The OSCP | Penetration Testing With Kali Linux

I’ve spent the last few months working through the Penetration Testing with Kali Linux course by Offensive Security which has been an awesome learning experience.

Much has been said on this course and I’ll only briefly go over my experience and takeaways. The following reviews were helpful in making the decision to take the course.


For a little preview of what’s involved, check out the free Metasploit Unleashed course.

Material, Course, and Exam

After completing the 300+ page pdf material, muts-narrated videos and exercises, I focused my attention on the lab. It is at this point, when the course turns from a more academic focus to an applied and practical nature, that the magnitude of what one is learning begins to sink in. A lab with nearly fifty diverse machines across multiple networks awaits with no further instructions. But with enumeration comes vulnerable machines, and each machine is different. Some are simple to exploit, some are difficult, some are incredibly frustrating. Every one is rewarding.

Several months later, after getting root or system access on nearly every machine, and completing a final lab penetration test report of over two hundred pages, I felt ready for the 24 hour exam. Exam day had me giddy as a little kid and went smoothly. Ten hours in I had enough points to pass but I spent another eight hours attempting to privilege escalate my way to system on one remaining machine. I eventually succumbed to exhaustion knowing I had more than enough points to pass and wishing to be functional the next day to write up my exam report.

Several days after submitting the exam report along with my final lab report, I received the much-anticipated email stating that I had passed the exam and now held my Offensive Security Certified Professional certification. I have mixed feelings about the value of certifications since just about anyone can take a test and pass. But this one - this one a person has to work for.

A few take aways

Document, document, document


Enumeration is key


Post exploitation is paramount


Utilize the admins


Commit the time


I think the only dissatisfaction I experienced was while working on a exploiting a machine while another student was attempting to do the same and continually reset the box wiping out any steps taken to obtain a shell for instance. This was rare, though.

Overall, this was an awesome learning experience. If you’re thinking about doing it, and you have the time to dedicate, there is no question: just do it. If you actually want to learn and understand the material, rather than just memorize a bunch of information as is the case with so many other certifications, this is for you. It’s affordable, lab time is easily extended, admins are almost always available, and the cost is not prohibitive.

Thanks Offensive Security and team for putting together such a fantastic course.