Offensive Security Cloud Pentester

Advanced Practical cloud pentest-style exam + report Pass: Objective/report-based; verify current OffSec gui… $1,499

OCLP focuses on cloud attack-path identification and exploitation across identity, misconfiguration, and service abuse scenarios. For 2026, prioritize IAM abuse paths, hybrid identity risk, and evidence-rich reporting.

Official Page

IssuerOffSec

FormatPractical cloud pentest-style exam + report

DurationProvider-defined practical window (commonly multi-day)

Pass ScoreObjective/report-based; verify current OffSec gui…

Valid For3y

Overview Syllabus (5) Tools (6) Cheat Sheets (2) Labs (3)

Full Syllabus

Cloud Recon & Identity Enumeration 20%

Tenant/account discovery, IAM principal analysis, trust relationships.

Identity & Access Abuse 25%

Privilege escalation paths, role abuse, token misuse and policy weaknesses.

Data Plane & Service Misconfiguration 20%

Storage exposure, compute metadata abuse, serverless/container weaknesses.

Hybrid/Control Plane Attack Paths 20%

Federation, CI/CD, key management, conditional access and cross-service chaining.

Detection, Reporting & Remediation Priorities 15%

Cloud-native logging evidence, business impact, prioritized fixes.