From 0 to OSCE³: My Learning Journey
0x00 My Journey
For anyone preparing for the exams or planning to take them, a major concern is likely the difficulty level of OSCE³. To share from my own experience: I work in finance, without an IT background, and my knowledge of computers and programming was self-taught during my free time. Under these conditions, I spent six months studying and earning my OSCP, and then less than a year to prepare and complete the three certifications required for OSCE³. Overall, I don't find the exams overly challenging; as long as you study the materials and complete the exercises, the exams won't contain anything out of scope.
Below, I'll provide a brief review of each exam.
0x01 OSCP
I passed the OSCP on my second attempt. During the first exam, I quickly completed a standalone machine and gained initial access to the first machine in the AD(Active Directory) environment. According to the previous exam rules, I had a 10-point bonus and only needed to complete the AD environment and one standalone machine to pass. So, I went all-in on the AD machine, spending most of my time attempting lateral movement without shifting focus to the other two machines. My biggest regret is that, about 30 minutes before the exam ended, I discovered a clue for lateral movement and managed to gain full control of the second machine, but the exam time was already up. This failure left me feeling regretful for a long time and made me reflect on the inadequacies in my AD enumeration approach. In the second exam attempt, I managed to pass smoothly and quickly.
While OSCP is considered Offsec's introductory content, I believe it's quite challenging. OSCP covers fundamental penetration testing processes, from information enumeration to exploitation and post-exploitation. It requires not only mastering each technique but also developing a methodology to think from a higher perspective.
0x02 OSEP
The OSEP exam was relatively smooth, and I didn't encounter any significant roadblocks. However, I personally consider OSEP to be the most challenging among these certifications. The exam simulates a complex internal network environment, covering nearly everything taught in the course. Since it's a black-box penetration test, all clues and content must be discovered independently. The process isn't simple or linear, demanding meticulous enumeration skills and creative, lateral thinking.
0x03 OSWE
I found the OSWE exam relatively simple. The exam requires identifying vulnerabilities through code auditing and then writing exploit scripts. Using basic black-box testing and white-box code auditing, the vulnerabilities aren't difficult to find. The focus is on linking the vulnerabilities together, forming an exploit chain, and weaponizing the exploit with properly written code.
0x04 OSED
Many people believe OSED is the most difficult, but I think its challenge lies mainly in understanding assembly language. Often, the real difficulty is overcoming the intimidation of binary, assembly code, and reverse engineering.
When I first started studying, assembly operations felt overwhelming.
Fortunately, while studying the old OSCP materials, I had practiced
basic Buffer Overflows, so I was familiar with stack overflow principles
and exploitation techniques. OSED builds on basic stack overflow by
adding DEP and ASLR bypass techniques, with a focus on mastering ROP
(Return-Oriented Programming). I have to say, when I first saw this
exploitation process, I was truly impressed!
In the exam, I skipped the reverse engineering question and focused on the other two, which were relatively similar to the course material. Luck was on my side, and I passed on the first attempt.
0x05 Summary
The OSCE³ learning journey has been incredibly rewarding. More than the exams themselves, the entire learning process has offered me greater gains, including the development of goal management and time management skills, the improvement of problem-solving abilities, and the psychological resilience to face challenges. All of these contribute to personal growth.
Key mindsets to remember:
• Always Enumerate
• Think outside the box
• Try Harder!