Become a Partner
Add OffSec to your list of training providers
Partner with us
OffSec Wins Seven Global InfoSec Awards during RSA Conference 2024
Read blogFind OffSec training for your cybersecurity role or area of responsibility
The OffSec Learning Library has training for over ten cybersecurity job roles, and areas of responsibility. No matter your area of expertise, OffSec provides continuous learning training for any cybersecurity role.
Network Penetration Tester Training
Simulate cyber attacks on computer systems, networks, or applications in a controlled environment. In order to identify vulnerabilities and weaknesses to assess the security posture of a target system. Pen testers help organizations understand and rectify their vulnerabilities before malicious hackers can exploit them.
Courses (3)
PEN-200
Penetration Testing with Kali Linux
Introduce penetration testing methodology, tools, and techniques in a hands-on, self-paced environment.
OSCP Certification
PEN-210
Foundational Wireless Network Attacks
Audit and secure wireless devices and is a foundational course alongside PEN-200 and benefits those who would like to gain more skills in network security.
OSWP Certification
PEN-300
Advanced Evasion Techniques and Breaching Defenses
Perform advanced penetration tests against mature organizations and focus on bypassing advanced security mechanisms.
OSEP Certification
Learning Paths (4)
Network Penetration Testing Essentials
Get a comprehensive introduction to information security concepts and hands-on experience with tools and techniques. Understanding the basics of Linux and Windows systems and dive into scripting, networking, and cryptography.
Red Teaming
Learn advanced techniques to emulate real-world adversaries. Master event tracing, obscure Windows event logs, and execute stealthy process injection to refine your Red Team arsenal.
Offensive Cloud Security Training
Learn to outsmart attackers and proactively defend your cloud assets in this learning path. Delve into sophisticated cloud penetration testing, CI/CD pipeline exploitation, and container escape techniques.
MITRE ATT&CK Training
Aligned with the MITRE ATT&CK framework, This learning path covers nearly 70% of the skills required to match the entire attack framework including tactics like, Reconnaissance, Resource Development, Initial Access and eight more!
Web Application Tester Training
Web application testers conduct tests on software applications, network hardware, and cloud-based systems to identify vulnerabilities.
Courses (2)
WEB-200
Foundational Web Application Assessment with Kali Linux
Discover and exploit common web vulnerabilities on modern applications and exfiltrate sensitive data from applications.
OSWA Certification
WEB-300
Advanced Web Attacks and Exploitation
Learn the skills needed to conduct white box web app penetration tests.
OSWE Certification
Exploit Developer/Security Researcher/Threat Intelligence Training
An exploit developer (aka: Security researcher, aka: Threat Intelligence) is an individual who identifies and investigates vulnerabilities in software or systems with the intent of enhancing security. Once a vulnerability is discovered, the exploit developer writes code, known as an "exploit," to demonstrate how the vulnerability can be taken advantage of. This code serves as a proof-of-concept to validate the existence and potential impact of the vulnerability.
Courses (3)
EXP-301
Windows User Mode Exploit Development
Learn the basics of modern exploit development and security research. Start with basic buffer overflow attacks and crack the critical security mitigation protecting enterprises.
OSED Certification
EXP-312
Advanced macOS Control Bypasses
An offensive logical exploit development course for macOS, focusing on local privilege escalation and bypassing the operating system’s defenses.
OSMR Certification
EXP-401
Advanced Windows Exploitation
Offensive logical exploit development course for macOS, focusing on local privilege escalation and bypassing the operating system’s defenses.
OSEE Certification
SOC Analyst Training
As a Security Operations Center (SOC) analyst, you are responsible for monitoring, detecting, and responding to cybersecurity threats and incidents within an organization. SOC analysts are at the front lines of an organization's defense against cyberattacks and play a pivotal role in maintaining its overall security posture.
Learning Paths (4)
Security Operations Essentials
Build strong fundamentals for security operations. Equip learners with fundamental skills for defensive cybersecurity challenges.
Web System Administration
Build secure web infrastructure. Master web server hardening, secure coding techniques, database protection, and TLS/PKI. Take our OffSec Web System Administration Learning Path
Windows System Administration
Develop Windows system administration skills and harden infrastructure against attacks. Learn secure configuration, Active Directory, IIS, MSSQL, and more.
UNIX System Administration
Develop UNIX system administration skills and harden infrastructure against attacks. Learn to configure Debian and macOS, harden the nginx web server, and utilize advanced security controls like SELinux and AppArmor.
Digital Forensics & Incident Responder (DFIR) Training
Manage and mitigate security incidents within an organization. Identify, assess, and respond to security breaches, cyberattacks, or other incidents that could potentially compromise the confidentiality, integrity, or availability of an organization's data and systems.
Threat Hunter Training
Proactively and methodically search through computer networks, endpoints, and datasets of organizations to detect and isolate advanced threats that conventional security solutions might miss.
Cloud Engineer & DevSecOps Training
Secure cloud computing environments against cyber threats and ensure these systems comply with various regulatory standards including integrating security in every phase of software development and operations.
Learning Paths (4)
Introduction to Cloud Security
Understand and apply the fundamentals of cloud security, from Cloud Architecture and Container Technology to mastering essential security controls.
Cloud Essentials Security Training
Strengthen your cloud security proficiency with an emphasis on secure cloud practices. Develop a security-centric understanding of essential cloud technologies to confidently tackle real-world cloud challenges.
Offensive Cloud Security Training
Learn to outsmart attackers and proactively defend your cloud assets in this learning path. Delve into sophisticated cloud penetration testing, CI/CD pipeline exploitation, and container escape techniques.
Git Operations Training
Use Git effectively, build security perspectives on Git, and practice Git hands-on. Whether you're a developer, DevOps engineer, security engineer, or in another technical role, you'll benefit from a solid understanding of Git.
