In my free time, I enjoy challenging myself to earn professional certifications for fun. Below are a few that I have earned.
The Offensive Security Certified Professional (OSCP) is an introductory penetration testing certification. It is considered the gold-standard for junior penetration testers. Students who wish to earn their OSCP must pass a 24-hour, hands on, proctored exam. I passed the OSCP back in September 2019 and greatly enjoyed the experience.
Upon completing the course, students will be able to conduct network reconnaissance, conduct vulnerability scanning, modify exploit code, and escalate privileges. Moreover, the course briefly teaches students how to exploit basic buffer overflows to obtain a remote shell.
The Offensive Security Experienced Penetration Tester (OSEP) is a much more advanced certification that OSCP. This certification tests a student’s skills to compromised hardened information systems. This course is currently the most advanced penetration testing certification offered by Offensive Security. Students who wish to earn their OSEP must first pass a 48-hour, hands on, proctored exam. I recently passed this certification in February 2021 and learned so many valuable skills.
The course focuses on exploiting an Active Directory network. There is a large amount of C# coding required. Students utilize C# to create custom MSSQL exploitation tools, custom shellcode runners, and other tooling that would be useful in a penetration test. Moreover, there is a large emphasis on antivirus evasion; upon passing the course, students will be able to bypass Windows Defender with ease. I greatly enjoyed the chapters on lateral movement and MSSQL exploitation.
Some of my other certifications are listed below: