The PEN-210 (OSWP) course focuses on wireless security and penetration testing, equipping learners with the knowledge and practical skills needed to identify, exploit, and address vulnerabilities in wireless networks. The course covers IEEE 802.11 standards, wireless network types, Linux wireless tools, Wireshark usage, and advanced wireless network monitoring and analysis techniques. Students engage in interactive labs and exercises to simulate real-world scenarios.
The course is suitable for cybersecurity professionals, network administrators, and IT professionals looking to enhance their wireless network security and penetration testing skills, including those starting their careers in cybersecurity. Topics covered include IEEE 802.11 standards, Wi-Fi encryption, Linux wireless tools, Wireshark essentials, frames and network interaction, Aircrack-ng, attacking WPS networks, rogue access points, attacking WPA Enterprise, and captive portals.
The course is divided into learning modules and units, each with specific learning objectives and hands-on exercises. Students gain proficiency in various aspects of wireless network security, making it a valuable resource for those in the field.
The exam is completely hands-on where users must compromise wireless endpoints to prove mastery of wireless attacks.
Difficulty: 2 out of 5.
OffSec's OSWP is an interesting certification. It's focused on wireless pentesting (as the name would imply). Wireless pentesting has kind of evolved down to two main tracks: technical controls and social controls.
For this course, you focus heavily on technical controls but also get the chance to perform some social controls via their exam environment. I won't say more for fear of giving away the secrets.
I generally enjoyed this course. You get to the point, learn all of the attacks, build the infrastructure in a well-explained way, and then put it all to practical use in the exam. Overall this certification took me about a month start to finish.
I have to say though, I did have a major problem the first time I took the exam. I loaded the environment, exploited the first challenge, moved to the second and ... it didn't work. It was like my exam machine was disconnected from the network. I talked to my proctor and they couldn't help much. They escalated to OffSec tech support but they couldn't resolve it. I sat there for about 3 hours total while the exam was rebooted repeatedly. Eventually they said I should just end my exam. I couldn't get clarity on if I was going to get a voucher for a retake but eventually I just had to give in. They did end up investigating and determined that my exam environment was broken.
About a month or two later, I decided to retake the exam and the environment worked perfectly. I finished in about 30% of the required time and had the exam report done with tons of time to spare.
If I had to rate the exam the first time, I'd say it was a 1 out of 5. Doing it again, I feel they did a much, much better job. There aren't a lot of wireless pentesting courses out there and this one comes included with many OffSec bundles so I'm a fan.
