Offensive Security - CTP Retired, NEW OSCE, 2 New courses

chrisone

I missed the news last week on this one. But here it is.

In summary:

• October 15, 2020 will be the last day students may register for CTP.
• Students who hold an OSCE will continue to be OSCEs – we are not taking away your certification or requiring you to recertify.
• Two new courses will be released over the end of 2020 and the beginning of 2021, each with their own certifications.
• These two certs, plus the OSWE certification gained from Advanced Web Attacks and Exploitation, will comprise a new, updated OSCE certification.

Following that release, we started focusing on the remaining two areas:

• A new course that focuses exclusively on Windows userland exploit development
• A second new course that focuses on more advanced and modern pentesting techniques that cover AV avoidance, lateral movements, and so on

First course to be released will be the Advanced Pentesting course in a few months.
You will require all 3 courses to obtain OSCE, a new, updated OSCE certification will be created (with a revised certification name).

Elitis

Was starting to wonder when you'd post this. I think the OffSec fanbase (or at least the ones on the forums and reddit page) turned me off from Offensive Security, but I'm genuinely excited for the "Advanced Pentesting" course. It sounds like a red teaming course to me. I think at some point in the near future, I'll look at taking the other 2 courses as well for that brand new OSCE cert. 

yoba222

One thing I noticed is that OSCP doesn't seem to be a prereq at all for diving into the newer three to gain OSCE.

chrisone

@Elitis - Agreed the Advanced Pentesting course (although late to the red team cert field) does look like a Red Team course. We will be able to compare the syllabus to Pentester Academy, eLearnSecurity, and Zero Point Security. 

@yoba222 - True, I don't see any enforced pre-reqs. However I am sure they will recommend anyone to have OSCP skill level as a pre-req. 

I will be looking at the advanced pentester course and the exploit course for 2021. Then OSWE for 2022. 

Elitis

I'm excited to see how it compares to the other established red team courses. Even more excited to see the labs. It'll probably be a 2021 purchase for me as well.

yoba222

I had anticipated going down the eLearn route right about this point in my career. Between the new OSCP, the new AWAE, and now the other two courses, I'm heading towards an all Offensive Security training route over the next 1-2 years more and more.

Elitis

So the course names may have been revealed on the FAQ page: 

However, we are retiring the existing OSCE certification and introducing a new certification which can be earned by completing the three aforementioned courses: Advanced Web Attacks and Exploitation, Evasion Techniques and Breaching Defenses, and Windows User Mode Exploit Development.

chrisone

@Elitis , Yeah that seems to be the case. Although "Windows user mode exploit development" seems a little weird but I guess its a reference to attacking applications from user mode which is to be expected. 


@yoba222 , It all depends on your goals. Are you doing nothing but offensive job duties? then your offsec cert journey is a great one. Do you primarily do blue team? then elearnsecurity is the better choice. I can tell you the IHRP and the THPv2 courses are very well done. The THPv2 I am just finishing up and it was an amazing course! Those two courses alone have done more for my BlueTeam skill-set/career than ecppt or oscp. 

In any case, the red team courses will always help you out if you are a blue teamer. 

Also to add here, we are yet to see the syllabus for offsec's red team course, in order to compare it to ptxv2/pentester academy/Rasta/etc. eLearn's PTX still may be a better course....you never know. 

yoba222

chrisone said:

@yoba222 , It all depends on your goals. Are you doing nothing but offensive job duties? then your offsec cert journey is a great one. Do you primarily do blue team? then elearnsecurity is the better choice. . .

I usually get stuck on one of the longer-term clients doing blue team type things. and then pentests/web app assessments like 2-3 times per year. Though next week I'm on  a pentest. I think if I want to break away from the blue team client work, I need to up my game on the red team side and demonstrate this when I do get red team work.

chrisone said:

. . . I can tell you the IHRP and the THPv2 courses are very well done. The THPv2 I am just finishing up and it was an amazing course! Those two courses alone have done more for my BlueTeam skill-set/career than ecppt or oscp. . . .

Really? Interesting. I really do prefer eLearns pay by the hour sort of structure compared to OffSec's pay by the day.

JoJoCal19

chrisone said:

Also to add here, we are yet to see the syllabus for offsec's red team course, in order to compare it to ptxv2/pentester academy/Rasta/etc. eLearn's PTX still may be a better course....you never know. 

