OSCP will now be proctored.

Mike7

EnderWiggin wrote: »

But what if I want to take the test naked? Do I now lose that benefit?

You get additional "Hack Naked" T-shirt from OffSec.

EnderWiggin

Mike7 wrote: »

You get additional "Hack Naked" T-shirt from OffSec.

Challenge accepted.

Sheiko37

LonerVamp wrote: »

Sheiko37 wrote: »

I'd also like to see the percentage of OSCP holders who are women, just putting that out there...

...and compare that against every other hacking/IT cert.

How about comparing it to other learning pathways, why does it have to be a certification? What is the goal, paying for acronyms on your email signature, or actually getting educated information security professionals?

Hands aren't going to be held terribly long in this profession.

You're describing a false dichotomy. There's more possibilities than either hand-holding or total abandonment.

LordQarlyn

Sheiko37 wrote: »

How about comparing it to other learning pathways, why does it have to be a certification? What is the goal, paying for acronyms on your email signature, or actually getting educated information security professionals?

I agree, it shouldn't always be about the certification. There are many ways to learn and not all of them are going to have a record of some kind. In fact if you get training, it should go on your CV or at least cover letter if it is relevant to the job you are applying for. I go as far as to say what you learn outside of getting certified is imperative for doing your job well, and passing interviews.

However, on the other side of the coin, most IT positions, even many entry level ones, want applicants with certifications. DoD contracting jobs, absolutely require them, very few waivers are given. I've seen companies, not going to mention any names, bring onboard people who were obvious **** certified, only because the company needed the body with certs to get the billable hours and the rest of the staff were pressured to intensely train those guys so at the least they could fumble through their jobs without doing too much damage. Keeping in mind, DoD IT jobs are not likely anytime soon be able to be done by H1B visa applicants, I can kind of sympathize a little bit from a management perspective. TL;DR, certs can open doors that otherwise wouldn't open if you didn't have them, even if the certification industrial complex is kind of like a racket.

So then, I like to have a balance of training for certs, because they are a real world, verifiable achievement of progress, and training that may not get you another alphabet soup to put at the end of your name, but can still help you improve professionally. Even self studying, which has little records of any kind, should be pursued.

Blucodex

A lot of crying over this. I don't see how this is a bad thing. It'd well documented that people were taking the test in groups and paying people to take it for them. Problem solved.

You don't want someone watching you take an exam? Then don't sit for it and definitely don't attempt online college.

Iristheangel

Mike7 wrote: »

You get additional "Hack Naked" T-shirt from OffSec.

I have one of these shirts...

datakan

meni0n wrote: »

I am aware of the slogan, I did pass the exam after all. I just expected to have at least the tools mentioned in the exercises to be working properly and not go hunt down fixes on the forums.

If you can't even figure out the pdf I highly doubt you have an OSCP.

meni0n

datakan wrote: »

If you can't even figure out the pdf I highly doubt you have an OSCP.

I can figure out the pdf just fine, I just didn't want to spend unnecessary time fixing things that should have been fixed for a course. I didn't have all the time in the world to spend doing the course and fixing things with a family and a full time job. Other than that, take what you think and shove that and your superiority complex up your behind.

ottucsak

The errata on the forums addressed most of the problems I faced during the lab exercises and I was using course materials from 2015. I'm not saying that it can't be better, but it doesn't require too much time to sort everything out. OSCP requires time and a lot of troubleshooting.

meni0n

ottucsak wrote: »

The errata on the forums addressed most of the problems I faced during the lab exercises and I was using course materials from 2015. I'm not saying that it can't be better, but it doesn't require too much time to sort everything out. OSCP requires time and a lot of troubleshooting.

Indeed, but it shouldn't take too long for them to fix the issues. It's a paid course, it shouldn't be up to the student to fix errors. If they know about them, they should just fix them. Also, I tried to do the exercises without any forum assistance and after a few hours of trying to figure out why something wasn't working, you go to the forum and there is a fix and it's a known issue. If it's been known for more than a few months, why not fix it instead of relying on a forum post. ​It just felt lazy.

Again, I'm not saying it was difficult. it's just the principle. If you're doing it, do it properly the first time and not provide a half ass method of a forum to fix issues you know exist in your course material.

ottucsak

I have to agree with you there. Some of the fundamental tools are broken in the current version of the official VM: Metasploit, msfvenom, enum4linux and everything that relies on the installed samba version, yet there haven't been an update in almost a year.

it's shitty, but I accepted that Offensive Security certs/courses are hyped because of it's difficulty, not because of the educational value.

datakan

meni0n wrote: »

I can figure out the pdf just fine, I just didn't want to spend unnecessary time fixing things that should have been fixed for a course. I didn't have all the time in the world to spend doing the course and fixing things with a family and a full time job. Other than that, take what you think and shove that and your superiority complex up your behind.

Complete BS. Its a handful of typos in a document that is impossible to keep up to date in a field that changes monthly. A huge part of the profession is correcting code and exploits, reading documentation that is out of date and figuring stuff out. You're lazy. I have a family and a job too. Its not f*cking hard. You're just being a baby. Man up and stop whining about it.

If you want spoon fed then go get a CEH or CISSP.

joneno

^^^^Dude it's not that serious calm down...be nice now.

meni0n

datakan wrote: »

Complete BS. Its a handful of typos in a document that is impossible to keep up to date in a field that changes monthly. A huge part of the profession is correcting code and exploits, reading documentation that is out of date and figuring stuff out. You're lazy. I have a family and a job too. Its not f*cking hard. You're just being a baby. Man up and stop whining about it.

If you want spoon fed then go get a CEH or CISSP.

Not sure what course material you were following but when I was doing mine, some tools for the exercises were not working at all. This is beyond a simple typo. I brought up a point a while ago and you reply just to insult me by insinuating I did not earn my OSCP and then you get angry and insult me again. I'm not the one that has to man up here. If you can't hold a conversation other than just to insult other people that don't hold the same opinion as yourself, maybe it's better to just keep it to yourself.