Introduction
Today, as I travel on a three-hour journey home, I’ve decided to put my thoughts down on paper (or screen, in this case) and have me a look into the world of Offensive Security certifications a little deeper than before. I’ve been checking various blogs and websites (so many Reddit posts), trying to figure out what I need to study and why. However, I realised that jumping into specific certifications right away might not be the best approach. Instead, I’ve chosen to take a step back, slow down, and map out a path to success – because, let’s face it, the cybersecurity domain can be quite daunting. So instead of OSCP, or OSWA first, why not just figure a path from start to finish with everything focusing on OSCE3?
The Advanced Level Tracks
An these are the certifications in order that I’m going to tackle to get to the ultimate destination:
→ PEN-200: Penetration Testing with Kali Linux OSCP
- The Foundation
→ PEN-300: Advanced Evasion Techniques and Breaching Defenses OSEP
- Pushing the Skills Further
→ WEB-200: Foundational Web Application Assessments with Kali Linux OSWA
- Beginning on the Web Stuff
→ WEB-300: Advanced Web Attacks and Exploitation OSWE
- Bug Bounty Time?
→ EXP-301: Windows User Mode Exploit Development OSED
- The TOUGH one
The “Unwanted” Opinions
Before we move any further, time to address the elephant in the cyberspace room. Some might be quick to chime in with opinions like “It’s not worth it,” “You could better use your time elsewhere,” or even suggest alternative certifications. I’m not the one to let others’ opinions change decisions once I’ve decided, consequenes are mine alone. The truth is, beyond a select few, most opinions are just noise to me. I follow my own path.
The Path to Expertise
So, here’s the big question: Should I start with the easier certifications and work my way up, or should I just dive right into the advanced ones?
For me, it all comes down to how I learn stuff. I’m all about soaking up knowledge like a sponge. I want to understand everything inside out before I move on to the next thing. Some say you should build a solid foundation with the basics, but I believe jumping into the deep end early can be just as valuable. Each certification adds something to my understanding and skills, helping me handle tougher stuff later on.
In the end, my approach lets me gather as much knowledge as possible, even if some of it might not seem super relevant at first. I’m sure this way of learning will turn me into a well-rounded and capable cybersecurity wizard, ready to take on all sorts of challenges in this ever-changing world infosec.
Conclusion
As my journey home continues, thoughts of there not being any true path, it#’s just essentially finding what suits your learning style, goals, and thirst for knowledge. For me, the OSCE3 seems like an exciting and challenging adventure, one that I’m working on.
So, to anyone else pondering their own path in cybersecurity certifications, remember to silence the noise of unwanted opinions, trust your instincts, and chart a course that aligns with your learning and growth.
Happy Learning!
Why am I writing this thing again? Pretty simple reasons really, to learn and hopefully, teach at the same time. A day at work often involves a barrage of questions. The basic “how-to” to deeper queries of “why does it work that way,” gives me the oppurtunity to share and learn. So why not apply that outside the walls of my office?
Ultimate goal is to get the OSCE3 - why? I know that recently OffSec has been getting some crap but for me, I’m still learning right now (beyond a few personal bits and pieces) that’s everything that matters. Pushing for something at that level, is a worthwhile goal.
So time to start with the OSCP and get that sorted out. Then we’ll see. Also having to study the AZ-500 for work purposes (OKR fun times?) which shouldn’t be too much effort.
So yeah, that’s it. This blog is basically gonna be my diary as I chase down these certs.
If you have questions - drop them onto Twitter or X, or whatever you want to call the platform these days.
Happy Learning.