What is OSWP?
OSWP stands for Offensive Security Wireless Professional, a course and certification provided by Offensive Security, the team that created the Backtrack Linux distribution. A successful certification will give you 10 cpe if you are a CISSP. You can click here for more information about OSWP.
Interested participants can pre-register for an online or live training. The main difference between online and live training is that online training has offline materials – Training video and Lab manual – which participants can download and do self-study at their own pace. Free emails are not allowed for registration, participants must provide a non-free and valid email address in order to register and pay for the course. After pre-registration you will be provided an email with instruction on how you can pay and register for the course you will be assigned a student number for student identification, after payment a payment confirmation email will be mailed to you. After about 72 hours you will receive another email to download your study materials, you will be given 72hours to download the study materials after which the links provided will be invalid. If you lost your materials and wish to re-download them after 72 hours you need to pay an addition USD$100, so please be sure you have made backups.
Self-hosting lab training
Unlike other courses and certifications, OSWP requires participants to self-host their own lab for practice. You only require one wireless router and two computers.
Once you felt you are ready for the challenge, you can mail to offsec team to schedule exams, you should provide your student number and three preferred dates and times you wish to take the exam, the time is based on GMT +0. You will receive an email to inform you the confirmed scheduled date of your exam. On the actual exam date, 15 minutes before your actual exam starts you will receive an email containing instructions on how you should login to the remote location to start your challenge. After you have finished your challenge objectives you must submit a report documenting how you achieve your objective, report writing is part of the exam objective by the way; challenge is not completed without submitting a report. For OSWP exam candidate will have 4 hours to complete the objective and report must be submitted within 24-hours after the exam, the time given is really very generous. I completed the objective within 30mins and took 1 hour to write the report.
You have no reason to fail this exam if you have done your homework i.e. watch the training video and do the labs described on the lab guide. Comparing to OSCP and other offsec provided certification OSWP is the easiest, because it only focus on one suite of tools which you can get a lot of information and examples from the internet.
One of the recommended site is SecurityTube, Mr. Vivek Ramachandran has already made a series of Wireless pentesting videos and given them for free, he also offers Wireless certification known as SecurityTube WiFi security expert (SWSE). I have intention to take his certification not because I wanted to be certified but because I wanted to support his cause of providing free and quality security education.
Do not expect to be spoon fed by the Offsec team and other people, although you will be provided credential to login to their forums and you can login to the IRC, you should not expect there will be any help provided. I have given up using IRC and forum to seek for answers when I was stucked. I strongly suggest you look else where for quality answers to your problems. I have used IRC just to get some support while I was taking the exam, support as in some exam procedures and nothing more.
Conclusion is you are on your own and finding answers by yourself is more rewarding although it might be frustrating in the process.
Be sure to share your answers to the community because in future people might stuck on the same problem as you are, Albatr0ss is one of the good guy who shared his answers for broken SKA, you can check out the defeating SKA in his blog, Albatr0ss had deposited his answers to more than one security forum just to make sure Wireless security people get the message, well done Albatr0ss 🙂
Overall OSWP is a great course, I would recommend people to take this certification, the certification is totally hands-on and I think only practical exam can judge a person’s competency fairly. If you are a CISSP you can gain 10 cpe points by passing OSWP. Although it is not necessary to pay for the course to learn how to pentest WiFi, paying for the course supports the team financially; in essence these people still need to eat and earn a living, free should not equate to free of charge it should be free to share, free to modify and freedom to knowledge.