I actually would have thought there could be a chance of that being the case before, however since OffSec hired true leadership and has been acting more corporate/professional (website redesign, course redesign and improvements (see AWAE relaunch plus the quick v2 improvement, OSCP), VulnHub acquisition, improved marketing, improved customer service), I don't think that will be the case. I decided to pay for the PWK upgrade and holy crap, what an absolute improvement. THAT is what PWK should have been all these years. I have a feeling that the new courses are going to blow everyone's expectations away.

Having said all that, I am tempted to purchase the existing CTP course to lock myself into the single course route. But then again I feel that the new courses will be so much more improved like how they did PWK.

Also, @chrisone   damn man, you're killing it this year. On an absolute tear through those certs. Much props. I've been on the struggle bus. Covid crap and the kids being home since March, plus learning new job, it's been hard. I've only done the OCI Foundations cert this year  

chrisone

@JoJoCal19 , l hope the course\exam is really up their in expertise. I agree with you, their new management is very impressive! I have high hopes. By the time I tackle that "Evasion Techniques and Breaching Defenses" I would have 2 and 1/2 years of red team course\cert experience (SpecterOps Adversary Tactics Red Team, CRTP, PTXv2). My plan is to only buy the 30 day lab and hopefully pass within that timeframe, well see. 

Man I totally get it with COVID and kids being home. I know its hard. I dont have kids yet but I am recently married and we plan on starting to have kids end of 2021.  

I had a very productive year, filled with wins and losses. Pretty much been an everyday study for certs. I am getting tired don't get me wrong. I am also targeting 2021 to be my last year for certs. I plan to do the offsec "evasion and breaching defenses" (by Feb) and the "user mode exploit" course by (Summer) for 2021. I should have time to start OSWE around August/September 2021. Most likely I wont be able to finish the last cert until first quarter of 2022 which is ok. I see myself spending 5-6 months on each the user mode exploit & OSWE certs respectively. But I think I am calling it quits after I get that new OSCE. 

After 2 years of a break, I may look at only 1 cert, a CISSP-ISSAP , SABSA, or some ISACA cert sometime in 2024 just for a more seniority look to my resume. I may be looking at more of an Architect role around that time. But I may just stick with my cert retirement after getting the new OSCE lol

PS. Impostor Syndrome is a serious thing lol 

Elitis

Looks like the advanced pentesting course has been announced: https://www.offensive-security.com/pen300-osep/

Evasion Techniques and Breaching Defenses (PEN-300) is an advanced penetration testing course. It builds on the knowledge and techniques taught in Penetration Testing with Kali Linux, teaching students to perform advanced penetration tests against mature organizations with an established security function.

As a general rule, it will not specifically deal with the act of evading a blue team but rather focus on bypassing security mechanisms that are designed to block attacks.

This makes it sound like it's not a red teaming course, but then it goes on to say

Students will learn how to:

• Bypass defenses
• Perform advanced attacks while avoiding detection
• Compromise systems configured with security in mind

So, maybe a step under PTX, CRTP, CRTO. Guess time will tell. I've still got PTX to get through and I want to eventually go through Security Blue Team's BTL1, so maybe I'll look into doing this one next year some time. Anyone else going to be taking it?

chrisone

I just saw the email a few minutes ago. The syllabus tells a different story. The course looks loaded with red team activities and evasion techniques.

https://www.offensive-security.com/documentation/PEN300-Syllabus.pdf

• Operating System and Programming Theory
• Client Side Code Execution With Office
• Client Side Code Execution With Jscript
• Process Injection and Migration
• Introduction to Antivirus Evasion
• Advanced Antivirus Evasion
• Application Whitelisting
• Bypassing Network Filters
• Linux Post-Exploitation
• Kiosk Breakouts
• Windows Credentials
• Windows Lateral Movement
• Linux Lateral Movement
• Microsoft SQL Attacks
• Active Directory Exploitation

It looks like a very solid course with evasion and red team engagement. Price is not bad. 

PEN-300 course + 60 days lab access + OSEP exam certification fee	$1299
PEN-300 course + 90 days lab access + OSEP exam certification fee	$1499

My first initial thoughts, I feel impressed and if I had the money I would take it in 2021. I don't have any monies right now, still finishing THPv2 and PTXv2. Looking to do some heavy Azure & O365 skill development in 2021 as well. I like the course a lot I just don't really do much red teaming for my day to day. It will be really tough to get this course into my schedule for 2021. Time will tell and schedules always change. 

Edit: Looks like Offsec leaked the next course on twitter.

"Windows Usermode Exploit Development (EXP-301) is coming in early 2021. That's all we can share for now." OSED