Friday, December 23, 2016

Passed OSCP exam

I have known about Offensive Security for a while. My first certificate was Offensive Security Wireless Professional (OSWP) ( I got this when I was in high school (2010). I used to hang around on Freenode IRC and OSWP was recommended to me. I was familiar with Linux and I had used Backtrack so I thought I might as well get the cert. Also, I had to have a senior project presentation so I ended up talking about security and me getting OSWP cert.

I recently passed Offensive Security Certified Professional (OSCP) ( exam. This course was fun and challenging. There is a lot of focus on information gathering, enumeration, and post-exploitation. Also, you are taught to not rely on one tool too much. For example, in the exam, you can only use Metasploit on one of the targets. In course, you also learn to modify and fix existing exploits, this comes in handy during the exam.

When you register for OSCP, you receive your training materials and lab access information. Training material is for you to learn things and lab is where you can try things out. When I started doing the labs, I took the easy way out and used Metasploit a lot. Although, I did go back and do some of the labs again without using Metasploit.

If you plan to sign up for this, make sure you can dedicate time to it.
Know the basics of networking, Linux, and Linux command line.
Be strong. Some of the machines in the lab will make you cry.
Take good notes and document everything!
If you can, see if anyone on /r/netsecstudents is doing OSCP and maybe work with them. I was working alone and sometimes I lost motivation to do the labs. Maybe having a partner will keep you in line and motivated.
Read the reviews and tips posted by other blogs. I've provided links at the bottom. Other posts provide you with more information this post.

Prepare your tools and scripts before you start the exam. I recommend starting exam early in the morning. I took it twice. First time, I started at 5PM and started to get tired at around 11PM. Second time, I woke up at 4AM and started the exam.

I was able to do this thanks to BSidesIndy ( and Offensive Security. I won the training as a prize at BSidesIndy.

If you are thinking about focusing on pentesting, I highly recommend OSCP. I would love to do OSCE ( too when I get more time to dedicate to it.

Better blog posts:


  1. Hello Everyone !

    USA Fresh & Verified SSN Leads along with Driving License/ ID Number, AVAILABLE with 99.9% connectivity
    All Leads have genuine & valid information.

    First Name | Last Name | SSN | Dob | Driving License Number | Address | City | State | Zip | Phone Number | Account Number | Payday | Bank Name | Employee Details | IP Address

    *Price for SSN lead $2
    *You can ask for sample before any deal
    *If anyone buy in bulk, we can negotiate
    *Sampling is just for serious buyers

    ->$5 PER EACH

    ->Hope for the long term Business
    ->Interested buyers will be welcome

    **Contact 24/7**
    Whatsapp > +923172721122
    Email >
    Telegram > @leadsupplier
    ICQ > 752822040

    1. Hello all
      am looking few years that some guys comes into the market
      they called themselves hacker, carder or spammer they rip the
      peoples with different ways and it’s a badly impact to real hacker
      now situation is that peoples doesn’t believe that real hackers and carder scammer exists.
      Anyone want to make deal with me any type am available but first
      I‘ll show the proof that am real then make a deal like

      Available Services

      ..Wire Bank Transfer all over the world

      ..Western Union Transfer all over the world

      ..Credit Cards (USA, UK, AUS, CAN, NZ)

      ..School Grade upgrade / remove Records

      ..Spamming Tool

      ..keyloggers / rats

      ..Social Media recovery

      .. Teaching Hacking / spamming / carding (1/2 hours course)

      discount for re-seller

      Contact: 24/7