Home OffSec
  • Pricing
Get started Sign in Search Contact us
Blog | OffSec

Blog

News and updates from OffSec

The AWAE/OSWE Journey: A Review

Apr 14, 2020

The AWAE/OSWE Journey: A Review

Donavan Cheah gives us some of his thoughts on the subject of penetration testing, and his journey with the AWAE course in particular.

Read more
Customizing Kali Linux

Kali Linux

Customizing Kali Linux

One of the designers on the Kali Linux team shares his top tips and tools to customize Kali Linux. Dig in under the hood with Daniel Ruiz de Alegría.

Mar 31, 2020

12 min read

Attacking the Web: The Offensive Security Way

Web App Security

Attacking the Web: The Offensive Security Way

OffSec student 0xklaue wrote this review of Advanced Web Attacks and Exploitation and the OSWE exam. Find out how to prepare and what you need to know.

Mar 24, 2020

8 min read

Playbook for Running a Global Work-from-Home Company

Enterprise Security

Playbook for Running a Global Work-from-Home Company

With people located in over 24 countries, we’ve been working from our homes since our founding in 2006. Here’s five tips on how to run a distributed team effectively.

Mar 17, 2020

11 min read

Information Security Training Paths at OffSec

Insights

Information Security Training Paths at OffSec

Find out where to start with OffSec’s information security training courses. We outline our learning paths to certification and career development.

Mar 12, 2020

7 min read

PWK: All New for 2020

Penetration Testing

PWK: All New for 2020

Penetration Testing with Kali Linux (PWK) has gotten a massive overhaul for 2020. Find out what’s new in Offensive Security’s foundational pentesting course.

Feb 11, 2020

6 min read

Student Spotlight: Mindset and Community with Suhyun Smith, OSCP

Community Spotlight

Student Spotlight: Mindset and Community with Suhyun Smith, OSCP

Learn how dedication, mindset, and community empowered Suhyun Smith in her OSCP certification journey, and get her tips for success.

Jan 7, 2020

4 min read

Student Spotlight: Meet Mihai, a 16 year old OSCP holder

Community Spotlight

Student Spotlight: Meet Mihai, a 16 year old OSCP holder

Meet Mihai, a 16 year old OSCP holder and PWK graduate out of Romania. Read more about his tremendous start and journey into infosec.

Dec 10, 2019

3 min read

Student Spotlight: Flood Survivor and OSCP Graduate

Community Spotlight

Student Spotlight: Flood Survivor and OSCP Graduate

OffSec student Christopher M Downs takes trying harder to another level: completing (and passing) his OSCP exam in the middle of a New Orleans flood. Read more about Christopher’s inspiring journey.

Nov 27, 2019

4 min read

My OSCP Guide: A Philosophical Approach

Community Spotlight

My OSCP Guide: A Philosophical Approach

Samuel Whang, a PWK graduate, details his recommendations and a unique philosophical approach for those looking to pursue their OSCP. This article originally appeared on Sep 24, 2019, posted by Samuel Whang. It has been posted with minor edits, with permission from the author. Original post: https://medium.com/@klockw3rk/my-oscp-guide-a-philosophical-approach-a98232bc818

Oct 17, 2019

4 min read

Understanding the Fundamentals of Securing Web Applications

Web App Security

Understanding the Fundamentals of Securing Web Applications

Web application security can be a rewarding career path. However, the web application security space, and cybersecurity industry as a whole, lives in a constant state of change. An unrelenting curiosity and passion for lifelong learning is mandatory for anyone seeking to specialize in this niche. Here are some fundamentals to help you pursue these skills.

Oct 8, 2019

7 min read

Analyzing a Creative Attack Chain Used to Compromise a Web Application

Research & Tutorials

Analyzing a Creative Attack Chain Used to Compromise a Web Application

In this piece, we’ll analyze a creative scenario where a malicious actor can use an attack chain to exploit a web application via Simple Network Management Protocol (SNMP) > Cross-site scripting (XSS) > Remote Code Execution (RCE).

Sep 3, 2019

5 min read

5 Best Practices for Web Application Security

Enterprise Security

5 Best Practices for Web Application Security

When it comes to web application security, there are many measures you can implement to reduce the chances of an intruder stealing sensitive data, injecting malware into a webpage, or public defacement. As more and more organizations transition their business operations to web applications, security in the development process can no longer be an afterthought. Whether it’s a code injection, privilege escalation, DDoS attack, or a vulnerable element, bad actors are constantly looking for creative ways to manipulate exploits for personal gain. We’ve rounded up our top five (5) best practices to help you fortify your application security.

Aug 20, 2019

6 min read

Showing 313 - 324 of 471 entries

Join the OffSec community

Our community members connect, communicate, and collaborate on all things cybersecurity