Find OffSec training for your cybersecurity role or area of responsibility

The OffSec Learning Library has training for over ten cybersecurity job roles, and areas of responsibility. No matter your area of expertise, OffSec provides continuous learning training for any cybersecurity role.

Security Essentials Training

Develop fundamental cybersecurity skills through hands-on exercises, learning to identify vulnerabilities, mitigate risks, and defend against cyber attacks. Gain a comprehensive understanding of core security principles, essential tools, and best practices to protect systems and data.

Learning Paths (0)

Cloud Engineer & DevSecOps Training

Secure cloud computing environments against cyber threats and ensure these systems comply with various regulatory standards including integrating security in every phase of software development and operations.

Software Developer Training

Responsible for creating computer software, software developers conceptualize software solutions, write and test code, and ensure that the final product meets the needs of users.

IT Generalist Training

Keep systems updated with the latest software, and offer technical support to both in-house and remote users. IT generalists continually monitor network security, evaluate existing security programs, update antivirus software, and run scans to ensure network integrity.

Learning Paths (15)

Secure Software Development

Secure Software Development

Practical approach to integrating security into software design and implementation, vital for protecting digital assets.

Integrating Security into Software Development

Integrating Security into Software Development

Integrate security into every phase of the software development lifecycle from coding to deployment.

Practical Approach to Secure Software Development

Practical Approach to Secure Software Development

Fortify web applications and explore proven techniques to safeguard software and systems.

Intermediate Secure Development

Intermediate Secure Development

Tackle sophisticated attacks and elevate secure coding skills. Dive into configuration hardening, and vulnerability analysis to protect web applications with greater depth.

OffSec OWASP Top 10

OffSec OWASP Top 10

Explore OWASP’s critical risks, from Injection flaws to Broken Authentication. Gain insight into defending against Cross-Site Scripting and Insecure Deserialization.

Exploit Development Essentials

Exploit Development Essentials

Teaches the basics of various operating systems and their vulnerabilities. Including, essential scripting skills with Python, Bash, and other tools. In addition, students learn techniques for analyzing and writing exploits.

Security Operations Essentials

Security Operations Essentials

Build strong fundamentals for security operations. Equip learners with fundamental skills for defensive cybersecurity challenges.

Network Penetration Testing Essentials

Network Penetration Testing Essentials

Get a comprehensive introduction to information security concepts and hands-on experience with tools and techniques. Understanding the basics of Linux and Windows systems and dive into scripting, networking, and cryptography.

MITRE ATT&CK Training

MITRE ATT&CK Training

Aligned with the MITRE ATT&CK framework, This learning path covers nearly 70% of the skills required to match the entire attack framework including tactics like, Reconnaissance, Resource Development, Initial Access and eight more!

MITRE D3FEND Training

MITRE D3FEND Training

3 learning paths that Build your team's defensive skill sets and address cybersecurity countermeasure components and capabilities for these three techniques.

Internet of Things (IoT) Training

Internet of Things (IoT) Training

Embark on a journey into the world of embedded systems and gain a holistic understanding of their design, components, and inner workings.

Web System Administration

Web System Administration

Build secure web infrastructure. Master web server hardening, secure coding techniques, database protection, and TLS/PKI. Take our OffSec Web System Administration Learning Path

Windows System Administration

Windows System Administration

Develop Windows system administration skills and harden infrastructure against attacks. Learn secure configuration, Active Directory, IIS, MSSQL, and more.

UNIX System Administration

UNIX System Administration

Develop UNIX system administration skills and harden infrastructure against attacks. Learn to configure Debian and macOS, harden the nginx web server, and utilize advanced security controls like SELinux and AppArmor. 

DevSecOps Essentials

DevSecOps Essentials

Master threat hunting fundamentals to protect your organization. Learn threat actor analysis, network/endpoint investigation, custom hunting techniques and more.

Network Penetration Tester Training

Simulate cyber attacks on computer systems, networks, or applications in a controlled environment. In order to identify vulnerabilities and weaknesses to assess the security posture of a target system. Pen testers help organizations understand and rectify their vulnerabilities before malicious hackers can exploit them.

