How to Get OSCP Certification?

1
How to Get OSCP Certification?
2
Why take the OSCP?

• If youre serious about being a penetration
  tester, the OSCP Certification is, for all
  intents and purposes, the industry standard. As I
  considered pentesting as a career, I spoke with
  lots of people who were working in the field
  already. Consistently, they recommended getting
  the certificate, which requires taking the
  Penetration Testing with Kali Linux (PWK) course.
  I also got OSCP Online Training.
• In truth, the course is useful for any career in
  cybersecurity, not just pentesting. If youre
  working on a blue team, for example, the
  experience of hacking into a network provides a
  lot of valuable insights for developing a cyber
  defense strategy.

3
Where to Start for OSCP Certification?

• As I mentioned, you start officially with the PWK
  course. Going through it is helpful, and you do
  learn a lot. The course includes a manual along
  with a lab environment. It is self-paced, so you
  go through it on your own time and schedule the
  test when youre ready to take it.
• However, there are some things I recommend doing
  beforehand. If you are new to the
  pentesting/cybersecurity field I would start with
  some capture-the-flag (CTF) exercises like those
  found here. After getting comfortable with CTFs,
  you might find it helpful to move on to sites
  like Hack the Box or TryHackMe. Doing these first
  will help you hit the ground and get running a
  little faster in the lab environment.

4
How to Make the Most of Your Coursework?

• Take lots of notes. While going through the lab,
  youll do many different things and youll do
  the same things multiple times. Keeping notes on
  how you got access to each machine during the lab
  work (yes, with copy/paste commands and
  explanations) will help during the test. Your
  notes can give you ideas and help you remember
  the difficult syntax. Also, notes that act as
  cheat sheets with common commands are especially
  helpful.
• Further, I recommend spending as much time in the
  lab as possible. While there is a forum for
  users, it may sound like the people there are
  speaking in code. If you struggle, just keep
  working on the problem and learning. If you do
  get stuck, ask questions in the forum. From my
  experience everyone is helpful, but they know
  its more important to guide you to an answer
  than giving it to you. Those who answer usually
  do it in a way that makes you learn the solution
  on your own, and youll thank them for that when
  you are taking the OSCP exam.

5
What about OSCP Lab?

• The lab houses more than 70 different computers.
  Most of these computers contain vulnerable
  software that can be exploited and some don't.
  The idea is to exploit a vulnerable machine, grab
  any information its storing, and then use it to
  access a machine that does not have a
  vulnerability.
• Among the vulnerabilities, youll see in the lab
  are ones that are well-known and that have been
  around for years. EternalBlue is one example. The
  real challenges are the custom applications that
  either can be used to gain access or have their
  vulnerabilities that require custom exploitation,
  using anything from XSS to SQLi to LFI/RFI. There
  are also remote and local exploits to gain access
  and then escalate privileges.

6
How OSCP Test Works?

• There are five different machines on the test. On
  each are text files that can be submitted to
  prove your access. Depending on the difficulty of
  the machine, these files are worth varying
  numbers of points. Of 100 available points,
  youll need 70 to pass the exam.
• However, to get credit for those points, you have
  24 hours to write a report that includes the
  steps you took to exploit the machine. These must
  be replicable by a technically competent reader
  and must contain either the link to the exploit
  code used or the exploit code if changes were
  made to it.
• During the exam, you are not allowed to use
  automated exploit tools. Metasploit can only be
  used once during the test, whether it works or
  not. Other exploits must be created manually by
  inputting the correct data or scripts, which may
  require some trial and error.

7
What to do Before OSCP Exam?

• It sounds counterintuitive, but I dont recommend
  studying or practicing right up until test time.
  Instead, try to take the day before the exam to
  prepare for how youre going to take it. The exam
  must be completed in 24 hours, but you can pick
  an early or late start time. If youre an early
  riser, start early. If you like to sleep in,
  start later. The point is to make sure that you
  play to your own strengths.
• Use your prep to do other helpful things as well.
  Maybe make sandwiches for the next day or set up
  the computer you are going to use to take the
  test. Figuring out things that you can do the day
  before can and will make things easier come test
  day.

8
OSCP Online Training Certification
Call Support Certify Trainer Training
one-to-one Evolution Workbook Updates till you
pass
Offensive Security Certified professional
1 (276) 325-2024
www.passyourcert.net
info_at_passyourcert.net