My Journey into Cyber Security: eJPT to eCPPT to OSCP (Part II)

In the first part of this blog article, I delved into the beginnings of my journey in cyber security. This began with starting a Master’s degree and progressed to getting my eCPPTv2 penetration testing certification. Following this, I decided to tackle the well-renowned OSCP which, despite its prevalence in the industry, has certainly divided opinions.

Now you may be wondering why I would go for the OSCP after getting what many people deem to be an equivalent entry-level penetration testing certification in the eCPPTv2, and that is a good question. At the time, and probably still, the OSCP was the defacto penetration testing certification to get if you wanted to break into the industry. It proved you had the technical skills required, you could perform under pressure (24-hour exam), and you could write a report to document your findings. All the great influences in the offensive cyber security space had the certification (Dave Kennedy, John Hammond, Neil Bridges, etc.) and it was seen as a requirement by many HR people. My ultimate goal was to get this certification so that I could get a junior penetration tester role and, with that in mind, I brought 30 days of lab access (back when that was still a thing) and began my quest for the fabled OSCP. This was around the end of August after I had submitted my eCPPTv2 report for marking and with my Master’s course officially finishing in October.