.

Passed the OSWP challenge

<<

alucian

User avatar

Full Member
Full Member

Posts: 228

Joined: Mon Dec 29, 2008 2:01 pm

Location: Montreal, Canada

Post Sun Oct 25, 2009 2:25 pm

Passed the OSWP challenge

Hello,

After studying the Offensive Security’s course, this Friday I passed OSWP exam. I will try to do a little review of both the course and the exam.

The course

I found the course to be very well done; it gives structured information about the subject in an understandable way. It has many videos that present various tools and attacks, and a pdf manual that completes the course.

The manual starts with almost 160 pages of theory covering various subjects: the IEEE 802.11 standard, discussion about wireless networks, and very in depth theory about packets, frames, how authentication and association takes places in different scenarios. The theoretical part ends with a discussion about hardware used: cards, adapters and antennas.

Being an offensive course it covers in depth the Aircrack suite (cca 155 pages), with very much emphasis on: airmon-ng, airodump-ng, aireplay-ng, packetforge-ng, aircrack-ng, airtun-ng, wesside-ng and easside-ng tools. Each module comes with detailed explanations, videos, labs and examples. There are many captured files that can be downloaded, and once opened in wireshark helps you a lot to understand the principles. The others tools from the suite are briefly discussed.

The next big part of the course (~80 pages) covers the attacks against the wireless networks. Here are also videos, examples and “to do” labs that helps the student to understand how to perform the attacks, and how to apply the tools already studied.

The last part of the course discusses in few pages the other tools that can be used in order to do wireless penetration and assessment: Kismet and John the Ripper. Here there are no labs to do.

In conclusion I found the course to be interesting, sometimes fun and I think I learned a lot from it. I would like to see some examples on using John the Ripper, and definitely I would like the course to cover other subjects like Bluetooth, using GPS and some other modern subjects. But, this course is what it pretends to be: and offensive wireless security course.


The exam

After studying the manual and doing a lot of practical exercises I found the exam medium as difficulty. I finished it in 1 ½ hours out of the 4 allocated hours. Without the course maybe I would find it more difficult.
It was an offensive exam, so practically you connect to a machine in their environment, and you are given the challenge to find the keys for different networks.
After the exam you have 24 hours to send them a document containing the keys you have found, and (more important in my opinion) to explain what have you done and how.

Conclusions

For those of you that are interested in this field I certainly recommend this certification. If you want to understand more about wireless networks and how to penetrate them go for the course + exam version. You’ll learn a lot, especially about how to crack a WEP network.

If you are low on money or you consider that you have enough knowledge on the subject go for the exam. At 80$ it is very affordable. Play with your router at home, try to crack all the access control combinations: WEP (with or without clients, open authentication, shared key authentication, hidden ESSID) and WPA PSK. If you can do this you’ll pass the exam.

This certification will give you a formal recognition of your skills and knowledge, and, also, will help the guys from Offensive Security to be better known in the industry, and will supply them the funds necessary to improve and develop their courses.

Best regards,

Lucian
CISSP ISSAP, CISM/A, GWAPT, GCIH, GREM, GMOB, OSWP
<<

Dark_Knight

User avatar

Sr. Member
Sr. Member

Posts: 294

Joined: Mon Aug 11, 2008 7:03 pm

Post Sun Oct 25, 2009 7:42 pm

Re: Passed the OSWP challenge

WOOOOTTTTT!!!! :) :) :) :)
Congratz
CEH, OSCP, GPEN, GWAPT, GCIA
http://sector876.blogspot.com
<<

morpheus063

User avatar

Sr. Member
Sr. Member

Posts: 393

Joined: Sun Jun 25, 2006 10:08 am

Location: Cochin - India

Post Sun Oct 25, 2009 8:23 pm

Re: Passed the OSWP challenge

Congratulations Alucian. Great work!!!!!

And all the best for your future studies and career. :)
Manu Zacharia
MVP (Enterprise Security), ISLA-2010 (ISC)², C|EH, C|HFI, CCNA, MCP,
Certified ISO 27001:2005 Lead Auditor

[b]There are 3 roads to spoil; women, gambling & hacking. The most pleasant with women, the quickest with gambling, but the surest is hacking - c0c0n
<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Sun Oct 25, 2009 8:31 pm

Re: Passed the OSWP challenge

Good Review alucian, I haven't heard too much about this course but you described it well. I don't know how popular this cert is yet but I'm sure it'll grow and become more respected in the field. Congrats! 8)
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP
<<

