Review of Offensive Security - Penetration Testing with Kali linux
Back in 2014 I started reading about Offensive Security flagship course PWK and companion exam OSCP.
The certification was like a watershed, or at least I felt that way. Not between pro and beginner, more like between who Suffered, felt Pain, and saw Ghost (pun intended)and the others.
Reviews was very good and talking with people forced me to start the journey.
The course covers all the basic for penetration testing, from scanning to writing (very) simple exploit. It’s a base one, don’t expect to be “production ready” after this.
Given I’m writing this review a bit late (it’s mid 2020) and recently PWKv2 came out, I feel it doesn’t make sense to write a full review here, so I will just give you my view on this.
Time changes, and OSCP is not groundbreaking anymore. Talking with people, I still feel their sufferance (pun intended again), but we have other places where we can feel even more pain (HTB anyone?).
What’s still true is that the lab has the same quality: historical boxes are present, but offsec staff work to add new boxes from time to time.
And if you take your time to pop all the boxes you can be quite sure you will pop a lot of boxes in real life.
It’s still true that, based on my experience on tenders, OSCP is one of the most requested certification.
The exam, as you should already know, is the part I prefer: 24hrs of full immersion to pop some boxes, and the same time to write a detailed and professional report.
You can find some resources online with a list of boxes similar to PWK/OSCP ones, for example at HackTheBox, or VulnHub, or VirtualHackingLab, so I’m not giving you any list. My advice is to register to one of these platforms and try to pwn medium/hard boxes, that will be more than enough.
I’m quite sure I would suggest PWK to all newcomers and junior in 2020, not because it makes you a real pro (you have to start developing your own method, but it will not be enough) but because of the lab and the exam.
They’ll have more issue by handling the exam itself than every other course step, and this will make them tougher.
After that, they’re ready to get their bones broken again :)