Find OffSec training for your cybersecurity role or area of responsibility
The OffSec Learning Library has training for critical cybersecurity job roles. No matter your area of expertise, OffSec provides continuous training to keep your organization secure.
Offensive Security
Defensive Security
Secure Development
IT Team cybersecurity
Entry-level
Essentials
Intermediate
Advanced
= Course Certification
= Learning Path Badge
Security Essentials Training
Develop fundamental cybersecurity skills through hands-on exercises, learning to identify vulnerabilities, mitigate risks, and defend against cyber attacks. Gain a comprehensive understanding of core security principles, essential tools, and best practices to protect systems and data.
Cloud Engineer & DevSecOps Training
Secure cloud computing environments against cyber threats and ensure these systems comply with various regulatory standards including integrating security in every phase of software development and operations.
Learning Paths (5)
Introduction to Cloud Security
Understand and apply the fundamentals of cloud security, from Cloud Architecture and Container Technology to mastering essential security controls.
Cloud Essentials Security Training
Strengthen your cloud security proficiency with an emphasis on secure cloud practices. Develop a security-centric understanding of essential cloud technologies to confidently tackle real-world cloud challenges.
Offensive Cloud Foundations
Learn to outsmart attackers and proactively defend your cloud assets in this learning path. Delve into sophisticated cloud penetration testing, CI/CD pipeline exploitation, and container escape techniques.
GitOps Essentials
Use Git effectively, build security perspectives on Git, and practice Git hands-on. Whether you're a developer, DevOps engineer, security engineer, or in another technical role, you'll benefit from a solid understanding of Git.
DevSecOps Essentials
Modern development demands security integrated into DevOps processes. Automate infrastructure with security in mind, optimize workflows, and accelerate software delivery.
Software Developer Training
Responsible for creating computer software, software developers conceptualize software solutions, write and test code, and ensure that the final product meets the needs of users.
Learning Paths (5)
Introduction to Secure Software Development
Practical approach to integrating security into software design and implementation, vital for protecting digital assets.
Secure Software Development Essentials
Integrate security into every phase of the software development lifecycle from coding to deployment.
Intermediate Secure Software Development I
Fortify web applications and explore proven techniques to safeguard software and systems.
Intermediate Secure Software Development II
Tackle sophisticated attacks and elevate secure coding skills. Dive into configuration hardening, and vulnerability analysis to protect web applications with greater depth.
OWASP Top 10 - 2021 Essentials
Explore OWASP’s critical risks, from Injection flaws to Broken Authentication. Gain insight into defending against Cross-Site Scripting and Insecure Deserialization.
IT Generalist Training
Keep systems updated with the latest software, and offer technical support to both in-house and remote users. IT generalists continually monitor network security, evaluate existing security programs, update antivirus software, and run scans to ensure network integrity.
Learning Paths (15)
Introduction to Secure Software Development
Practical approach to integrating security into software design and implementation, vital for protecting digital assets.
Secure Software Development Essentials
Integrate security into every phase of the software development lifecycle from coding to deployment.
Intermediate Secure Software Development I
Fortify web applications and explore proven techniques to safeguard software and systems.
Intermediate Secure Software Development II
Tackle sophisticated attacks and elevate secure coding skills. Dive into configuration hardening, and vulnerability analysis to protect web applications with greater depth.
OWASP Top 10 - 2021 Essentials
Explore OWASP’s critical risks, from Injection flaws to Broken Authentication. Gain insight into defending against Cross-Site Scripting and Insecure Deserialization.
Exploit Development Essentials
Teaches the basics of various operating systems and their vulnerabilities. Including, essential scripting skills with Python, Bash, and other tools. In addition, students learn techniques for analyzing and writing exploits.
Security Operations Essentials
Build strong fundamentals for security operations. Equip learners with fundamental skills for defensive cybersecurity challenges.
Network Penetration Testing Essentials
Get a comprehensive introduction to information security concepts and hands-on experience with tools and techniques. Understanding the basics of Linux and Windows systems and dive into scripting, networking, and cryptography.
MITRE ATT&CK Training
Aligned with the MITRE ATT&CK framework, This learning path covers nearly 70% of the skills required to match the entire attack framework including tactics like, Reconnaissance, Resource Development, Initial Access and eight more!