Software Developer Training
Responsible for creating computer software, software developers conceptualize software solutions, write and test code, and ensure that the final product meets the needs of users.
Learning Paths (5)
Secure Software Development
Practical approach to integrating security into software design and implementation, vital for protecting digital assets.
Integrating Security into Software Development
Integrate security into every phase of the software development lifecycle from coding to deployment.
Practical Approach to Secure Software Development
Fortify web applications and explore proven techniques to safeguard software and systems.
Intermediate Secure Development
Tackle sophisticated attacks and elevate secure coding skills. Dive into configuration hardening, and vulnerability analysis to protect web applications with greater depth.
OffSec OWASP Top 10
Explore OWASP’s critical risks, from Injection flaws to Broken Authentication. Gain insight into defending against Cross-Site Scripting and Insecure Deserialization.
IT Generalist Training
Keep systems updated with the latest software, and offer technical support to both in-house and remote users. IT generalists continually monitor network security, evaluate existing security programs, update antivirus software, and run scans to ensure network integrity.
Learning Paths (14)
Secure Software Development
Practical approach to integrating security into software design and implementation, vital for protecting digital assets.
Integrating Security into Software Development
Integrate security into every phase of the software development lifecycle from coding to deployment.
Practical Approach to Secure Software Development
Fortify web applications and explore proven techniques to safeguard software and systems.
Intermediate Secure Development
Tackle sophisticated attacks and elevate secure coding skills. Dive into configuration hardening, and vulnerability analysis to protect web applications with greater depth.
OffSec OWASP Top 10
Explore OWASP’s critical risks, from Injection flaws to Broken Authentication. Gain insight into defending against Cross-Site Scripting and Insecure Deserialization.
Exploit Development Essentials
Teaches the basics of various operating systems and their vulnerabilities. Including, essential scripting skills with Python, Bash, and other tools. In addition, students learn techniques for analyzing and writing exploits.
Security Operations Essentials
Build strong fundamentals for security operations. Equip learners with fundamental skills for defensive cybersecurity challenges.
Network Penetration Testing Essentials
Get a comprehensive introduction to information security concepts and hands-on experience with tools and techniques. Understanding the basics of Linux and Windows systems and dive into scripting, networking, and cryptography.
MITRE ATT&CK Training
Aligned with the MITRE ATT&CK framework, This learning path covers nearly 70% of the skills required to match the entire attack framework including tactics like, Reconnaissance, Resource Development, Initial Access and eight more!
MITRE D3FEND Training
3 learning paths that Build your team's defensive skill sets and address cybersecurity countermeasure components and capabilities for these three techniques.
Internet of Things (IoT) Training
Embark on a journey into the world of embedded systems and gain a holistic understanding of their design, components, and inner workings.
Web System Administration
Build secure web infrastructure. Master web server hardening, secure coding techniques, database protection, and TLS/PKI. Take our OffSec Web System Administration Learning Path
Windows System Administration
Develop Windows system administration skills and harden infrastructure against attacks. Learn secure configuration, Active Directory, IIS, MSSQL, and more.
UNIX System Administration
Develop UNIX system administration skills and harden infrastructure against attacks. Learn to configure Debian and macOS, harden the nginx web server, and utilize advanced security controls like SELinux and AppArmor.
System Administrator Training
A system administrator manages and maintains the daily operations of computer systems and networks, ensuring that hardware and software function smoothly and efficiently. They play a crucial role in implementing and enforcing cybersecurity measures to protect data from unauthorized access and cyber threats. This focus on cybersecurity is vital because it safeguards sensitive information and maintains the integrity and reliability of the technological infrastructure on which organizations depend.
Learning Paths (13)
Secure Software Development
Practical approach to integrating security into software design and implementation, vital for protecting digital assets.
Integrating Security into Software Development
Integrate security into every phase of the software development lifecycle from coding to deployment.
Practical Approach to Secure Software Development
Fortify web applications and explore proven techniques to safeguard software and systems.
Intermediate Secure Development
Tackle sophisticated attacks and elevate secure coding skills. Dive into configuration hardening, and vulnerability analysis to protect web applications with greater depth.
OffSec OWASP Top 10
Explore OWASP’s critical risks, from Injection flaws to Broken Authentication. Gain insight into defending against Cross-Site Scripting and Insecure Deserialization.
Exploit Development Essentials
Teaches the basics of various operating systems and their vulnerabilities. Including, essential scripting skills with Python, Bash, and other tools. In addition, students learn techniques for analyzing and writing exploits.
Security Operations Essentials
Build strong fundamentals for security operations. Equip learners with fundamental skills for defensive cybersecurity challenges.
Network Penetration Testing Essentials
Get a comprehensive introduction to information security concepts and hands-on experience with tools and techniques. Understanding the basics of Linux and Windows systems and dive into scripting, networking, and cryptography.
MITRE ATT&CK Training
Aligned with the MITRE ATT&CK framework, This learning path covers nearly 70% of the skills required to match the entire attack framework including tactics like, Reconnaissance, Resource Development, Initial Access and eight more!
MITRE D3FEND Training
3 learning paths that Build your team's defensive skill sets and address cybersecurity countermeasure components and capabilities for these three techniques.
Web System Administration
Build secure web infrastructure. Master web server hardening, secure coding techniques, database protection, and TLS/PKI. Take our OffSec Web System Administration Learning Path
Windows System Administration
Develop Windows system administration skills and harden infrastructure against attacks. Learn secure configuration, Active Directory, IIS, MSSQL, and more.
UNIX System Administration
Develop UNIX system administration skills and harden infrastructure against attacks. Learn to configure Debian and macOS, harden the nginx web server, and utilize advanced security controls like SELinux and AppArmor.