Congratulations from all BSG team to Anna Zhmurko, Security Analyst and Penetration Tester at Berezha Security Group, who’s officially OSCP-certified now and who brought to all BSG team this professional achievement.
OSCP stands for Offensive Security Certified Professional and is known as more technical than other ethical hacking certifications. In addition, it is one of the few certifications that requires evidence of practical penetration testing skills.
An OSCP-certified security professional has demonstrated the ability to use persistence, creativity, and perceptiveness to identify vulnerabilities and execute organized attacks under tight time constraints and think outside the box.
The Offensive Security Certified Professional is a hands-on penetration testing certification. It requires candidates to hack various live machines in a lab environment successfully. Then, they have to write a comprehensive penetration test report.
This certification program focuses on hands-on offensive information security skills. It consists of a nearly 24-hour pen testing exam and a pentest report due 24 hours after it. It takes real willpower to withstand this trial.
The good news is, successful completion of the OSCP exam qualifies as 40 (ISC)² CPE credits. In addition, Offensive Security has a formal agreement with CREST to recognize the OSCP equivalency with CREST Registered Penetration Tester (CRT) Level 2, Track 3.
We are proud of Anna, who joined the senior-level BSG team specialists and who confirmed in practice the following penetration testing skills:
- Active Directory Attacks
- Active Information Gathering
- Advanced Command Line
- Antivirus Evasion
- Antivirus Exploitation
- Bash scripting
- Buffer Overflow Exploits
- Client-side Attacks
- Client Side Attacks
- File Transfers
- Fixing Public Exploits
- Information Gathering
- Kali Linux
- Linux Buffer Overflow
- Locating Public Exploits
- Network Vulnerability Scanning
- Passive Information Gathering
- Password Attacks
- Port Redirection
- Port Scanning
- PowerShell Empire
- Practical Tools
- Privilege Escalation
- Vulnerability Scanning
- Web Application Attacks
- Web Exploitation
- Windows Buffer Overflow
This is what Anna is able to do now:
- Using information gathering techniques to identify and enumerate targets running various operating systems and services
- Writing basic scripts and tools to aid in the penetration testing process
- Analyzing, correcting, modifying, cross-compiling, and port public exploit code
- Conducting both remote and client side attacks
- Identifying and exploiting XSS, SQL injection, and file inclusion vulnerabilities in web applications
- Deploying tunneling techniques to bypass firewalls
- Creative problem solving and lateral thinking skills.
With the new penetration testing certification, the BSG team enhances its professionalism and advances its experience to combat overcomplicated pentesting tasks. Finally, all middle and senior staff on our team are OSCP certified!
We congratulate Anna on her personal victory and wish her a significant career shift and further professional achievements!