
Sep 4, 2024
Everything you need to know about the OSCP+
We’re sharing all of the important information related to the OSCP+ so you can know what this means for past, current and future learners.
OffSec is announcing some updates to the OSCP exam which, effective November 1, 2024, will result in the addition of a “+” designation for newly certified OSCP holders. That means, upon passing the exam, you’ll receive two certifications: OSCP+ and OSCP.
The OSCP+ certification will differ from the existing OSCP certification in only one way–it will expire three (3) years from issuance, whereas your OSCP certification does not expire. If you allow your OSCP+ to expire, you will still have your OSCP.
Individuals who currently hold an OSCP certification, who pass the OSCP exam before November 1, 2024, or who decide not to maintain an OSCP+ certification after it expires, will have their OSCP certification remain valid for life. Their credential remains a valuable and respected indicator of their skills and knowledge. While it doesn’t carry the + designation, the OSCP certification still represents a strong foundation in cybersecurity.
To learn more about these changes you can:
- Read the help center article
- Join us for a Q&A webinar on Friday, September 6 at 9am ET
- Join us for Discord Office Hours on Friday, September 6 at 1pm ET
- Review this YouTube overview video from Tyler Ramsbey
- Read this X post with a video from @0xTib3rius
Thanks to our community members for your continued passion and support for the OSCP and OffSec.
Stay in the know: Become an OffSec Insider
Get the latest updates about resources, events & promotions from OffSec!
Latest from OffSec

Research & Tutorials
CVE-2024-39914 – Unauthenticated Command Injection in FOG Project’s export.php
Discover details about CVE-2024-39914, a critical unauthenticated command injection vulnerability in FOG Project ≤ 1.5.10.34. Learn how attackers can exploit export.php to execute system commands or deploy persistent webshells.
Jun 26, 2025
2 min read

OffSec News
What It Really Means to “Try Harder”
Discover how OffSec’s “Try Harder” mantra evolved into a mindset, and how it helps learners build grit, creativity, and real-world problem-solving skills.
Jun 23, 2025
7 min read

Research & Tutorials
CVE-2025-3248 – Unauthenticated Remote Code Execution in Langflow via Insecure Python exec Usage
CVE-2025-3248 is a critical RCE vulnerability in Langflow that allows unauthenticated attackers to execute arbitrary Python code via unsanitized input to exec(). Learn how it works and how to protect your system.
Jun 18, 2025
2 min read