MITRE D3FEND Training
3 learning paths that Build your team's defensive skill sets and address cybersecurity countermeasure components and capabilities for these three techniques.
Internet of Things (IoT) Essentials
Embark on a journey into the world of embedded systems and gain a holistic understanding of their design, components, and inner workings.
Web System Administration Foundations
Build secure web infrastructure. Master web server hardening, secure coding techniques, database protection, and TLS/PKI. Take our OffSec Web System Administration Learning Path
Windows System Administration Foundations
Develop Windows system administration skills and harden infrastructure against attacks. Learn secure configuration, Active Directory, IIS, MSSQL, and more.
UNIX System Administration Foundations
Develop UNIX system administration skills and harden infrastructure against attacks. Learn to configure Debian and macOS, harden the nginx web server, and utilize advanced security controls like SELinux and AppArmor.
DevSecOps Essentials
Modern development demands security integrated into DevOps processes. Automate infrastructure with security in mind, optimize workflows, and accelerate software delivery.
Network Penetration Tester Training
Simulate cyber attacks on computer systems, networks, or applications in a controlled environment. In order to identify vulnerabilities and weaknesses to assess the security posture of a target system. Pen testers help organizations understand and rectify their vulnerabilities before malicious hackers can exploit them.
Courses (3)
PEN-200
Penetration Testing with Kali Linux
Introduce penetration testing methodology, tools, and techniques in a hands-on, self-paced environment.
OSCP & OSCP+ Certification
PEN-210
Foundational Wireless Network Attacks
Audit and secure wireless devices and is a foundational course alongside PEN-200 and benefits those who would like to gain more skills in network security.
OSWP Certification
PEN-300
Advanced Evasion Techniques and Breaching Defenses
Perform advanced penetration tests against mature organizations and focus on bypassing advanced security mechanisms.
OSEP Certification
Learning Paths (4)
Network Penetration Testing Essentials
Get a comprehensive introduction to information security concepts and hands-on experience with tools and techniques. Understanding the basics of Linux and Windows systems and dive into scripting, networking, and cryptography.
Red Teaming
Learn advanced techniques to emulate real-world adversaries. Master event tracing, obscure Windows event logs, and execute stealthy process injection to refine your Red Team arsenal.
Offensive Cloud Foundations
Learn to outsmart attackers and proactively defend your cloud assets in this learning path. Delve into sophisticated cloud penetration testing, CI/CD pipeline exploitation, and container escape techniques.
MITRE ATT&CK Training
Aligned with the MITRE ATT&CK framework, This learning path covers nearly 70% of the skills required to match the entire attack framework including tactics like, Reconnaissance, Resource Development, Initial Access and eight more!
Web Application Tester Training
Web application testers conduct tests on software applications, network hardware, and cloud-based systems to identify vulnerabilities.
Courses (2)
WEB-200
Foundational Web Application Assessment with Kali Linux
Discover and exploit common web vulnerabilities on modern applications and exfiltrate sensitive data from applications.
OSWA Certification
WEB-300
Advanced Web Attacks and Exploitation
Learn the skills needed to conduct white box web app penetration tests.
OSWE Certification
Exploit Developer/Security Researcher/Threat Intelligence Training
An exploit developer (aka: Security researcher, aka: Threat Intelligence) is an individual who identifies and investigates vulnerabilities in software or systems with the intent of enhancing security. Once a vulnerability is discovered, the exploit developer writes code, known as an "exploit," to demonstrate how the vulnerability can be taken advantage of. This code serves as a proof-of-concept to validate the existence and potential impact of the vulnerability.
Courses (3)
EXP-301
Windows User Mode Exploit Development
Learn the basics of modern exploit development and security research. Start with basic buffer overflow attacks and crack the critical security mitigation protecting enterprises.
OSED Certification
EXP-312
Advanced macOS Control Bypasses
An offensive logical exploit development course for macOS, focusing on local privilege escalation and bypassing the operating system’s defenses.
OSMR Certification
EXP-401
Advanced Windows Exploitation
Offensive logical exploit development course for macOS, focusing on local privilege escalation and bypassing the operating system’s defenses.
