OSCP in current state ?

This topic contains 22 replies, has 12 voices, and was last updated by  globus 6 years, 5 months ago.

  • Author
    Posts
  • #8275
     globus 
    Participant

    Hi, Im new here as member.

    Im IT Engineering student(23 y. old)… Im thinking about taking OSCP cert but have some questions/doubts… I read almost every review here on forum about course(sternone was very good review/journey) and still not sure so here are my questions and some story about my knowledge…

    Started about 7 years ago in cracking/decrypting (before college), switched about 2 years ago to pentest web applications, Im writing paper on pentesting web app. as my graduation paper…
    I have knowledge in linux/windows worked for some time as admin in small company…
    At college learnt basics of ASM and programming ARM… Basics of C/C++, in free time I code in C#, python… for work I coded in php and javascript… okey so back on topic…
    Read most of the books on metasploit,pentesting, watched and practiced metasploit course from security-tube…

    1. Is there any measurement if Im good enough to take OSCP course ?
    2. Can I start course every month or there is some period ( I read that 16th march is deadline in this month) ?
    3. Is there any more knowledge that I need to have before taking course?
    4. The certification itself is it good on today job market?
    5. Please share general ideas etc. on what to do and if I should take this course..

    regards and thanks for all replies…

  • #52147
     MaXe 
    Participant

    There’s no measurement, but it’s the best way to learn the basics of pentesting when it comes to courseware. The Labs, may be very tough if you’re very new to pentesting. I suggest you become familiar with linux and the console a bit, before diving into OSCP/PWB.
    It’s also useful to have a good working knowledge about computers and networks in general (just the basics), despite the course covers much of this.
    What you must be willing to do, is to never give up during the PWB/OSCP course and certification, and if you don’t understand something, try harder on your own, use the student forums, google, etc.
    I took OSCE a couple of years ago, it was awesome, despite it was quite tough for me back then, after all, it was my first certificationย  ;D If you’re motivated enough, you can do OSCP.

  • #52148
     cd1zz 
    Participant

    Go for it, you’ll struggle but it’s well worth it and I think you know more than I did, when I started. The OSCP is well respected in the community, however our friends in HR still don’t appreciate as much as we do. If you’re looking to work at a pen testing firm, and they don’t know what OSCP is, run away and apply somewhere else ๐Ÿ™‚

  • #52149
     UNIX 
    Participant

    @globus wrote:

    1. Is there any measurement if Im good enough to take OSCP course ?

    If you really have a solid understanding in each of the topics you mentioned you shouldn’t have much problems. The topics you are not familiar with yet should be easy enough to pick up while you proceed through the course.

    @globus wrote:

    4. The certification itself is it good on today job market?

    It’s not very well recognized by HR, but that shouldn’t hinder you from taking it.

    @cd1zz: While I enjoyed the Offensive Security courses myself quite a lot, I certainly wouldn’t go as far as implying that a company might not be good if it hasn’t heard about them. I know quite a few individuals you have never heard about them (simply because they don’t care about such courses/certifications in general), yet they are extremely skilled and knowledgeable.

  • #52150
     cd1zz 
    Participant

    You know pentesting firms that don’t know what the OSCP is?

  • #52151
     cd1zz 
    Participant

    Well,ย  spread the word!

  • #52152
     Dark_Knight 
    Participant

    @cd1zz wrote:

    You know pentesting firms that don’t know what the OSCP is?

    Ok…..but the real question is do they know what the CEH is ::) ::)
    ;D ;D

  • #52153
     caissyd 
    Participant

    @cd1zz wrote:

    You know pentesting firms that don’t know what the OSCP is?

    +1 !!!

  • #52154
     globus 
    Participant

    thanks for replies ๐Ÿ˜€
    Probably I will enroll in few days if nothing new about topic show up ๐Ÿ™‚

  • #52155
     impelse 
    Participant

    I think they are konwing more about OSCP, I’ve been in many OWASP meeting and some inteviews and they already know about the offcensive training.

  • #52156
     Phillip Wylie 
    Participant

    Based on your post, it sounds like you are ready to take the course.

    I am seeing more companies on LinkedIn asking for pen testers with the OSCP cert. I think it will only get more recognized.

  • #52157
     dynamik 
    Participant

    +1 for going for it. You seem to have fairly well-rounded knowledge, so you shouldn’t be at a complete loss for any of it (compared to someone that has no Linux experience, for example).

    If you still feel weak in some areas after your lab time has expired, take some time to strengthen those skills, and then get another 30 days and hammer it home.

  • #52158
     globus 
    Participant

    One more question :

    Is it better to take 1 month labs and if I need more time than buy additional time or it is better to take straight 3 months from the start?

  • #52159
     Questionable 
    Participant

    I think you’re the only one who is going to able to answer that, read the course syllabus, if you believe you have the knowledge and the time to study within a 1 month period, pay for a month, if you feel you need more time after that you can easily extend it.

    From reading your post, I personally would take the 3 month from the start, but that’s my personal opinion, report back to us when you take the exam, and let us know how you get on!

  • #52160
     globus 
    Participant

    I forgot to mention that I can spend like 8 hours a day on that course that is one of factors…
    Right now Im thinking about taking 60 days on labs… I think that should be enough, and maybe some additional time if something goes wrong…

  • #52161
     m0wgli 
    Participant

    @globus wrote:

    One more question :

    Is it better to take 1 month labs and if I need more time than buy additional time or it is better to take straight 3 months from the start?

    Really depends on how much of an issue the cost is to you and how deep you want to go into the topics within that time.

    Given the amount of time you can dedicate to it, I’d go for 30 days to start with. After the 30 days are up you can work on any areas you need too without wasting lab time. After that you should have an idea of how much extra lab time you’ll need. This approach is only going to cost you an additional $50 if you were to add an extra 30 days to the initial 30 days.

