OSCP - How many months did it take?

010101

I'm a long time lurker, first time poster.

I'm curious for those who've passed the Offensive Security OSCP certification, how many months did you spend studying for it?
I know there's a million variables in terms of a-priori knowledge of hacking, but still curious if there's a rough average that it takes.

I just finished my CISSP which took me around 13 months. I'm hoping the OSCP won't take that long.....



.

Bodanel

I'm also interested in this. Pleas fellow OSCP's share with us how log did it take.

jasong318

I took the 60 day option and ended up extending for another 15 days. I really didn't due any prep before, but spent about 3 weeks before I took the exam (the first time) going against vulnerable VM's. In between the first and second exam attempt was about two weeks, I spent that time working on buffer overflows.

ehnde

A coworker signed up for 1 month and didn't complete it. He could have completed if he did the 60 day....

Other than that, he said that you need to understand bash, python, and some assembler would help.

YuckTheFankees

If you are new to pentesting, I would get 90 days. I know 15+ people who have taken it, the more lab days you can get, the better.

lsud00d

How extensive is the python? I'm fairly versed on bash and have been looking into python but am still running through tutorials.

YuckTheFankees

If you can read and understand Python, you should be fine...because you'll need to be able to read an exploit and modify it to fit the system you are going after. Knowing how to write basic python scripts will help automate a lot of recon work, which in turn will save you a bunch of time!

webgeek

YuckTheFankees wrote: »

Knowing how to write basic python scripts will help automate a lot of recon work, which in turn will save you a bunch of time!

Thanks for the tip! Going to take a python class before jumping into OSCP.

the_hutch

In my opinion, modifying the perl and python scripts are pretty straight forward. Its compiling the exploits written in C that get kinda messy. The question of how long it takes really depends on how much time you have to dedicate. With a lot of other things going on...I'm truckin through it pretty slow. I did the 90 days option and I already know I'm going to have to extend. Fortunately, the lab fees are reasonable (and I work on a miserably low enlisted military salary).

impelse

the_hutch wrote: »

In my opinion, modifying the perl and python scripts are pretty straight forward. Its compiling the exploits written in C that get kinda messy. The question of how long it takes really depends on how much time you have to dedicate.

This is true, compiling in C and make it work is the most difficult part for this training.

r0ckm4n

010101 wrote: »

I'm a long time lurker, first time poster.

I'm curious for those who've passed the Offensive Security OSCP certification, how many months did you spend studying for it?
I know there's a million variables in terms of a-priori knowledge of hacking, but still curious if there's a rough average that it takes.

I just finished my CISSP which took me around 13 months. I'm hoping the OSCP won't take that long.....



.

It's a great course and a tough exam. I studied for the CISSP for 3 months, but the OSCP has taken longer. I have been working on it seriously for 6 months. Prior to that I wasn't getting enough time in on the course.

Master Of Puppets

This kinda makes me wonder how much time OSCE takes

docrice

It's a dream of mine to take PWB one day but it's such a major time commitment, one that I can't easily make anymore due to a demanding work schedule. I envy the rest of you who are going through it.

r0ckm4n

docrice wrote: »

It's a dream of mine to take PWB one day but it's such a major time commitment, one that I can't easily make anymore due to a demanding work schedule. I envy the rest of you who are going through it.

It took me two to three years to finally take PWB, it is definitely worth it.

the_hutch

Just scheduled my exam for June 22nd!!! Two weeks from now

r0ckm4n

the_hutch wrote: »

Just scheduled my exam for June 22nd!!! Two weeks from now

Good luck! I am taking it that same day.

YuckTheFankees

Good luck to the both of you!

r0ckm4n

YuckTheFankees wrote: »

Good luck to the both of you!

Thanks!

ipchain

Hey, wait a second...you two are not taking it together, are you?

Just kidding, good luck to both of you.

dmoore44

Best of luck to the both of you - we'll be waiting to hear your non-NDA violating thoughts afterwards!

Master Of Puppets

Good luck, have a blast!

the_hutch

Haha...to be honest, I'm considering this a trial run-through. While I intend to have my documentation ready (in case I do pass), I really just want to lift the veil over all of the mystery surrounding this test. I want to experience it for myself. Then I'll probably take another month or so to prepare (knowing better what I'm preparing for). Then I'll take it again. Good luck r0ckm4n

r0ckm4n

Thanks, guys! This has been a great course, but I am ready to pass the exam.

Justin, I think you will do well on the exam.

the_hutch

Just popped my first box outside the public servers. Working my way through the IT dept now. Pivoting is seriously a pain in the ass. Everything takes like 10x as long :-/... From what I've heard, no pivoting on the exam, but I guess I'll see.

Master Of Puppets

the_hutch wrote: »

Haha...to be honest, I'm considering this a trial run-through. While I intend to have my documentation ready (in case I do pass), I really just want to lift the veil over all of the mystery surrounding this test. I want to experience it for myself. Then I'll probably take another month or so to prepare (knowing better what I'm preparing for). Then I'll take it again. Good luck r0ckm4n

Not a bad idea at all, IMO. I've been thinking of doing that just so that I can see what the exams is like. Also, I'm quite curios to see how well I can do without preparing, with just the skills I have now. The thing is that the plan is to complete my Cisco certs(which is a lot) and get into the OSCP after that.

the_hutch

HUGE CONGRATULATIONS to r0ckm4n for clearing the OSCP challenge this weekend!!! Good job man...I know you've put a lot of time into this thing, so very much deserved

Killj0y

Congrats r0ckm4n!! You have definitely put a lot of time and effort into the course. Congrats again! What is next?

r0ckm4n

the_hutch wrote: »

HUGE CONGRATULATIONS to r0ckm4n for clearing the OSCP challenge this weekend!!! Good job man...I know you've put a lot of time into this thing, so very much deserved

Thanks, Justin! It was a very tough and very educational experience. It felt great to pass and this is my most coveted cert.

Now it's your turn! I look forward to your good news.

r0ckm4n

Killj0y wrote: »

Congrats r0ckm4n!! You have definitely put a lot of time and effort into the course. Congrats again! What is next?

Thanks, Killj0y! The old saying goes "you get out of something what you put into it". I got a lot more. A very great experience and I highly recommend this course. The lack of help you get from Offsec definitely forces you to learn.

I purchased eLearnSecurity's Web App Pen Testing course recently since it was on sale during their course launch program, I will start on that as well as the SecurityTube Python Scripting Expert course. I would like to take the OSCE course, but I have some work to do to be at the level to start that course. Maybe I will be ready sometime next year. I am very strongly considering getting a 4 year degree. I have an associates, but I feel like a computer science degree will fill in the gaps in my knowledge and help me be a better pentester, especially on the application side.

Master Of Puppets

r0ckm4n wrote: »

I would like to take the OSCE course, but I have some work to do to be at the level to start that course. Maybe I will be ready sometime next year.

This will be epic! Also I think the idea about a degree is a good one.

r0ckm4n

Master Of Puppets wrote: »

This will be epic! Also I think the idea about a degree is a good one.

Not having a 4 year degree is the only thing that would hold me back. I have experience, certs and an associates degree.