OSEE Certification
SOC Analyst Training
As a Security Operations Center (SOC) analyst, you are responsible for monitoring, detecting, and responding to cybersecurity threats and incidents within an organization. SOC analysts are at the front lines of an organization's defense against cyberattacks and play a pivotal role in maintaining its overall security posture.
Learning Paths (5)
Security Operations Essentials
Build strong fundamentals for security operations. Equip learners with fundamental skills for defensive cybersecurity challenges.
Web System Administration Foundations
Build secure web infrastructure. Master web server hardening, secure coding techniques, database protection, and TLS/PKI. Take our OffSec Web System Administration Learning Path
Windows System Administration Foundations
Develop Windows system administration skills and harden infrastructure against attacks. Learn secure configuration, Active Directory, IIS, MSSQL, and more.
UNIX System Administration Foundations
Develop UNIX system administration skills and harden infrastructure against attacks. Learn to configure Debian and macOS, harden the nginx web server, and utilize advanced security controls like SELinux and AppArmor.
Vulnerability Management Foundations
Strengthen your organization's security posture with OffSec's hands-on vulnerability management training. Learn to proactively identify and mitigate risks.
Digital Forensics & Incident Responder (DFIR) Training
Manage and mitigate security incidents within an organization. Identify, assess, and respond to security breaches, cyberattacks, or other incidents that could potentially compromise the confidentiality, integrity, or availability of an organization's data and systems.
Threat Hunter Training
Proactively and methodically search through computer networks, endpoints, and datasets of organizations to detect and isolate advanced threats that conventional security solutions might miss.
System Administrator Training
A system administrator manages and maintains the daily operations of computer systems and networks, ensuring that hardware and software function smoothly and efficiently. They play a crucial role in implementing and enforcing cybersecurity measures to protect data from unauthorized access and cyber threats. This focus on cybersecurity is vital because it safeguards sensitive information and maintains the integrity and reliability of the technological infrastructure on which organizations depend.
Learning Paths (13)
Introduction to Secure Software Development
Practical approach to integrating security into software design and implementation, vital for protecting digital assets.
Secure Software Development Essentials
Integrate security into every phase of the software development lifecycle from coding to deployment.
Intermediate Secure Software Development I
Fortify web applications and explore proven techniques to safeguard software and systems.
Intermediate Secure Software Development II
Tackle sophisticated attacks and elevate secure coding skills. Dive into configuration hardening, and vulnerability analysis to protect web applications with greater depth.
OWASP Top 10 - 2021 Essentials
Explore OWASP’s critical risks, from Injection flaws to Broken Authentication. Gain insight into defending against Cross-Site Scripting and Insecure Deserialization.
Exploit Development Essentials
Teaches the basics of various operating systems and their vulnerabilities. Including, essential scripting skills with Python, Bash, and other tools. In addition, students learn techniques for analyzing and writing exploits.
Security Operations Essentials
Build strong fundamentals for security operations. Equip learners with fundamental skills for defensive cybersecurity challenges.
Network Penetration Testing Essentials
Get a comprehensive introduction to information security concepts and hands-on experience with tools and techniques. Understanding the basics of Linux and Windows systems and dive into scripting, networking, and cryptography.
MITRE ATT&CK Training
Aligned with the MITRE ATT&CK framework, This learning path covers nearly 70% of the skills required to match the entire attack framework including tactics like, Reconnaissance, Resource Development, Initial Access and eight more!
MITRE D3FEND Training
3 learning paths that Build your team's defensive skill sets and address cybersecurity countermeasure components and capabilities for these three techniques.
Web System Administration Foundations
Build secure web infrastructure. Master web server hardening, secure coding techniques, database protection, and TLS/PKI. Take our OffSec Web System Administration Learning Path
Windows System Administration Foundations
Develop Windows system administration skills and harden infrastructure against attacks. Learn secure configuration, Active Directory, IIS, MSSQL, and more.
UNIX System Administration Foundations
Develop UNIX system administration skills and harden infrastructure against attacks. Learn to configure Debian and macOS, harden the nginx web server, and utilize advanced security controls like SELinux and AppArmor.