
Jul 11, 2019
Come see OffSec at BlackHat in Vegas
For those planning on attending Black Hat in Las Vegas on August 3-8, come stop by our booth (#2604) in the Business Hall — which will be available August 7-8. Members from many different teams of OffSec will be there and would love to meet you! Rumors are swirling that we’ll also be handing out special Challenge Coins to visitors that Try Harder… so make sure to stop by.
OffSec Booth
For those planning on attending Black Hat in Las Vegas on August 3-8, come stop by our booth (#2604) in the Business Hall — which will be available August 7-8. Members from many different teams of OffSec will be there and would love to meet you! Rumors are swirling that we’ll also be handing out special Challenge Coins to visitors that Try Harder… so make sure to stop by.
Trainings & Workshops
We’ll also be conducting several different trainings from August 3-6, and we hope to see you at those as well. Unfortunately these have already sold out, but you can find the attached workshops below. If you’re unable to attend a training — we’ll miss you! — you can always sign up for an Offensive Security course here.
Black Hat Workshops:
- Advanced Web Attacks and Exploitation
- Advanced Windows Exploitation
- Penetration Testing with Kali Linux
If you haven’t purchased tickets yet for Black Hat…don’t worry, you can still purchase them here.
Stay in the know: Become an OffSec Insider
Get the latest updates about resources, events & promotions from OffSec!
Latest from OffSec

Research & Tutorials
CVE-2024-39914 – Unauthenticated Command Injection in FOG Project’s export.php
Discover details about CVE-2024-39914, a critical unauthenticated command injection vulnerability in FOG Project ≤ 1.5.10.34. Learn how attackers can exploit export.php to execute system commands or deploy persistent webshells.
Jun 26, 2025
2 min read

OffSec News
What It Really Means to “Try Harder”
Discover how OffSec’s “Try Harder” mantra evolved into a mindset, and how it helps learners build grit, creativity, and real-world problem-solving skills.
Jun 23, 2025
7 min read

Research & Tutorials
CVE-2025-3248 – Unauthenticated Remote Code Execution in Langflow via Insecure Python exec Usage
CVE-2025-3248 is a critical RCE vulnerability in Langflow that allows unauthenticated attackers to execute arbitrary Python code via unsanitized input to exec(). Learn how it works and how to protect your system.
Jun 18, 2025
2 min read