Orignal Content Source: https://medium.com/@passyourcert24/osce-vs-oscp-certification-make-which-one-is-best-for-your-career-f5473d407813
OSCP and OSCE are two of the best and most widely used technical certifications in cybersecurity. Many skilled penetration testers around the world are chasing it and working even harder to pass their arduous exam, and I was once one of them.
The OSCE and OSCP Certification are quite different, particularly in terms of the level of knowledge required to take the exam. As a result, knowing the differences between them and which one is best for you is essential before embarking on your journey.
The following table summarises the key differences between the OSCE and OSCP certifications:
Course content differences
In terms of content, I believe that the OSCP and OSCE certifications are complementary. However, while both certifications focus on new aspects and techniques of penetration testing, they complement each other in some ways.
OSCP material
The OSCP certification is more focused on the following topics:
Enumerating and scanning
examining, repairing, and modifying public exploit codes
Privileges are being escalated in as many ways as possible.
Using SQL injection and file inclusion to obtain RCE
Learning the pivoting techniques
The first and most important aspect of OSCP that tries to force students to master is information gathering and enumeration. If you ask any OSCP supervisor for a hint while doing the lab, the first thing he will tell you is to keep enumerating.
I cannot emphasise this enough: enumeration is the key to OSCP certification success. In fact, it is always the key to discovering vulnerabilities in real life, which is why OSCP focuses on it.
One of the most valuable lessons you learned from OSCP was how to analyse and modify public exploits. That incompetent penetration tester doing an exploit against the client machine without knowing what it's doing is one of the craziest things I've ever seen. The OSCP team is aware of this and works hard in this certification to make people aware of it by selecting appropriate exercises.
In the certification, I've noticed that a large percentage of the scenarios in the lab are based on web application vulnerabilities. This is comprehensive because most real-world penetration occurs through a vulnerable web application.
OSCE content
The OSCE certification focuses more on the following subjects:
Debugging Windows binaries
Creating exploits
Backdooring executables
Bypassing Antivirus
Advanced exploitation of XSS to gain RCE
As I mentioned at the outset of this blog post, the OSCE certification was designed to teach penetration testers one of the rare skills of creating exploits and tools. The main goal of this certification is to teach you the fundamentals of thinking outside the box and discovering new ways to penetrate a network.
Backdooring executables and evading antivirus is a critical skill for a penetration tester to possess. This ability will come in handy, particularly when dealing with an external penetration test. In most cases, you have only two options in this situation. The first is to find a zero-day vulnerability, which will take a long time, or to use phishing techniques while backdooring files and bypassing Antivirus.
Exam differences
To pass the OSCP certification, you are given five machines with varying situations that you must penetrate in order to find flags and then submit them. Depending on how many points you get from exploiting the machines, you may be able to pass the exam with as few as four machines. To pass the exam, you must obtain 70 points out of a possible 100.
After passing both certifications, I noticed that the OSCE exam is more structured, in that you know what you need to do next, as opposed to the OSCP exam. Most exercises in the OSCP certification lack structure.
In many cases, you'll reach a point where you've done everything you know and still don't have the first access point or a way to escalate privileges. That has been the most frustrating aspect of OSCP for me.
If you complete a good lab report and send it to the Offensive security team, you will receive a 10 point bonus on the OSCP exam. I know it doesn't seem like much, but believe me when I say that you can fail an exam for less than that and wish you had sent the report to get those 10 points.
Because the knowledge required to pass the exam is more complex, the OSCE certification is the next step after the OSCP certification.
I'm sorry, but I can't say anything else about the exam because it violates the Offensive security rules. However, all I can say is that you must put in a lot of effort to become certified. These two certifications are not similar to QA exams. It will be so difficult that you will begin to doubt your abilities.
Certification value
Both certifications are among the best and most widely used by cybersecurity professionals. Someone who holds the OSCE is highly respected because it serves as proof of competence. I'm not saying this because I have these two certifications, but trust me when I say you can google them both and see what other people have to say about them.
They get this value from years of giving a difficult exam. Many other certifications on the market have excellent course content, such as the SANS course, but the exam format is QCM. Besides that, the cost is prohibitively expensive, with only corporations able to afford it.
Employers are also aware of this certification, and it is becoming a requirement in job offers. I believe that in the coming years, people will prefer OSCP Certification more.
Comments