Student Spotlight: Meet Mihai, a 16 year old OSCP holder

Editor’s Note: Per our FAQ, the minimum age for an Offensive Security student is 18. However, under specific circumstances with explicit parental permission, Offensive Security waives the age requirement for select students. This post has been published with the explicit approval of both Mihai as well as his guardians.

Meet Mihai, a high school student out of Romania who is involved in all of the outside extracurriculars you would normally expect out of any teenager. However, at age 16, one massive accomplishment separates him apart from his peers: he’s an OSCP certification holder and graduate of the Penetration Testing with Kali Linux course.

Being one of the youngest students to ever receive an OSCP is no feat to scoff at.

There’s a reason why the OSCP certification so highly valued among employers: it’s because it’s challenging to complete. As the saying goes, you don’t buy an OffSec certification, you earn it. Even moderate to advanced cybersecurity folks struggle mightily with our courses.

So when a 16-year-old applied for special permission to take the PWK course (and the exam), it caught our attention. When we decided to look back into our student archives, we found only a handful of sub-18-year-old students to successfully complete the PWK course and receive their OSCP. It’s an extremely rare and unique achievement.

And it’s not like Mihai is some protege who started coding at four years old. In fact, he’s still fairly new to the infosec space. When asked how he first became interested in cybersecurity, here’s what he had to say:

“I really got interested in cybersecurity at the beginning of the 9th grade, when two other classmates and I registered for a capture-the-flag contest named picoCTF (2018 edition). While my colleagues didn’t really like it, I tried solving as many challenges as possible. In the end, my team ranked #692. As you can see, I wasn’t very good in the beginning, but time and persistence helped me get better and get the OSCP certification in under a year.”

One piece of praise we consistently receive from students is the quality of our lab environments. All OffSec labs are designed to put learned techniques from the course curriculum to the test. Mihai agreed:

“My favorite part was the course labs. Besides learning the basics of penetration testing, I also built a rock-solid methodology and learned some tricks which I’m sure will help me.”

When it came to our Try Harder motto, Mihai raved about the impact it’s had on his life outside of InfoSec:

“I believe there are a lot of interpretations of the ‘Try Harder’ mindset. For me, it means that every problem can be solved given enough time and attention. It’s more of a rule to live by. It surely helped me outside cybersecurity. One example that pops up in my mind is learning to play the guitar. Every song seems hard at first, but with enough time and dedication, it becomes easier and easier until you get to the point where you can play it in your sleep.”

When it comes to Mihai’s story, there are many inspiring takeaways. However, one thing stands out: don’t let age deter you from following your passions. Whether it’s information security or an outside hobby, pursue your passions regardless of the norm. One of Offensive Security’s goals is to make the cybersecurity industry more inclusive: with focuses on gender norms, age differences, and ethnic backgrounds.

If you’re a student below the age of 18 and you’re interested in taking an Offensive Security course, reach out to us and we’ll discuss with you potential arrangements.

Mihai tried harder. And for that, we are proud of him.