OSWP Review - 2024
Table of Contents
Introduction
On the 2nd of March 2024, I sat for the Offsec Wireless Professional (OSWP). So, as tradition dictates, it is time for another certification review, where I will give my opinions and some tips to prepare you for the exam.
What you should expect from the course
The PEN-210 course covers a lot of knowledge regarding wireless networks at a low level, from Wi-Fi standards (802.11, 802.11b, 802.11ax...) to packet inspection. It feels like a college networking class.
Furthermore, you will be taught how to use Wireshark filters to gather information using the sniffed packets, how to deal with wireless card drivers, and, obviously, how to attack the most common networks you can find nowadays.
The Labs
Sadly, this certification does not have any kind of lab where you can practice the attacks of the course. There are only some PCAPs to mess around with Wireshark's filters.
However, you can practice the attacks thanks to Raul's WiFiChallenge Lab 2.0. Download the virtual machine that suits you the most (If you want to install it on Hyper-V, ask on the Discord server how to proceed) and start solving the challenges (Try to use the same techniques from the course as much as possible).
In addition, you can use a tool named pcapFilter.sh to scrap information like EAP identities, certificates, handshakes, etc., instead of wasting time on Wireshark.
The exam
There is not much to say about the exam. You have four hours, there are only three challenges and you need to complete two of them to pass the exam (One of them is mandatory).
The challenges are carried out individually. Each challenge is composed of one AP and X number of stations, avoiding any kind of rabbit hole. Furthermore, when you choose the challenge, you know exactly what kind of network you will attack.
It is pretty straightforward, attack an AP, obtain some creds, connect to the network, get an IP and retrieve the password from the "router"'s website. But, you only have one Wireless Card :D.
Conclusion
As a final thought, the OSWP is the Offsec's most straightforward certification by far; that I will only sit if I do not have to pay for it, because every single attack is documented thousands of times for free on the Internet so I do not see the point on getting a certification for something that a script kiddie can do. I hope Offsec, in the near future, will change the course to teach you more "sophisticated" attacks like the ones that appear on the WiFiChallenge Lab 2.0.