Skip to content

Commit

Permalink
Mention that Ronin is allowed on the OSCP Exam.
Browse files Browse the repository at this point in the history
* Ronin **does not** provide any "automatic exploitation" functionality,
  which can both find a vulnerability and automatically exploit it.
* I have emailed OSCP and they confirmed this definition of "automatic
  exploitation", which does not apply to Ronin.

> Subject: [OffSec] Re: clarification on banned tools
> From: Support <[email protected]>
>
> ##- Please type your reply above this line -##
>
> Hi Postmodern,
> This message (287391) has been updated. To add additional comments, please reply to this email.
>
> ----------------------------------------------
>
> Offensive Security, Nov 9, 2023, 08:24 UTC
>
> Hello,
>
> Thank you for your email.
>
> If a tool is capable of automatically discovering and exploiting vulnerabilities on a target machine resulting in automatic remote access or escalated privileges without effort or enumeration, it can be considered a restricted tool.
>
> To further elaborate on the above, we highly recommend reading the below blog post regarding automated exploitation tools.
> - Understanding the tools/scripts you use in a Pentest
>
> Furthermore, please also keep in mind that there are many tools and unfortunately, we are unable to comment on all of them. Therefore, it is up to the student to determine if their chosen tool or script falls under a restricted category. This also demonstrates that you understand what the tool is doing and how it works.
>
> Keep us updated if you require any additional information.
>
> Sincerely,
> The OffSec Team
> www.offsec.com
  • Loading branch information
postmodern committed Nov 19, 2023
1 parent f027ebf commit a934d59
Showing 1 changed file with 11 additions and 0 deletions.
11 changes: 11 additions & 0 deletions faq/index.md
Original file line number Diff line number Diff line change
Expand Up @@ -139,6 +139,17 @@ it is extremely easy to write your own exploits using
[ronin-exploits](https://github.com/ronin-rb/ronin-exploits#examples)
and distribute them via [3rd party repositories](#3rd-party-repositories).

### Can I use Ronin on the OSCP?

Yes! The [OSCP Exam Guide] states that tools which performs "automatic
exploitation" (meaning the tool can both find a vulnerability and automatically
exploit it), which includes tools such as Metasploit or SQLmap.

[OSCP Exam Guide]: https://help.offsec.com/hc/en-us/articles/360040165632-OSCP-Exam-Guide#exam-restrictions

Ronin **does not** provide any automatic exploitation functionality, therefor
it should be safe to use Ronin on the OSCP exam.

## 3rd party repositories

### What is a 3rd party repository?
Expand Down

0 comments on commit a934d59

Please sign in to comment.