OSCP
What is OSCP?
OSCPA hands-on offensive security certification from Offensive Security earned by compromising a lab network in a 24-hour proctored practical exam.
The Offensive Security Certified Professional (OSCP) is awarded by Offensive Security and is one of the most respected practical penetration testing credentials. Candidates first complete the Penetration Testing with Kali Linux (PWK / PEN-200) course, which covers enumeration, exploitation, privilege escalation, Active Directory attacks, and pivoting. The proctored exam is a 24-hour practical engagement against an isolated lab network: candidates must compromise a chain of standalone and Active Directory hosts to accumulate at least 70 points, then deliver a full penetration-test report within an additional 24 hours. OSCP is widely required for red-team, penetration tester, and offensive security engineer roles.
● Examples
- 01
A penetration tester earns OSCP to satisfy a client's contractual tester-qualification clause.
- 02
A red-team analyst uses OSCP as a prerequisite before pursuing OSEP or OSED.
● Frequently asked questions
What is OSCP?
A hands-on offensive security certification from Offensive Security earned by compromising a lab network in a 24-hour proctored practical exam. It belongs to the Compliance & Frameworks category of cybersecurity.
What does OSCP mean?
A hands-on offensive security certification from Offensive Security earned by compromising a lab network in a 24-hour proctored practical exam.
How does OSCP work?
The Offensive Security Certified Professional (OSCP) is awarded by Offensive Security and is one of the most respected practical penetration testing credentials. Candidates first complete the Penetration Testing with Kali Linux (PWK / PEN-200) course, which covers enumeration, exploitation, privilege escalation, Active Directory attacks, and pivoting. The proctored exam is a 24-hour practical engagement against an isolated lab network: candidates must compromise a chain of standalone and Active Directory hosts to accumulate at least 70 points, then deliver a full penetration-test report within an additional 24 hours. OSCP is widely required for red-team, penetration tester, and offensive security engineer roles.
How do you defend against OSCP?
Defences for OSCP typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for OSCP?
Common alternative names include: Offensive Security Certified Professional, PEN-200.
● Related terms
- compliance№ 152
CEH
An ethical-hacking certification from EC-Council that teaches attacker tools and techniques across reconnaissance, exploitation, web, wireless, and cloud testing.
- compliance№ 876
PTES
A community-built penetration testing methodology organizing engagements into seven phases from pre-engagement scoping through reporting and remediation guidance.
- compliance№ 770
OSSTMM
An open peer-reviewed security testing methodology from ISECOM that defines scientific, repeatable measurements of operational security across five channels.
- compliance№ 442
GIAC Certifications
A family of role-based cybersecurity certifications issued by GIAC and aligned with SANS Institute training, covering operations, incident response, forensics, and penetration testing.
- compliance№ 177
CISSP
A senior-level vendor-neutral security certification from ISC2 covering eight domains of the Common Body of Knowledge and requiring five years of paid work experience.