Navigating the registration process for the OSCP's PwK Course

January 28th at 9:05am

I've signed up to take the Penetration Testing with Kali Linux course from Offensive Security and want to make a few notes for other would-be course takers on the process to get registered.

The registration process asks for all the basic information you would expect from a sign-up portal (Name, Address, Email) with a twist that the primary email address can't be a 'free' or ISP provided email address. They ask that the address be "...from a domain that is owned by you or your employer, such as a company, university, or personal domain." and that "Email addresses from Internet Service Providers (ISP) or free email providers such as Hotmail or Gmail (including paid versions), are not accepted..."

(Screen cap of the email requirements from the sign up page)


Paradoxically enough, they ask for a second 'personal' email address during the sign-up which did not allow me to use an email on another (different) pesonal domain. I ended up HAVING to use a gmail address here (or alternatively some other free email service) where I would have preferred to keep the emails on my own systems.

After submitting your initial request for registration it can take up to 24 hours for someone to contact you and get you started on the next phase of the sign up process. In my case I got an email back letting me know that the personal domain/email address that I had used to sign up did not their registration criteria since they couldn't validate my identity, which was a surprise since I had the domain registered for a number of years with the whois contact information clearly showing my name and address.

My thinking is that they are expecting a 'corporate' domain for the primary email that is registered to a business. In my email back-and-forth with their support team they let me know that use the website attached to the domain to do identity validation. Since I had failed this process (the personal email domain I used had no 'valid' website attached to it) I had to send in a redacted picture of my State ID.

A suggestion I have for anyone taking the course is to ensure the email you use has a website attached with information about yourself (if you are going down the 'personal domain' route) or to use your employer's provided email address. They do require that your REAL name (or a part of it) be visible in the email address.

I'm excited to take the course (Starting mid-february) and wish any other course takers the best!