top of page
Writer's pictureBen Lampere

And Another One - Pass the OSWP in 2023



OSWP Certificate



I finished my OSCP and thought I would take a break. That didn't really happen, as I started on the OSWP the next day. Having the Learning Unlimited subscription takes little to jump into the next course. The other justification was this was much less of an intense exam as it's only 4 hours instead of the full 24 hours of the OSCP.


When you start this course, they recommend buying two different routers for your home lab. While they are nice and don't suggest expensive routers, this is unnecessary. I recommend you purchase a subscription to PentesterAcdemy. I just checked the site, and they have a subscription of $69 dollars a month. Studying for this test only took me about two months, so the price was the same. The advantage of this site is that all your environments are set up, and there is a step-by-step guide for each type of attack. I have covered Pentester Academy in previous posts, but they have the most expansive set of labs.



Selection of PentesterAcademy WIFI hacking labs


Similar to what I talked about in the OSCP exam, the course material is all that you need to pass this exam. Study the content, take notes, and make a step-by-step list. In my notes, I separated them into each type of security: WPA, WPA2, WPA Enterprise, etc. Then, I made a step-by-step list of how to perform each type of attack. Because this exam is only 4 hours, you only have a little time to mess around and try to understand your notes. Outside of the steps, I also had supplemental notes that I got from notes people posted on GitHub and the steps Pentesteracademy recommended. Consider these as backup notes if your course notes don't work.


The night before exam day, I cleaned the office so I had a good work environment. I also plugged in all my monitors, cleared my desk, and got a notebook and pen. This allowed me to show up to the exam ready to go. I had a good time for my exam; I booked my exam to start at 9 a.m. on a Saturday. I arrived 15 minutes early to complete the verification and was ready to dive in. Once I got into the exam, I restarted all my machines just to be safe. I was working through them individually and taking notes along the way. I got the required points for passing 2 hours into the exam. I started writing my report thinking I would do some of the report and jump back into the exam to get all the points. I got carried away and only gave myself 20 minutes to get the remaining points. I didn't get the remaining points in time, but I knew I had everything I needed to pass.


It's important to remember that the goal of the exam is to pass, and you're not required to get 100 points. So, ensure you have everything needed to complete your report once you get enough points to pass. Only If you have time you should try going to the remaining points.


A few days later, I got my results and passed the exam. This was my second Offensive Security Certification completed. After finishing this exam, I went to Defcon, returned, and jumped right into the OSWA. Currently, I have completed all the coursework and videos; I just need some more studying, and I'll schedule that exam soon.


I hope this article helps you when you take the OSWP. Be sure to use all your resources by taking good notes, knowing the course work, and reading the resources people provide on the Offensive Security Discord. Good luck!

Recent Posts

See All

Comments


bottom of page