    I won the PWB course here last year with 30 days lab time, I’d originally planned to do the course myself with 90 days lab time. However, having used the first 30 days, I’m swaying towards to just extending by 30 days rather than 60 days, and I can’t nearly spend as much time a day as you can.

    Without the pressure of the lab clock ticking down, I’ve been able to research some topics far more deeply than perhaps I would have done otherwise.

    Have you seen this review?:

    http://blog.g0tmi1k.com/2011/07/review-pentesting-with-backtrack-pwb.html

    We all learn differently and do so at different speeds. Also we all have different background experience and not everyone can put in the same about of time. Having now completed the course, I would say if you want to “just pass” the course and can put a good couple of hours in each day then you could get away with doing 30 days – at a push. However, if you want to take your time, learn it and (try to) “do it all”, I would recommend 60+ days in the lab. I started off with 30 days, with the hope of cramming it all in as I could spend 8+ hours a day on it. In the end, it took me a solid 30 days in the labs (not including any of the exercises before the lab work), so I ended up extending it by 15 days. If I was to do it again, I’d opt for 60 days and pace myself better.

  • #52162
     globus 
    Participant

    @m0wgli wrote:

    Have you seen this review?:

    http://blog.g0tmi1k.com/2011/07/review-pentesting-with-backtrack-pwb.html

    We all learn differently and do so at different speeds. Also we all have different background experience and not everyone can put in the same about of time. Having now completed the course, I would say if you want to “just pass” the course and can put a good couple of hours in each day then you could get away with doing 30 days – at a push. However, if you want to take your time, learn it and (try to) “do it all”, I would recommend 60+ days in the lab. I started off with 30 days, with the hope of cramming it all in as I could spend 8+ hours a day on it. In the end, it took me a solid 30 days in the labs (not including any of the exercises before the lab work), so I ended up extending it by 15 days. If I was to do it again, I’d opt for 60 days and pace myself better.

    Yes I have read the review and that 60 hours is probably the best option for me right now because I dont want to be hasty if getting to know new things and polish up everything I know so far …
    It was good choice to ask questions here on forum ๐Ÿ™‚

  • #52163
     Phillip Wylie 
    Participant

    If you can dedicate 8 hours a day to studying, then 60 days would probably be enough.

  • #52164
     KrisTeason 
    Participant

    Having taken the course and looking at your background, I say go for it. It’s good you have the programming background. Some people wonder if they have enough and not everyone likes looking at code. To answer some questions:

    Is there any measurement if Im good enough to take OSCP course ?
    I would read some of the PWB Reviews. A lot of them have listed the individual’s background listed off. If the review is on a Security Related blog, you can get a feeling of the persons background prior to them signing up for the course. We also have on here a lot of reviews. Search, search, search!

    2. Can I start course every month or there is some period ( I read that 16th march is deadline in this month) ?
    At the time I enrolled for PWB v3, they were accepting new students every week. Enrollment will continually be available – it’s just a matter of picking a time that best fits your schedule.

    3. Is there any more knowledge that I need to have before taking course?
    I agree with what MaXe mentioned. Having that basic networking knowledge and being comfortable in a shell will always help. This isn’t a course where you point and click to own boxes.

    4. The certification itself is it good on today job market?
    It’s picking up more and more. Here’s a quick Dice listing after searching ‘OSCP’:
    http://www.dice.com/job/results?caller=basic&q=OSCP – Yields 16 results currently. I’ll tell you that after searching dice for that keyword a couple years ago, you would be lucky to pull back > 5 jobs. It’s great to see it getting well deserved recognition.

    @globus wrote:

    One more question :
    Is it better to take 1 month labs and if I need more time than buy additional time or it is better to take straight 3 months from the start?

    I’d say go with 60 days at least. If you do 90 days from the start, your mainly saving money. If you need more lab time after your time expires, your always welcome to purchase more time. Know that Lab Time is valuable. There’s a good amount of vulnerable systems sitting out there across multiple subnets. I know OffSec has expanded the labs since I took the course. Be sure to purchase enough lab time according to how much time you can commit.

    Though g0tm1lk says if you want to just pass do 30 days, I would advise against it. It’s obvious with his blog that he is rather comfortable in BackTrack, and had a lot of time to spend in the Lab. Perhaps 30 days would of been OK for Version 1 and 2 of the course, but again I highly emphasize at least 60.

    Lastly, your going to have a blast in the course! Were all here for you if you needย  anymore advice.

  • #52165
     globus 
    Participant

    @xXxKrisxXx Thanks for answering most of my questions:) I read most of reviews I could find… because of them I decided to participate in course.

    I already signed up for the course and Im refreshing my knowledge about assembly language and buffer overflow because I think I will have most problems with that…

    Im starting 17th March and took 60 days lab time.

    Keep thumbs for me ๐Ÿ˜€

  • #52166
     globus 
    Participant

    I finished the lab time like month ago ๐Ÿ™‚ forgot to share that info… Now Im preparing for exam, rewriting old exploits etc.

    Should I be doing something else before exam? ๐Ÿ™‚ Any thoughts on that…

  • #52167
     caissyd 
    Participant

    @globus wrote:

    I finished the lab time like month ago

    How many hosts have you pwn? I personaly found the exam a little harder than the lab… But if you have successfully rooted most lab boxes, you should be fine!

  • #52168
     globus 
    Participant

    I only lacked admin network because lab time was over for me…
    70% of boxes were pwned by hand no using metasploit, only nmap and exploits from the web.

You must be logged in to reply to this topic.

Copyright ยฉ2019 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?