How much does the OSCP exam cost?

The OSCP exam costs $1499. Includes PEN-200 course + 90-day lab access + 1 exam attempt

How long does it take to prepare for OSCP?

Most candidates spend approximately 300 hours preparing for the OSCP exam.

How long is the OSCP exam?

The OSCP exam is 1440 minutes long.

How long is the OSCP certification valid?

The OSCP certification is a lifetime credential.

🔒 CybersecurityProfessional★ Industry StandardHigh Demand

OSCPOffensive Security Certified Professional

The most respected hands-on penetration testing credential

OffSec

by OffSec

Exam details independently verified January 2026

MyCertPath Score

9.5

/10

How we score →

About this certification

The OSCP is OffSec's flagship certification, requiring candidates to compromise a set of vulnerable machines within a 24-hour performance exam — no multiple choice. It validates real offensive security skills: enumeration, exploitation, post-exploitation, and report writing. OSCP is the industry benchmark for penetration testers.

MyCertPath verdict

Industry gold-standard proof you can actually pentest. The 24-hour hands-on exam plus 24-hour report is what separates 'I have a cert' from 'I can break in and document it.' Required or strongly preferred for serious offensive-security roles. Expect 200–400+ hours of lab time on top of the PEN-200 course.

What it actually tests

24 hours of attack time in a target network — typically one Active Directory chain plus three standalone machines — followed by 24 hours to write the report. Passing requires 70 of 100 points AND a complete report; missing the report fails you regardless of compromises. Buffer overflow was removed in the 2023 PEN-200 refresh; current emphasis is on Active Directory attack paths.

Common traps

Things candidates underestimate or get wrong on this exam.

Underestimating the report. A working exploit without proper documentation is still a fail.
Treating the lab as a checklist. Pivoting, enumeration, and AD attack paths matter more than collecting hosts.
Burning energy at hour 23. Sleep is part of the strategy — many pass after four to six hours of mid-exam rest.
Saving the AD network for last. It's the highest point value and the hardest to recover from late.

What you'll validate

✓Network enumeration and scanning
✓Web application exploitation
✓Buffer overflow exploitation
✓Privilege escalation (Linux + Windows)
✓Active Directory attacks
✓Post-exploitation and pivoting
✓Professional penetration test reporting

Pros & Cons

Advantages

+Industry's most respected offensive security credential
+Performance-based — impossible to fake
+Lifetime validity
+Opens doors to elite penetration testing roles

Disadvantages

−Extremely challenging — high failure rate
−High cost including required course and labs
−24-hour exam is mentally grueling
−Not suitable for beginners

Who it's for

Best for

→Aspiring penetration testers
→Security professionals transitioning to red team roles
→Those serious about offensive security as a career

Not ideal for

×Security beginners (build basics first)
×Those wanting a defensive/blue team credential

Career paths this unlocks

Penetration TesterRed Team OperatorVulnerability ResearcherSecurity Consultant

Study Guide

OSCP Exam Guide: How to Approach the 24-Hour Penetration Test

OSCP is the gold standard entry-level offensive security credential — and one of the hardest exams you can take. There are no multiple-choice questions. You have 24 hours to compromise target machines, and another 24 hours to write a professional penetration test report.

15 min read

Read guide

Study Resources

Affiliate links — we may earn a commission

Top picks for OSCP

🎬 CourseOSCP preparation

Practical Ethical Hacking — The Complete Course

by TCM Security

Udemy

4.8★~$14.99 on sale

📖 Book

The Web Application Hacker's Handbook

Amazon Books

~$39.99

🎟️

Course bundle includes exam attempt — purchase Learn One or Learn Enterprise via OffSec

OffSec Learn →

More places to study

UdemyMost popular

Most popular cert prep courses, often on sale for $14.99

From $14.99Browse courses →

Tutorials DojoTop-rated

Highest-rated practice exams for AWS, Azure, and GCP

From $9.99Get practice exams →

CourseraCertificate included

University-backed courses from Google, IBM, DeepLearning.AI

From $49/moExplore courses →

Whizlabs

Practice tests and hands-on labs for 30+ cert tracks

From $9.95Practice tests →

Amazon Books

Official study guides and exam prep books

From $29.99Shop study guides →

A Cloud Guru

Hands-on cloud sandboxes and cert prep subscriptions

$39/mo or $249/yrStart free trial →

LinkedIn Learning1 month free

1-month free trial — includes 21,000+ cert prep courses

$39.99/mo after trialTry free for 1 month →

MyCertPath earns a commission when you purchase through these links — at no extra cost to you. We only recommend resources we'd stand behind.

Jobs for OSCP holders

OSCP holders report $10k–$30k+ salary uplift on average.

LinkedIn Jobs

Updated daily

Search LinkedIn Jobs →

Indeed

Search Indeed →

Dice (tech roles)

Tech-focused job board

Search Dice →

CyberSeek (cyber only)

NIST-backed supply/demand tool

Explore cybersecurity heat map →

Job links open external sites. Search results are live and not curated by MyCertPath.

Quick Facts

Exam Cost: $1499 (Includes PEN-200 course + 90-day lab access + 1 exam attempt)
Exam Duration: 1440 minutes
Passing Score: 70/100 points
Exam Format: Performance-Based (hands-on)
Study Time: ~300 hours
Validity: Lifetime
Salary Impact: Strong ($10k–$30k+ uplift reported)
Last Verified: January 2026

Official exam page ↗

Prerequisites

!Solid networking and Linux fundamentals
!Basic scripting knowledge (Python/Bash)
!Familiarity with security concepts

Provider