Offensive Security Certified Professional

Advanced 24-hour hands-on practical exam + 24-hour reporting window Pass: 70/100 (verify latest OffSec policy) $1,499

OSCP (PEN-200) focuses on practical penetration testing across standalone and Active Directory environments, emphasizing enumeration depth, exploitation workflow, privilege escalation, lateral movement, and professional reporting.

Official Page

IssuerOffSec

Format24-hour hands-on practical exam + 24-hour reporting window

Duration24h exam (+24h report submission)

Pass Score70/100 (verify latest OffSec policy)

Valid For3y

Overview Syllabus (6) Tools (10) Cheat Sheets (3) Labs (1)

Full Syllabus

Information Gathering, Enumeration & Attack Surface Mapping 15%

Service discovery, protocol enumeration, web content discovery, AD reconnaissance, and prioritization of attack paths.

Vulnerability Assessment, Exploitation Planning & Initial Access 20%

Vulnerability validation, exploit adaptation, manual exploitation workflow, and reliable foothold establishment.

Web Application & Common Service Exploitation 15%

Web flaws and service-level weaknesses commonly encountered in enterprise pentest scenarios.

Privilege Escalation (Linux & Windows) 20%

Kernel/service misconfigurations, credentials abuse, and local privilege escalation methodology.

Active Directory Attacks, Lateral Movement & Pivoting 20%

AD enumeration, credential attacks, movement between hosts, pivoting, and objective completion in domain environments.

Post-Exploitation, Documentation & Professional Reporting 10%

Evidence collection, impact explanation, remediation guidance, and exam-style reporting discipline.