Offensive Security Certified Expert

  2015-07-06


Intro

Try Harder! Today I finally received my OSCE certificate in the mail. So, I thought I could share my past experience in a few sentences.

Exercises

Most of the exercises cover exploit development. Web security and network attacks complete the picture. One of my favourite topics was AV evasion.

Everything is documented quite well and easy to follow. Even though the course material is covered with dust, it provides a good introduction. These basics still apply today. OSCE is an intermediate course. Consequently, current protection mechanisms, e.g., ASLR might be too much to cover.

Exam Preparation

During the exercises I simply had to follow the instructions provided in the manual. I felt, that this would not be enough to pass the exam. I wanted to get more familiar with the whole process of exploit development.

For some exploits the vulnerable binary can be downloaded from exploit-db. These provide an excellent practice playground. Additionally, the exploit-execises with protostar provide another magnificent learning experience. They helped me getting more familiar with the different exploitation techniques. Protostar covers stack overflows, heap overflows, and also format string attacks. Furthermore, the tutorials of FuzzySecurity 2.0 proofed quite worthwhile. The corelan exploitation series also provide excellent material for exploit development. All these resources provide quite some material. After a lot of exercise I finally had the guts to schedule my exam.

The Exam

For the exam you have to prove your skills in 48 hours. In additional 24 hours you have to hand in the documentation. The topics of the exam are quite obvious, after completing the exercises.

Unfortunately, I did not pass the exam on the first try. The first few targets fell quite fast. Yet, I had a tough time of it with the last target. I was lacking creative ideas to obtain enough points to pass. Yet, I tried harder and after some months had the time to retake the exam. This time I did pass.

Conclusion

The Offensive Security Certified Expert certification was quite a challenge. A challenge that is really worth blood, sweat and tears. If you think about doing a medium certification in information security, cracking the perimeter is definitely the right choice. I will Try Harder!

Try Harder!

Resources