Web Application Tester Training

Web application testers conduct tests on software applications, network hardware, and cloud-based systems to identify vulnerabilities.

Exploit Developer/Security Researcher/Threat Intelligence Training

An exploit developer (aka: Security researcher, aka: Threat Intelligence) is an individual who identifies and investigates vulnerabilities in software or systems with the intent of enhancing security. Once a vulnerability is discovered, the exploit developer writes code, known as an "exploit," to demonstrate how the vulnerability can be taken advantage of. This code serves as a proof-of-concept to validate the existence and potential impact of the vulnerability.

SOC Analyst Training

As a Security Operations Center (SOC) analyst, you are responsible for monitoring, detecting, and responding to cybersecurity threats and incidents within an organization. SOC analysts are at the front lines of an organization's defense against cyberattacks and play a pivotal role in maintaining its overall security posture.

Digital Forensics & Incident Responder (DFIR) Training

Manage and mitigate security incidents within an organization. Identify, assess, and respond to security breaches, cyberattacks, or other incidents that could potentially compromise the confidentiality, integrity, or availability of an organization's data and systems.

Threat Hunter Training

Proactively and methodically search through computer networks, endpoints, and datasets of organizations to detect and isolate advanced threats that conventional security solutions might miss.

System Administrator Training

A system administrator manages and maintains the daily operations of computer systems and networks, ensuring that hardware and software function smoothly and efficiently. They play a crucial role in implementing and enforcing cybersecurity measures to protect data from unauthorized access and cyber threats. This focus on cybersecurity is vital because it safeguards sensitive information and maintains the integrity and reliability of the technological infrastructure on which organizations depend.

Learning Paths (13)

Secure Software Development

Secure Software Development

Practical approach to integrating security into software design and implementation, vital for protecting digital assets.

Integrating Security into Software Development

Integrating Security into Software Development

Integrate security into every phase of the software development lifecycle from coding to deployment.

Practical Approach to Secure Software Development

Practical Approach to Secure Software Development

Fortify web applications and explore proven techniques to safeguard software and systems.

Intermediate Secure Development

Intermediate Secure Development

Tackle sophisticated attacks and elevate secure coding skills. Dive into configuration hardening, and vulnerability analysis to protect web applications with greater depth.

OffSec OWASP Top 10

OffSec OWASP Top 10

Explore OWASP’s critical risks, from Injection flaws to Broken Authentication. Gain insight into defending against Cross-Site Scripting and Insecure Deserialization.

Exploit Development Essentials

Exploit Development Essentials

Teaches the basics of various operating systems and their vulnerabilities. Including, essential scripting skills with Python, Bash, and other tools. In addition, students learn techniques for analyzing and writing exploits.

Security Operations Essentials

Security Operations Essentials

Build strong fundamentals for security operations. Equip learners with fundamental skills for defensive cybersecurity challenges.

Network Penetration Testing Essentials

Network Penetration Testing Essentials

Get a comprehensive introduction to information security concepts and hands-on experience with tools and techniques. Understanding the basics of Linux and Windows systems and dive into scripting, networking, and cryptography.

MITRE ATT&CK Training

MITRE ATT&CK Training

Aligned with the MITRE ATT&CK framework, This learning path covers nearly 70% of the skills required to match the entire attack framework including tactics like, Reconnaissance, Resource Development, Initial Access and eight more!

MITRE D3FEND Training

MITRE D3FEND Training

3 learning paths that Build your team's defensive skill sets and address cybersecurity countermeasure components and capabilities for these three techniques.

Web System Administration

Web System Administration

Build secure web infrastructure. Master web server hardening, secure coding techniques, database protection, and TLS/PKI. Take our OffSec Web System Administration Learning Path

Windows System Administration

Windows System Administration

Develop Windows system administration skills and harden infrastructure against attacks. Learn secure configuration, Active Directory, IIS, MSSQL, and more.

UNIX System Administration

UNIX System Administration

Develop UNIX system administration skills and harden infrastructure against attacks. Learn to configure Debian and macOS, harden the nginx web server, and utilize advanced security controls like SELinux and AppArmor.