Passed Offensive Security Certified Expert (OSCE)

I wanted to take a moment and post about my experience with taking, and passing, the Offensive Security Cracking the Perimeter/OSCE course to add another few data points to the forum about my experience.

The Course

Some might argue that the course material is getting a bit dated, as a lot of the techniques are a bit older. I would still disagree with that after having taken the course. While it is true that a lot of the techniques learned/explored in the course are not cutting edge I was blown away at how relevant they still are. For example, I supplemented additional exercises in the course with attempting to locate zero days in "current" software and was amazed at just how many applications are still built for x86 without SafeSEH, DEP or ASLR being enabled on the libraries, etc. So while the course is a bit older I still found it very useful! Plus, I was actually able to find a few zero days in some older software that I am in the process of responsible disclosure on right now!

How I Prepared

OSCP: While this is not strictly required in order to pass the OSCE, I would still highly encourage going through it first. It absolutely gave me a leg up on several of the areas in the CTP.

SLAE: I absolutely can not stress enough how much this course helped me in preparing for the OSCE. If you are not already completely comfortable slinging custom shell code then truthfully, this is going to be the best money you can spend in preparing for this. I absolutely think taking this course is directly related to me passing on my first try. See my previous post about taking the SLAE here: http://www.techexams.net/forums/security-certifications/132948-passed-securitytube-linux-assembly-expert-slae.html

VulnServer: I fuzzed and broke vulnserver in every single way that I could think of, and the time that I spent on it was absolutely paid back to me ten fold, I highly recommend it. Here is a link to my GitHub for the vulnserver exercises/exploits if you would like additional information on it: https://github.com/securitychops/exploits/tree/master/vulnserver/windows/x86

Zero Days: I spent more hours than I care to tell you just sitting at my computer in a Windows XP SP3 Virtual Machine fuzzing older applications that I found on places like Tucows and MajorGeeks. In the end it was time well spent again, as each of those exploits/zero days taught me a world of information I otherwise would not have known!

Conclusion

Again, I am super excited to have passed this and would recommend it to anyone who has any interest in exploring more about exploit development!

My plan at the moment is to take a few weeks off and then roll directly into the x64 version of the SLAE: x86/64 Assembly and Shellcoding on Linux « SecurityTube Training

After the SLAE64 I can only hope to be lucky enough to figure out a way to go for the OSEE ... but that is a problem for another day!

Find more posts tagged with

Comments

TeKniques

Congratulations - there's some hope that Offensive Security will offer AWE/OSEE online soon. Good luck on your next adventure!

COBOL_DOS_ERA

Congrats!!!

CyberCop123

Nice! Well done.

Good post too, very informative. If I ever choose to do this I will definitely have to do some leg work first. Although I've done my OSCP I barely use it as my job doesn't involve it at all.

The SLAE sounds really good and very beneficial

LonerVamp

Congrats, and thank you for the post! Some really good information in here!

averageguy72

Congrats!

MitM

congratulations!

kurtkobaindt

congrats...nice journey

u1tras

Congrats! You have done a great job! Respect for Zero Days!

securitychops

@TeKniques: Thanks and I like the sound of that rumor since it being online would make it much simpler to get it done for sure!

Thanks everyone for the positive feedback, if anyone reading is on the fence and can already get through Offensive Security Online Security Training Challenge without any help then go for it!

chrisone

woah! that is epic! congrats man! ottosack and myself are right behind you!