OSCP First 3 months Thoughts

My OSCP Course and Lab time officially ended on the 20th of July 2019 and it took me this long to finally write my thoughts.

There are already alot of blogs out there focusing on the OSCP course from a Cyber Security Professional perspective.

This post will be from the perspective of a Network Engineer and how much of my previous Network Engineering experience would apply when going through the OSCP course.

OSCP Course Syllabus

Offensive Security recommends, as a prerequisite, that you have a:

  1. Solid understanding of TCP/IP networking
  2. Reasonable understanding of Linux
  3. Familiarity of Bash scripting with basic Python and Perl a plus

Solid understanding of TCP/IP networking isn’t just prerequisite for me it’s my job as an experienced Network Engineer.

Reasonable understanding of Linux isn’t much of an issue for me, considering the fact that numerous networking solutions runs off Linux anyways.

Familiarity with scripting languages is a different story. I don’t get to do many tasks as a Network Engineer that requires scripting which puts me at a slight disadvantage in terms of proficiency. However, a semester doing Computer Science in Uni did taught me how to read and write basic code in C which came in handy when customizing exploits for use.

The OSCP course covers the following topics:

  • Passive Information Gathering
  • Active Information Gathering
  • Vulnerability Scanning
  • Buffer Overflows on Windows and Linux
  • Working with Exploits
  • File Transfers
  • Privilege Escalation
  • Client Side Attacks
  • Web Application Attacks
  • Password Attacks
  • Port Redirection and Tunneling
  • Metasploit Framework
  • Bypassing Antivirus Software

As you can see from the course syllabus, most of the tools and services used are pretty much a Network Engineer’s bread and butter. Rather than using it to administer a network, you will be using the same tools to enumerate the target and use the information gathered to exploit vulnerable network services.

The Easy Part

The easy part of the OSCP course would be using the tools such as wireshark, TCPDump and nmap that Network Engineers are already familiar with to gather information and build up a detailed map of the network.

The Difficult Part

If you have not done any sort of programing before, you might have difficulties in the Buffer overflow and Working with Exploits section of the course as you will be spending alot of time examining and customizing exploit codes to work on your target machine.

Web Application attacks like SQL Injection also took me awhile to get through as I don’t really deal with Layer 7 applications on a day-to-day basis as a Network Engineer.

Why should you do it?

No matter what IT profession you are in, the tools and techniques taught in the OSCP course will hopefully show you why certain best practices have to be implemented or make you question why things are done in a certain way in your environment.

Key takeaway for me is that I can see how an attack takes place beyond Layer 4, rather than an attack against Layer 3 which us Network Engineer are familiar with.

I read Vendor Security bulletins through a whole different perspective as I now know how exploits work and where to find them, placing me in a unique position to accurately determine the likelihood of a vulnerability being successfully exploited on my network.

I may or may not use everything learnt from the OSCP course but it certainly has made me look at a network from both an engineer/administrator and malicious actor’s perspective.