Sign in Subscribe
OSCE3 Offsec

OSCE3: Ton Tac's Adventure

Nothing

3 min read
OSCE3: Ton Tac's Adventure

Back when I first started learning about cybersecurity, I never imagined I’d one day earn the OSCE3 certification. In those early days, I was just using tools without really understanding how they worked under the hood. Everything felt overwhelming, and the deeper concepts seemed out of reach.

OSCP: The first step

💡
The first step is always the most difficult

I started learning OSCP with just a basic understanding of networking, programming, and web hacking. It ended up being the longest and most challenging course I’ve taken on this journey—but also the one where I learned the most: Tunnel, Poviting, File Transfer, ...

You can find some resources from my colleague's post

How I passed OSCP with “2 times”
In this blog, I will share my journey of overcoming OSCP. I will be documenting my experience to prepare for the OSCP as well as my exam day experience with the experience of a newbie and 2 times 😵 (so expensive with anyone failed). I can only sum it up in
TeamTonTacOr4nge16

OSWE: As easy as pie

Before diving into cybersecurity, I had already been a programmer, which gave me a strong foundation. As a result, I didn’t face many difficulties when preparing for the OSWE. With the developer and hacker mindset, I was able to pass the exam in about 10 hours. It was a rewarding experience that reinforced how valuable a solid programming background can be in offensive security.

You can find some resources from my colleague's post

OSWE Journey
First of all, I would like to thank you for being here to listen to me share my journey. Have a great day! Overview 1. The starting point 2. The preparation 3. The exam 4. Some advice I. The starting point I am not a professional CTF player or someone
TeamTonTacerr!=nil

OSEP: Why and How

💡
Whyyyyy !!!!!!!!!!!!!!!

I remember that while learning new modules, I constantly had questions, wondering why something worked or didn’t work. Often, the issues came down to simple things: a version difference, the wrong context, or even a missing “/” at the end. Despite the challenges, the labs and the exam were genuinely fun, and I truly enjoyed the learning process.

You can read a detailed review here:

How to pass OSEP for the first time
How I passed OSEP on the first attempt
TeamTonTacNothing

OSED: The biggest fear

💡
ROP chain is art, and the exploiter is artist

When I first started, I had no experience with reversing, buffer overflows, or low-level coding. The world of binaries felt completely different from web hacking—it was like learning a new language. In the first month, I kept misreading values on the stack and struggled to grasp the flow.

To push myself, I set an exam date before I even started learning. It was a bold move, but it kept me motivated. In the end, I made it through and passed.

Along the way, I even tried cracking some software to apply what I learned, and for fun, I managed to crack Caido. That moment was both satisfying and a great reminder of how far I'd come.

Final Thought

When I took this picture, I never imagined I would one day achieve OSCE3.

But when I finally received it, I didn’t feel as excited as I thought I would. In the end, it’s just a certificate—a piece of paper. What truly matters is the knowledge I’ve gained and the hands-on experience I’ve gained along the way. That’s the real achievement. So, I’ve learned to enjoy every step of the journey, not just the destination.