In today’s post we are going to talk about one of the most recognised certifications in the world of cybersecurity information. OSCP is an Offensive Security certification for professionals.
Today’s article offers interviews we have done to our ODS professionals who recently obtained the offensive Security Certified Professional (OSCP) certification. Gonzalo García y Efrén Díaz tell us firsthand how their experience has been and give us some advice for all those who are considering certification.
To carry out the OSCP certification what previous knowledge do you think are essential and / or necessary?
G. It is a difficult and hard certification. Certainly, from an administrative point it is necessary to have a deep knowledge about the operation of the Linux and Windows operating systems, how the permissions work in each operating system, the file system, etc.
On the other hand, it is necessary to have at least a basic knowledge about web vulnerabilities, since a significant amount of services are exploited via web during the laboratory.
Other knowledge that helps during the work in the laboratory and the exam are: knowledge about database utilisation such as exploit-db and knowledge of compiling binaries for Linux.
What are the certification tests? What kind of tests are they?
G. The OSCP certification is composed of a lab testing, accompanied by a course, called “PWK” (Pentesting With Kali) in which are mentioned the basic concepts necessary to begin to understand the pentesting process using the Kali Linux distribution.
The laboratory is composed of a series of machines, mostly server type. The objective is to be able to vulnerate these machines and achieve the maximum privilege in each of them, using different techniques and exploiting different services.
E. It should also be noted that the laboratory simulates a business network with some sub networks, to which you will not have access at first, and for this you will need to previously compromise some machines.
Another characteristic to keep in mind, is that, as when entering the business network, an important factor is the data relation between machines. Sometimes certain details such as user names or others that you find in a machine after hacking it, may be useful in the rest or even necessary to be able to commit them.
What difficulties have you encountered when conducting the tests?
G. One of the biggest difficulties in making a laboratory like OSCP is the organisation of time, especially when you have to combine it with work. On the other hand, hack some machines in the laboratory is especially complex, since it is to chain several small vulnerabilities to get maximum privilege in the machine.
E. Another factor that must be highlighted is the existence of rabbit holes in many machines. These false clues in which you can waste a lot of time thinking that in them you will find the way to compromise the machine, and after hours of frustration you will realize that it was something else, even after having previously seen it without becoming aware.
How was your experience with a tech lab?
G. Very good, sometimes frustrating, but in general very good.
From your point of view, what benefits does the certification offer?
G. For me, one of the main values taught by the certification is the well known “Try harder” or “keep trying”. In many occasions, during a pentesting exercise, the objective may seem invulnerable, however, it is a matter of perseverance, of organising information well and continuing to test ideas and techniques, until finding the key.
On the other hand, from an organisational point of view, OSCP teaches you how to correctly organize the pentesting process, from the recognition of services in the machine, through the exploitation of vulnerabilities to the elevation of privileges in the system.
E. Before starting with the certification your knowledges will always be more solid in the fields or types of technologies that you have worked or found before. However, when you arrive at the tech lab you will have to face understanding and analysing new types of systems, protocols or characteristics that you have not seen before, which will provide you with a series of very important knowledge, and will help you to strengthen and expand your field of knowledge.
How much time of dedication does certification require?
G. The certification offers three plans that differ by the time of access to the tech laboratory. There are options of one, two or three months of access to the laboratory. Once the selected time has ended, it is possible to extend the tech lab time for a slightly lower price or to take the exam. The more lab time you have, the less time you will have to devote daily, based on your knowledge. The normal thing is to dedicate about 8 hours a week to the laboratory for an experienced person. An inexperienced person can dedicate between 3 and 4 hours per day, that is, on average about 17-18 hours per week.
E. Regarding the time to be selected for the lab, for someone who does not have many years of experience in the cybersecurity sector, it would be advisable to select the option of 3 months of lab dedicating a series of hours per day.
If you are one of those who have already worked in this field and believe you have a robust knowledge in all fields of this sector, and, in addition, you can dedicate a few hours a day to the laboratory, you could select the option of two months. In my opinion, the one-month option would be recommended to those who have solid knowledge in all its parts and enough time for the laboratory.
Once obtained the certification, does it require renewal? Does it expire?
G & E. No, once obtained, it does not require renewal.
Why do you consider that this certification is different from other certifications?
G. OSCP is an eminently practical certification, It is only passed if you have the necessary knowledge, if not, you will most likely suspend. The “luck” factor plays a secondary role.
E. Since the end of 2018 it is one of the few certifications that at the time of taking the exam require you to have control of your webcam and screen monitor to ensure you are the one who take the exam and do not have any kind of external help.
What recommendations would you give to people who want to be certified in OSCP?
G. If you do not have any experience in pentesting, be patient and be trained, it is important to reach OSCP certification with a minimum base. On the contrary, if they already have experience, that they embark on an adventure, even without obtaining certification, the lab experience is very valuable from a professional and personal point of view.
E. I recommend taking advantage of environments such as “Hack the box” and “Vulnhub” to all those who want to be certified. They offer a series of machines, many of them with characteristics similar to the OSCP lab, to be able to practice and thus reach a more solid base.
Definitely the OSCP certification is one of the most outstanding at present. At ODS, 2 of our professionals are already certified and another colleague is in the process of completing the certification.
It is important to highlight that the OSCP certification adds an incalculable value to the development of a business, since having certified people offers greater knowledge, control, preparation and agility in the answers.
From ODS we offer training based on preparation courses for all those interested in obtaining the OSCP certificate. Our team of certified experts will guide you throughout the preparation process for the test, providing you with the necessary support and knowledge to obtain the OSCP certification successfully.