The “Offensive Security Certified Expert” (OSCE)is earned by passing an extraordinary exam after the “Cracking The Perimeter”-course. The OSCP(Offsensive Security Certified Professional) is strongly focused on pentesting. The OSCE is compared to the OSCP more about writing exploits. Students learn about exploiting web vulnerabilities, Anti-Virus-evasion, Fuzzing, Buffer Overflows and exploiting network vulnerabilities. After the course I was very proficient in using a debugger like Immunity Debugger or OllyDBG. The OSCE course is different than the OSCP. In the OSCP you have a big lab to practice and this guides you what you have to learn and figure out by yourself. In the OSCE there are a couple of machines and some exercises. You have to find out by your self how to get a deep understanding of the methods that are used in those exercises.
The 48 hour exam was very hard for me. Even though I found some sleep, I really needed most of the time to solve the exercises. In the end I passed the exam on my first attempt. My recommendations for people who want to pass the OSCE are: do the OSCP first because it prepares you for the OSCE. Go through the SLAE32 for practicing assembler and shellcoding. During and after the course practice a lot and think about variations of the methods and exploits so that you get a very deep understanding of each course module.
