Blog
News and updates from OffSec
Nov 4, 2022
17 min read
Staged Payloads from Kali Linux | PT Phone Home – PHP
Tristram shows you how to host a PHP web page on Kali Linux and how you can use it to stage payloads that are hidden behind a wall of conditional access requirements.
Cloud Security
See Yourself in Cyber with OffSec: Cloud Security
As part of Cybersecurity Awareness Month 2022, we share out insights on starting a career in cloud security, together with key skills, prerequisites, career outlook, and much more.
Oct 31, 2022
7 min read
Web App Security
See Yourself in Cyber with OffSec: Web Application Security
As part of Cybersecurity Awareness Month 2022, we share a complete guide to starting a career in web application security with insight into career outlook, essential skills, and much more.
Oct 21, 2022
8 min read
OffSec News
Q3 Community Update | OffSec Academy, New Content, Giving Program
Welcome to OffSec’s Q3 community update! This post discusses the launch of our Giving Program, new content, OffSec Academy, and much more.
Oct 14, 2022
10 min read
Security Operations
See Yourself in Cyber with OffSec: Security Operations
As part of Cybersecurity Awareness Month 2022, we share a complete guide to starting a career in security operations and defense.
Oct 12, 2022
8 min read
Penetration Testing
See Yourself in Cyber with OffSec: Penetration Testing
As part of the Cybersecurity Awareness Month 2022, we share a complete guide to starting a career as a penetration tester.
Oct 4, 2022
9 min read
Research & Tutorials
In the Hunt for the macOS AutoLogin Setup Process
OffSec’s Csaba Fitzl shares how he reverse-engineered the macOS auto-login process, including the walls he hit, and the times he resorted to trial-and-error approaches.
Sep 23, 2022
14 min read
Kali Linux
Staged Payloads from Kali Linux | PT Phone Home – DNS
In part one of this post, Tristram teaches you how to use TXT records to stage payloads that can be retrieved through DNS lookups.
Sep 15, 2022
30 min read
Enterprise Security
The Importance of Skilled Security Practitioners: How Security Skillfulness Reflects on Your Security Posture
Read about how the skillfulness of your security practitioners can impact your overall cybersecurity program and posture.
Sep 12, 2022
3 min read
Exploit Development
Bypassing Intel CET with Counterfeit Objects
In this blog, we’ll briefly cover how CFI mitigations works, including CET, and how we can leverage COOP to effectively bypass Intel CET on the latest Windows releases.
Aug 25, 2022
13 min read
Community Spotlight
Offensive Security Online Community BBQ Event
Join our OffSec bbq event for the chance to win some swag! Make your favorite bbq meal and share photos on Discord. Pic with the most yums will be the winner.
Aug 19, 2022
11 min read
OffSec News
OSCP Bonus Points Update: Sunsetting PEN-200 Legacy Course Exercises and a New Way to Achieve Points!
Announcing changes to achieving OSCP Bonus Points and sunsetting of the PEN-200 legacy course exercises.
Aug 3, 2022
5 min read
Research & Tutorials
Introduction to Car Hacking: The CAN Bus
The CAN bus (Controller Area Network bus) is a central network that a vehicle communicates with its components. We can think of this in regard to the fact that the vehicle has many functions that operate via electrical signals. The car has door locks, a speedometer, a gas gauge, controls for the brakes, controls for the gas pedal, and many, MANY more.
Aug 1, 2022
21 min read
Join the OffSec Community!
Our community members connect, communicate and collaborate on all things cybersecurity.