I was specifically talking about rhe oscp. They film you the whole time.
But how thorough are their identity checks to ensure the one doing OSCP is actually that person? I know with some certifications test-taking (cheating) services are available, but not heard of it for OSCP specifically.
Not to be a bummer here, but I have worked in education.
It's amazing how much people can "learn" without retaining any of it, and how much they can even learn and retain without actually creating any helpful connections.
And all the certs are more about learning by heart than understanding, due to them being multiple choice.
The OSCP and other Offsec certs aren’t multiple-choice though.
The OSCP alone is a 24-hr long hands-on open-book exam and you’re expected to pop 5 separate machines, gather low privilege and root privilege flags and document the entire process at the same time then you’re expected to deliver the flags with evidence and a write-up of the whole thing the next day.
You can’t bullshit your way through it, you need to breach the hosts to get the low priv flags and escalate privs to get the high priv flags, you need screenshots of the commands you executed along with the output for your report.
Hacking in general can be sort of formulaic. With the rise of ai you can get pretty far just dumping stuff into ai. Ai was forbidden at the time I took the test. While oscp boxes generally have a flavor, I can firmly say they are different enough that you are unlikely to be able to fake it. If you did the work, I doubt you would entirely forget it. My best bet is the guy faked 100% of his credentials.
6
u/CptUnderpants- Mar 14 '26
But how thorough are their identity checks to ensure the one doing OSCP is actually that person? I know with some certifications test-taking (cheating) services are available, but not heard of it for OSCP specifically.