You know how every family has their own little traditions; like baking cookies for Christmas or taking down the decorations on January 1st? In the Hexxed BitHeadz house, when someone hits a milestone, we trade a technical writeups for a for a quick reflection about our recent win.
Well, as of 11/8/25, I am OFFICIALLY OSEP CERTIFIED!
So this month’s blog? Less techy stuff and more 🎉. Let me dive into to my newly earned shiny… PDF file.
How I Got Here: The Cert Trail
I passed OSEP; but what does that REALLY mean? For me who started this journey, nearly 10 years ago, this certification puts me a step closer to a major milestone. I remember looking at the cyber certification map, dreaming of getting to that top right corner. Turns out, the journey is way more than the map.
Now, in a true terrible fashion, I’d like to take a beautiful cyber cert road map resource and mark it all up till it looks like a rejected Mario Party map. Ok you ready? You sure? It’s not pretty, I’m no graphic artist! but is a very accurate representation of my road so far.
If you’re asking what OSEP is, I got you fam, more info from the vendor found here: https://www.offsec.com/courses/pen-300/ They also show off the course syllabus, which is jam packed with a solid agenda.
Scars, Wins, Lessons
While OSCE3 is still on my bucket list, now I am 1 step closer to reach that corner. Some certifications were extremely straightforward, life was on cruise control, everything just clicked. However, like everything in life, some experiences just hit different. Life goes bananas you move, you switch jobs, all those things that tend to find a way to creep in your life when trying to accomplish something. And that my friends, is were those real growing experiences matter the most. Those are the moments when there’s a need to just Embrace The Suck. Which, has become the Hexxed BitHeadz motto over the last several years.
My path: A+ > Network+ > Security+ > CEH > eJPT > eCPPT > eWPT > OSCP > OSWP > CRTO > OSEP.
I believe with every certification achieved since getting into cyber, I have found plenty of topics to take further on my own. To be taught something, and be exposed to it for the first time can let someone’s own curiosity take it even further. This has allowed me to learn and grow in a way that works for me.
OSEP, TL;DR
Within the OSEP syllabus, they callout learning about client-side attack techniques with Microsoft Office and other applications. While already familiar with VBA macros, it’s the “other applications” part of the course that was even more interesting.
Master antivirus evasion, man I sunk a lot of time into this, no joke. I was experimenting with building from source a lot, toy’d around with automation quite a bit with our GonkWare tool discussed in previous posts, really fun stuff, I had to stop and remind myself I was still taking the course!🤣
The active directory portion of the course was good, this was a huge focus within the CRTO course, so a lot of material was nice to review, however, it pushed me to try new tools / methods. I have recently become a huge fan of Sliver C2! Although one can absolutely get through the course without any kind of framework like this, in no way is it a requirement, but figuring out how to use some of the advanced features like sideload and inline assembly execution were an absolute bonus.
On a side note: We’d love to do a multi month blog journey focusing on Sliver + GOAD. Active Directory is one of my favorite topics, and think we can get a good set of writeups sometime in the near future. Stay tuned!
Labs
The labs were great, slowly building up concepts into full environments, allowing students to practice the little pieces before putting it all together. Completing ALL of the labs before attempting the exam is a huge recommendation. Spending some extra time learning to do something in different ways with different tools is helpful as well. You never know what situation you get into and have to rely on different tools to accomplish what is needed.
What helped me?
We all know, in cyber this journey never ends. We’re always learning. That means to me continuing to grow and continue to learn, by doing Proving Grounds, HackTheBox, certifications, etc. However, for me I definitely needed time in between milestones to absorb the learning material.
How long did it take?
This is always a rough question to answer. Between full time job, family, blog, site maintenance, life, I pretty much used the whole year of access before passing the exam. Several months were gone to self-study some topics I wanted to explore.
Overall, I really enjoyed the content of this course, I was able to enhance my skillset and become much more familiar with some phenomenal tools created by the best community in the world.
The Exam
Not a whole lot for me to say here, I’ll just mention at a high level how it went for me. I started on a Saturday, 2pm. Hacked away till about 9-10 with good, slow progress made. Got a full night’s sleep, with no rush to hop back on. I knew it was going to be a long day and night. Picked up on progress Sunday morning, then somewhere around lunch, I got stuck. Like really stuck! After several hours, I push through, do my embarrassing on-camera celebration, and continue on into Sunday night, picking up more flags, going into the wee hours of Monday morning to secure the pass.
I poked on more after getting what was needed, as I was more curious about the environment. I would love to be able to continue poking at it, as I have unanswered questions! The report is no joke. Write it out along the way is totally valid suggestion, as it should be something that could be handed off to someone else and they would be able to easily mimic those steps. After about 8 days constantly refreshing my inbox, the fine crew at OffSec let me know I have passed the OSEP course, and earned my certification.
Unsolicited Advice
The course goes through fundaments of topics really well. However, see if there’s any benefit to automating these tasks or if something out there already does it. The tools restriction is much lighter than OSCP. I know our journey through cyber can be overwhelming, chaotic, and brutal at times. I’m always amazed when I come across someone who is able to just smash through these courses and certs back to back. I can’t help but feel like I always need to venture on my own between these milestones, let those concepts and knowledge sink for before taking one something new.
Celebrate your wins!
Does anyone else celebrate milestones during the exam on camera, proctored? I feel like I was more mindful and contained during my OSCP, but now, it’s like I lost all care in the world. You know what I mean like, got initial access? That deserves a fist pump. Just 1 though. Obfuscated payload finally works to bypass defenses? That gets a “Praise the Sun” kind of motion. Snagged proof.txt? Well, those root dances I am sure on some kind of “not so top 10 celebrations” proctored clips somewhere. I know if I was proctoring me, I’d be laughing my ass off.
What’s Next?
I’m now only two certs away from being OSCE3, which has been a my main goal for several years. Next stop is OSWE / PEN-300, which I am very excited to jump into sometime soon. Time to take a little breather, take a look at any upcoming opportunities with Hexxed BitHeadz, our lives, everything really.
Another Hexxed BitHeadz Tradition.
Another fun little thing we do here is celebrate by opening some packaged item on our bookshelves. I wouldn’t say we’re much of a collector of things (looks at book shelves). Ok! Until recently we haven’t been much of a collector of things, but we’ve been grabbing these Cyberpunk figures lately. For awhile, we just left them boxed up on the shelves. But then we got Adam Smasher and yes he is HUGE! Like he didn’t fit in anywhere, so we unboxed him first. Then, I passed my OSCP, which I used as a good reason to unbox the 2nd one, when we got our first talk at BSides Las Vegas, we unbox another one there, talk at BSides Buffalo, and finally now, passing OSEP I get to unbox the next one.
Now that ya’ll have seen my best Vanna White impression, I’m out. Gotta figure out who’s to unpack, Judy? Solomon? Panam?! Choices, choices…