Information Security since highschool, but real-life situations (compulsory military service, financial reasons...) have made me to pick a financially secure major than pursue the study that I wanted to do. After I changed my major I tried to learn the fundamentals of Security. After that, this Summer, I finally decided to pick up PWD and give it a go.
2. Technical background
I'm not saying if you have taken similar classes as I did, you will pass OSCP without any problem. However, it is critical to compare/contrast your background with my background, in order to know how much technical background knowledge is needed to learn materials in PWK.
- 2 basic programming classes - Python / C (your college 101 coding classes)
- 2 networking classes - Layer 2,3,4
- 1 Basic cybersecurity class - Which was, sad to say, probably one of the most disappointing classes (We learned not to click on the malicious URL link for 2 weeks)
- Active participation in school’s cybersecurity club; Attack/Defense competitions, CTFs, Demo challenges, and interacting with great colleagues.
With this background knowledge, I had no problem understanding what PWK was trying to teach me. Don't get me wrong, I had to research tons of stuff in the course materials and had a really hard time during the labs. However, I was able to at least understand the basics and then research my way through.
Personally, I have seen some students preparing linux/windows internal OS architecture, learning about network protocols, reading RFCs, and such. Understanding the fundamentals is great, and is something that I try to do everyday, instead of having a “hacker mindset”. However, we do not need to go that much in-depth, for OSCP. Remember that your time is limited, and OSCP materials themselves already take up lots of time as they are challenging. If you add OS architectures and network protocols on top of OSCP, it will only distract you. If you are going for OSCP, focus on OSCP (you need to focus 100%). After you get certified, go back to the fundamentals and start learning them again.
3. Is OSCP right for me? Am I ready to take OSCP?
These questions are the questions that I saw the most in the /r/oscp subreddit and the exact questions that I had myself, as well.
A) Is OSCP right for me?
If you are interested and passionate about offensive security; vulnerability assessment, penetration testing, red teaming, then yes, OSCP can serve as a great starting point. But then again, really ask yourself if you are really passionate about offensive security. As a 19,20-year-old college student, you might not even know what you want to do for the majority of your life. Explore other fields of security and explore other fields of IT in general. Who knows, while researching, you might find your passion for Machine Learning/A.I/Algorithms and change your major from Security to Computer Science.
Moreover, ask the professionals about the industry. Is offensive security really all about wearing a black hoodie and hacking with 4 terminals open while having cyberpunk music on in the background? Lastly, ask professionals about the status quo / future of offensive security, to help you to decide if it is truly the industry that you want to go in.
If you have done your research and think you are really that passionate about offensive security, go for OSCP.
B) Am I ready to start OSCP?
If you are past IT-related major Freshman, or have taken any kind of programming + networking class, or got any of the good foundational certifications (A+, Sec+, CCNA, etc), then yes, you are reade. You will struggle and you will suffer throughout PWK, but at least you are ready to actually start your OSCP journey. This is my personal opinion, after looking at myself and my OSCP certified colleagues. However, always remember to check the syllabus before you enroll in PWK.
4. Value of OSCP - What will I gain?
You have now verified your technical background and decided if OSCP is right for you. Now you might wonder, so, what do I get out from OSCP?
Career-wise
There are some stories on the internet that after OSCP, someone just magically gets a Jr.Penetration Tester job offer, interview, or gets recruited. Those cases are either very rare, the person already had some kind of previous IT career or happened pre-2013, when certified OSCPs were very rare.
As students, we won’t experience jobs falling into our laps, or recruiters reaching out to us. If you are a rockstar, then maybe yes. But for most, probably not.
What OSCP will give you, is a verification that you are passionate about what you are doing. You may have not started “hacking” at the age of 13, but ever since you found your passion, and you work hard for it. No, you are not like any other students who only say they are passionate. You are able to put in the time, research, and hard work for X amount of days. You actually enjoy learning new stuff and being challenged. All in all, OSCP will make you stand out from other candidates, and give you slightly more edge of landing an interview.
If you have hopes of landing a penetration tester job right after you get OSCP, please don’t. While it definitely give you an edge, it won’t be that much.
Knowledge-wise
This where the gem lies. And I’m not talking about the knowledge related with exploits, attack vectors, or network services. It’s more about the mindset and methodology you will learn. Going through OSCP felt like I was doing basic fundamental training just for offensive security. While I didn’t become an expert in one area, I did found and adapted my own mindset and methodologies.
You become much more proactive in your research. If you don’t know something, you start your research, go deep. Learning why some things work the way it works. Never saw a web CMS before? Good, let’s actually download it in the testing VM, skim through the documents. Find out why some features work this way, why some others work the other way.
Then you start to think critically; what if I do this? What happens under this condition? How can I make something to work as not intended to be? It’s not all about exploiting, getting shell, and “hacking”, it’s more about thinking how to make something work not-intended, with the tools and options you have in your hand.
After the mindset, you start to develop your methodology. You will develop your own methodology for hacking, researching, and documenting.
For some students, the mindset and methodology is something that they had for a long time. For me, I never experienced such things. Thus, I have built a technical and non-technical mindset and methodology.
5. Time Commitment for OSCP
This will vary too much from person to person, so I'll just list my experience. Some will breeze through OSCP while taking 24 credits in college, while some will suffer through OSCP even during the Summer break. We are all too different.
However, for any students, I think Summer break / Winter break is the best time to start OSCP. You'll most likely go to do some kind of intern/co-op over Summer vacation. Depending on your personal life, this will give you 6:00pm ~ 12:00pm free to study for OSCP. This isn't to say that you should never start OSCP during the semester. As long as you can commit 3~4 hours on weekdays, and more time on weekends, I think you should be fine.
For me, I did OSCP over Summer while interning full-time. I studied 3~4 hours after work, and 16~20 hours over Saturday+Sunday. For around 9 business days, I had the privilege of studying OSCP during work as I had some downtime after each project I finished.
6. My OSCP course/lab/exam stats
Course and Lab Stats
Total Days spent: 42 days
Course/Lab report spent: 8 days
Lab Days spent: 30 days
Days off/chill day: 4 days
Lab Machines Rooted: 32 (twice) + 16 HTB machines
Exam Stats
Exam Attempt: 1
Exam time: 6 hours 40 minutes
Exam points: 4 root + 1 low shell + Lab report
Exam Report time: 4 hours
Total Exam time: 10 hours 46 minutes (with breaks/lunch/dinner)
Metasploit usage: 0
Conclusion
I knew the existence of OSCP for more than 6 months and was always too terrified to even start the journey. My god, the rant and horror stories that came from IT professionals failing the exam multiple times, and getting frustrated have definitely made me lose my confidence. It was one of my colleagues who definitely helped me to push myself and encouraged me to go for OSCP.
I was very thankful for this colleague and wanted to return the favor to other fellow students as well. OSCP is hard and you will suffer (and have fun at the same time). But it is not impossible. Don't lose your confidence and don't even give it a go like I did for the past 6 months. Prepare well for OSCP, give it your best, and take it.
Special thanks to:
https://twitter.com/mohadsec - My colleague Mohad, who already had OSCP and motivated me to "just do it!"