Open in app

Sign in

Write

Sign in

OSWP exam review 2024

trustie_rity
3 min readApr 27, 2024

--

Introduction

Last year around October 28th, I sat for the Offsec Wireless Professional (OSWP). It was a really nice exam that helped me achieve new milestones in my life hence unlocking some new doors for me. On a high-level overview, it’s a good introduction to wireless hacking.

The course

A lot is covered in the PEN-210 course entailing a lot of knowledge regarding wireless networks at a low level, from Wi-Fi standards (802.11, 802.11b, 802.11ax…) to packet inspection. At first, you might be frustrated by the theory the course throws at you but as you progress it becomes very exciting.

Furthermore, you will be taught how to use network analysis tools like Wireshark and Wireshark filters to gather information on the sniffed packets more efficiently, information about wireless card drivers, and how common network attacks are done more so WPA3( which is the one recent by the way).

The Labs

It is so unfortunate that this certification does not offer any kind of labs where you can practice the attacks. There are only some PCAPs to mess around with Wireshark’s filters though.

However, you can practice the attacks thanks to Raul’s WiFiChallenge Lab 2.0. Download the virtual machine that suits you the most and start solving the challenges (Try to use the same techniques from the course as much as possible).

Of course, there are automation tools for whatever is taught in the course like pcapFilter.sh to scrap information like EAP identities, certificates, handshakes, etc., after learning the manual way of using Wireshark from the course materials.

I would not encourage anyone to use these automation tools during the exam though🤣🤣.

About the exam

There is not much to say about the exam but a few take away point are:

  • You have four hours to complete the exam
  • There are only three challenges and you need to complete two of them to pass the exam
  • One of the challenges is mandatory and you cannot pass the exam without doing it.
  • Each challenge is done individually. That is, you have to spawn the lab individually.
  • Each challenge is composed of one AP and X number of stations.
  • Each challenge covers a different network scenario and demands for a different network attack to ensure its compromised.
  • After getting a network key, you are supposed to connect to the AP and curl its IP address/proof.txt to get the flag.
  • The flag will serve as evidence you were able to compromise the network scenario.
  • Submit the flag on the offsec dashboard to gain points. The platform will not tell you whether the flag is correct or not!

Conclusion

As a final thought, the OSWP is a very straightforward certification and I wish Offsec teach more complex attacks as seen in the WiFiChallenge Lab 2.0 labs. Nevertheless, considering Offsec’s reputation, It’s a nice addition to the resume.

All in all, I wanted it, I got it, and you can too! — sucyfer.

Resources

Oswp
Offsec
Offensive Security
Certification
Hacking

--

--

trustie_rity
trustie_rity

Written by trustie_rity

93 Followers
30 Following

Offensive Penetration Tester | M4lici0s Lif3 | Find video walkthroughs on my yt channel: https://www.youtube.com/@trustie_rity https://johnkiguru1337.github.io/

Responses (1)

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams