I have planned to take the Offensive Security Certified Professional (OSCP) exam for a while but never received the opportunity. As a current international student, it is not easy to meet various criteria and principles within America. I think having a special part to play comes from the encouragement of family and others that positively motivate you. Before I go on to talk about the Offensive Security PWK OSCP challenge, I think it is worth stating that I did have some prior history with Cybersecurity. More specifically, I have been doing Hack the Box (HTB) targets for a while. I say this because this is an incredible resource that will help along the journey. A little after Tryhackme was developed. If you are like me and love taking on challenges, you will find yourself going back to these sites quite often. Special mention to Cyberseclabs, Vulnhub & PWK Proving Grounds.

Take it from me, I had no intention of doing the exam because I thought it was extremely costly, and I have not been a certification fan (Although I hold Sec+ and CEH at the time), but I enjoy seeing others succeed, especially being an ambassador to the growth of technology. I synced up at a meetup with the Cyber Security Journey group that talked solely about Cyber Security and met some incredible people with different backgrounds motivated towards security. A few days later, a discussion was raised with a study path towards taking the Offsec PWK OSCP certification in 6 months. I didn’t realize what I signed up for until it was a little too late because right after I signed up, we needed to commit at least 4 hours to do security challenges. The most valuable lesson learned, in my opinion, was to document everything as well as you can! Years ago, documentation was not as hyped as long as you can prove the end goal while doing challenges. Even with doing HTB, the object is to get in and obtain the flag.

Today there is plenty of value in documenting and recreating the steps. This skill comes to an important part as you would want to get comfortable with a note-taking application—many such as OneNote, Cherrytree, or my favorite Joplin. Additionally, creating documents helps with my awful English and puts you in the frame of mind for drafting the report as the final end-product of the Offsec PWK OSCP challenge. Utilize screenshots as you go along in doing the challenge (print-screen is your friend). Pictures help even if you do not speak English very well and visually allow others to understand. It is perhaps the most important part of the challenge! I encourage you to practice delivering writeups and reports and have others provide feedback. You can never have too much information in the report, but you can have too little, reducing your chances of passing. There are tons of resources (perhaps too much!). My advice is to set a realistic and effective schedule ON PAPER and stick to it!

Every week we would rotate study partners and expect to reach a specific chapter in the lab manual. I know everyone used a slightly different strategy, and the study group helped by allowing everyone to move at a pace that both help push one another and challenge us to come out of our comfort zones and try new things. Although the manual challenges are meant to help reinforce the material in the chapter, I opted not to do it in the essence of time (probably a mistake for me). Some areas are heavier than others, but in my opinion, I loved taking on the 90-day PWK labs a bit more and ended up completing all except for two. After talking with the group, you will find that some are easier than others and I often missed something while doing recon. I could not believe the two targets I did not have time complete were that simple to solve. I aimed at completing two lab challenges per day and at least one target on another platform. I took notes and recorded the time spent. I also tried to complete as much as possible within the 4 hours minimum without causing too much damage to my family. Along the way, you will meet new friends who really love this art, lots of rabbit holes, and you will end up losing a portion of your family time/life, especially if you are like me, working a full-time job as well as school. In the end, do not give up and do not be afraid to ask for more and more help. 

I failed my exam the first time badly. However, a month later, I attempted the exam a second time and after submitting the report, I passed. It is important to schedule your exam early to get the right time and spot you want. On a Friday evening, I took mine and used the full 24 hours, capitalizing on breaks and sleep. Then took some rest (> 8 hours) and submitted the report about 4 hours on waking up. The exam is strategically constructed to challenge all the material Offensive Security puts together, starting from the moment you first download a copy of Kali Linux to delivering a comprehensive report. A day later received notification that I passed the exam.

Yes, it is passable! I felt like it is an immersive, practical, and challenging experience. The experience will question your commitment to the field of pentesting. If you are really passionate about Cybersecurity, the PWK OSCP sets a strong standard in Cybersecurity and pentesting.