Dark_Knight

User avatar

Sr. Member
Sr. Member

Posts: 294

Joined: Mon Aug 11, 2008 7:03 pm

Post Sun Oct 25, 2009 9:12 pm

Re: Passed the OSWP challenge

I started this sometime ago. I really need to finish it up.
CEH, OSCP, GPEN, GWAPT, GCIA
http://sector876.blogspot.com
<<

impelse

Hero Member
Hero Member

Posts: 585

Joined: Mon Feb 16, 2009 3:40 pm

Post Sun Oct 25, 2009 10:05 pm

Re: Passed the OSWP challenge

Congrats
CCNA, Security+, 70-290, 70-291
CCNA Security
Taking Hackingdojo training

Website: http://blog.thehost1.com/
<<

best.pal

Post Mon Oct 26, 2009 1:25 am

Re: Passed the OSWP challenge

I am happy to say that am a newbie and my first post goes with "congrats"....!!

Congrats alucian.....!!
<<

Xen

User avatar

Sr. Member
Sr. Member

Posts: 386

Joined: Tue Feb 03, 2009 3:59 am

Post Mon Oct 26, 2009 8:27 am

Re: Passed the OSWP challenge

Congrats! And nice little review of the course.
<<

alucian

User avatar

Full Member
Full Member

Posts: 228

Joined: Mon Dec 29, 2008 2:01 pm

Location: Montreal, Canada

Post Mon Oct 26, 2009 9:08 am

Re: Passed the OSWP challenge

Dark_Knight wrote:I started this sometime ago. I really need to finish it up.

Same for me. I took it in the idea that it won't be to difficult and I will do it during the summer. Then I had other priorities (renovations, move to the new house...) and I end in doing it just now.
Now, I will try it on the market, to see if it add value to my background.
I really enjoy doing it because is hands on. I am doing Heorot part1 now, and then ... don't know yet.

Good luck to you, too!
CISSP ISSAP, CISM/A, GWAPT, GCIH, GREM, GMOB, OSWP
<<

Ignatius

Jr. Member
Jr. Member

Posts: 91

Joined: Sun Mar 22, 2009 9:51 am

Post Mon Oct 26, 2009 12:43 pm

Re: Passed the OSWP challenge

alucian wrote:Now, I will try it on the market, to see if it add value to my background.

I'll be interested to know (in due course) if it makes you any more valuable to a potential employer.  Your post has made me decide what my Christmas present to me will be!
<<

UNIX

User avatar

Hero Member
Hero Member

Posts: 1244

Joined: Mon Apr 28, 2008 9:20 am

Post Mon Oct 26, 2009 1:24 pm

Re: Passed the OSWP challenge

Thanks for the short review and congratulations. ;)
<<

alucian

User avatar

Full Member
Full Member

Posts: 228

Joined: Mon Dec 29, 2008 2:01 pm

Location: Montreal, Canada

Post Mon Oct 26, 2009 4:18 pm

Re: Passed the OSWP challenge

[/quote]
I'll be interested to know (in due course) if it makes you any more valuable to a potential employer.  Your post has made me decide what my Christmas present to me will be!
[/quote]

I looked at SANS GAWN certification. It appears to be mooore complex, but it is more expensive also (if you'll pay it from your pocket).
This one will open many doors, as there are less than 80 certified guys in the world, and it is a very difficult certification.

I don't think that OSWP alone will bring you a job, maybe for a huge company that has many locations and have to assess them, or as a consultant. I will try the former one, maybe combined with another pentest cert.
CISSP ISSAP, CISM/A, GWAPT, GCIH, GREM, GMOB, OSWP
<<

SecMan

Newbie
Newbie

Posts: 17

Joined: Thu Dec 25, 2008 8:57 am

Post Tue Oct 27, 2009 7:12 am

Re: Passed the OSWP challenge

The course is very nice.  The main con with the course is that it doesn't cover bluetooth, which the SANS course does.
<<

cr1p70

Newbie
Newbie

Posts: 1

Joined: Mon Apr 22, 2013 12:02 am

Post Mon Apr 22, 2013 12:07 am

Re: Passed the OSWP challenge

Passed OSWP Tonight  8:33pm started at 7:23pm hurray for me... ;D ;D ;D
CEH & PWB is on my target list will enjoy every bit as i did this thanks Offsec.
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1661

Joined: Mon Jan 29, 2007 2:59 pm

Post Mon Apr 22, 2013 6:29 am

Re: Passed the OSWP challenge

Congrats on the pass!
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
Next

Return to OSWP - Offensive Security Wireless Professional

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software