Offensive Security Certified Professional (OSCP)
Offensive Security
The Offensive Security Certified Professional (OSCP) is an ethical hacking certification offered by Offensive Security (OffSec) that teaches penetration testing methodologies and the use of tools included with the Kali Linux distribution.
The OSCP is a hands-on penetration testing certification, requiring holders to successfully attack and penetrate various live machines in a safe lab environment. It is considered more technical than other ethical hacking certifications, and is one of the few certifications that requires evidence of practical penetration testing skills.
About the Certification
The certification validates practical, hands-on skills in ethical hacking and penetration testing. Successful candidates demonstrate proficiency in:
- Identifying vulnerabilities
- Exploiting systems
- Escalating privileges
- Documenting findings in a real-world environment
The certification is relevant to roles such as penetration testers, security analysts, and consultants.
Exam Structure
- Duration: 23 hours and 45 minutes of hands-on hacking
- Report: 24-hour report submission window following the exam
- Format: Live lab environment with stand-alone machines and Active Directory sets
- Passing Score: Minimum of 70 points out of 100
You are required to write a professional report describing your exploitation process for each target, documenting all steps, commands issued, and console output.
Prerequisites
There are no formal educational or work experience prerequisites. However, OffSec recommends:
- Solid understanding of TCP/IP networking
- Reasonable Windows and Linux administration experience
- Familiarity with basic Bash or Python scripting
Industry Recognition
- In 2015, UK’s CREST began recognizing OSCP as equivalent to their intermediate level qualification CREST Registered Tester (CRT)
- Successful completion qualifies for 40 (ISC)² CPE credits
- The OSCP certification has no expiration date and is valid indefinitely