Offensive Security Certified Expert

My experience with the CTP course and the OSCE exam

3 min read - 467 words


Try Harder! July 2015, I received my OSCE exam confirmation via mail. After trying for quite hard this was a really great achievement for me. So, I thought I could share my past experience in a few sentences.

After finishing the OSCP I was curious about the next challenge. OSCE seemed to be the right choice. I had not worked a lot with assembly in the past. Also, Cracking the Perimeter seemed like the logical next step after finishing OSCP.


Most of the exercises cover exploit development. Web security and network attacks complete the picture. One of my favourite topics was AV evasion.

Everything is documented quite well and easy to follow. Even though the course material is covered with dust, it provides a good introduction. The basics still apply today. Nevertheless, OSCE is an intermediate course. Current protection mechanisms such as ASLR might be too much to cover.

Exam Preparation

During the exercises simply following the instructions provided in the manual is enough. However, I felt, that this would not be enough to pass the exam. I wanted to get more familiar with the whole process of exploit development.

For some exploits the vulnerable binary can be downloaded from exploit-db. These provide an excellent practice playground. Additionally, the exploit-exercises with protostar provide another magnificent learning experience. They helped me getting more familiar with the different exploitation techniques. Protostar covers stack overflows, heap overflows, and also format string attacks. Furthermore, the tutorials of FuzzySecurity 2.0 proofed quite worthwhile. The corelan exploitation series also provide excellent material for exploit development. All these resources provide quite some material. After a lot of exercise, I finally had the guts to schedule my exam.

The Exam

For the exam you have to prove your skills in 48 hours. In the 24 hours after the exam you have to hand in the documentation. The topics of the exam are quite obvious, after completing the exercises.

Unfortunately, I did not pass the exam on the first try. The first few targets fell quite fast. Yet, I had a tough time with the last target. Basically, I know where to attack and what to do. However, I was lacking creative ideas to tackle the last challenge and obtain enough points to pass.

After the exam I knew where I was lacking some knowledge. In the following months I polished my skills until I was confident enough to take the exam again.

The second time I did pass. Trying harder payed of!


The Offensive Security Certified Expert certification was quite a challenge. A challenge that is really worth blood, sweat and tears. If you think about doing a medium certification in information security, Cracking the Perimeter is definitely the right choice. I will Try Harder!

Try Harder!