OffSec Certified Professional
The gold standard practical penetration testing certification. 24-hour hands-on exam compromising real machines in an isolated lab environment. Now branded OSCP+ with a 3-year renewal cycle via qualifying certs or CPE. Required or strongly preferred in the majority of penetration testing job postings globally. DoD 8570/8140 approval being pursued for OSCP+.
What you'll prove
- Perform network enumeration and service identification against real targets
- Exploit known and unknown vulnerabilities using manual techniques
- Escalate privileges on Linux and Windows systems
- Perform Active Directory attacks including Kerberoasting, Pass-the-Hash, and lateral movement
- Pivot through network segments to reach internal targets
- Write professional penetration test reports documenting findings and remediation
- Apply try-harder methodology to identify attack paths under time pressure
Frequently asked
How much does OSCP cost?
The Course + Cert bundle costs $1,749 USD (90 days of lab access + 1 exam attempt). Learn One costs $2,199/year (1 year lab + 2 attempts). Retakes are approximately $250 each.
Is OSCP still worth it in 2025?
Yes. OSCP remains the most cited penetration testing certification in job postings globally. The OSCP+ branding and renewal cycle align it further with industry standards. ROI is exceptional — average salary increase of $35,000+ in the first year.
What is OSCP+ vs OSCP?
OSCP+ launched in November 2024 with an updated exam covering modern Active Directory attacks from assumed-compromise positions. OSCP+ expires in 3 years and requires renewal. Legacy OSCP is lifetime but can be upgraded to OSCP+ by passing the updated exam.
How hard is OSCP?
Very hard. Most candidates require 3-6 months of preparation. The 24-hour exam tests persistence, methodology, and ability to work through frustration. Pass rate is approximately 75-80% for well-prepared candidates who complete the lab machines.
Where this fits