From a934d592b8ab21c4302fc03449395107ebd99322 Mon Sep 17 00:00:00 2001
From: Postmodern <postmodern.mod3@gmail.com>
Date: Sun, 19 Nov 2023 01:19:21 -0800
Subject: [PATCH] Mention that Ronin is allowed on the OSCP Exam.

* Ronin **does not** provide any "automatic exploitation" functionality,
  which can both find a vulnerability and automatically exploit it.
* I have emailed OSCP and they confirmed this definition of "automatic
  exploitation", which does not apply to Ronin.

> Subject: [OffSec] Re: clarification on banned tools
> From: Support <challenges@offensive-security.com>
>
> ##- Please type your reply above this line -##
>
> Hi Postmodern,
> This message (287391) has been updated. To add additional comments, please reply to this email.
>
> ----------------------------------------------
>
> Offensive Security, Nov 9, 2023, 08:24 UTC
>
> Hello,
>
> Thank you for your email.
>
> If a tool is capable of automatically discovering and exploiting vulnerabilities on a target machine resulting in automatic remote access or escalated privileges without effort or enumeration, it can be considered a restricted tool.
>
> To further elaborate on the above, we highly recommend reading the below blog post regarding automated exploitation tools.
> - Understanding the tools/scripts you use in a Pentest
>
> Furthermore, please also keep in mind that there are many tools and unfortunately, we are unable to comment on all of them. Therefore, it is up to the student to determine if their chosen tool or script falls under a restricted category. This also demonstrates that you understand what the tool is doing and how it works.
>
> Keep us updated if you require any additional information.
>
> Sincerely,
> The OffSec Team
> www.offsec.com
---
 faq/index.md | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/faq/index.md b/faq/index.md
index db6af722..17fa1b3f 100644
--- a/faq/index.md
+++ b/faq/index.md
@@ -139,6 +139,17 @@ it is extremely easy to write your own exploits using
 [ronin-exploits](https://github.com/ronin-rb/ronin-exploits#examples)
 and distribute them via [3rd party repositories](#3rd-party-repositories).
 
+### Can I use Ronin on the OSCP?
+
+Yes! The [OSCP Exam Guide] states that tools which performs "automatic
+exploitation" (meaning the tool can both find a vulnerability and automatically
+exploit it), which includes tools such as Metasploit or SQLmap.
+
+[OSCP Exam Guide]: https://help.offsec.com/hc/en-us/articles/360040165632-OSCP-Exam-Guide#exam-restrictions
+
+Ronin **does not** provide any automatic exploitation functionality, therefor
+it should be safe to use Ronin on the OSCP exam.
+
 ## 3rd party repositories
 
 ### What is a 3rd party repository?