About

An OSCP, by definition, is able to identify existing vulnerabilities and execute organized attacks in a controlled and focused manner, write simple Bash or Python scripts, modify existing exploit code to their advantage, perform network pivoting and data ex-filtration, and compromise poorly written PHP web applications.

Offensive Security Certified Professional is an ethical hacking certification offered by Offensive Security company that teaches penetration testing methodologies and the use of the tools included with the Kali Linux distribution (successor of BackTrack). The OSCP is a hands-on penetration testing certification, requiring holders to successfully attack and penetrate various live machines in a safe lab environment. It is considered more technical than other ethical hacking certifications, and is one of the few certifications that requires evidence of practical penetration testing skills.

Audience profile

• Infosec professionals transitioning into penetration testing
• Pentesters seeking an industry-leading certification
• Security professionals
• Network administrators
• Other technology professionals

The course leading up to the OSCP certification was first offered in 2006 under the name "Offensive Security 101". Students expecting a 101 course were not prepared for the level of effort the course requires, so the name was changed to "Pentesting With BackTrack" in December 2008, and again to "Penetration Testing With Kali Linux" when the BackTrack distribution was rebuilt as Kali.

The course covers common attack vectors used during penetration tests and audit.

Topic Exercises:

• Getting Comfortable with Kali Linux
• Command Line Fun
• Practical Tools
• Bash Scripting
• Passive Information Gathering
• Web Application Attacks
• Locating Public Exploits
• Fixing Exploits
• Privilege Escalation
• Vulnerability Scanning

Prerequisites

• A solid understanding of TCP/IP,
• networking,
• and reasonable Linux skills are required.

This course and online lab prepares you for the OSCP certification:

• 24-hour exam
• Proctored
• Learn more about the exam

OSCP holders can:

• Use multiple information gathering techniques to identify and enumerate targets running various operating systems and services.
• Write basic scripts and tools to aid in the penetration testing process.
• Analyze, correct, modify, cross-compile, and port public exploit code.
• Successfully conduct both remote and client side attacks.
• Identify and exploit XSS, SQL injection, and file inclusion vulnerabilities in web applications.
• Deploy tunneling techniques to bypass firewalls.
• Demonstrate creative problem solving and lateral thinking.