Become a Partner
Add OffSec to your list of training providers
Partner with usOffSec Wins Seven Global InfoSec Awards during RSA Conference 2024
Read blogThe OffSec Learning Library has training for over ten cybersecurity job roles, and areas of responsibility. No matter your area of expertise, OffSec provides continuous learning training for any cybersecurity role.
Simulate cyber attacks on computer systems, networks, or applications in a controlled environment. In order to identify vulnerabilities and weaknesses to assess the security posture of a target system. Pen testers help organizations understand and rectify their vulnerabilities before malicious hackers can exploit them.
Introduce penetration testing methodology, tools, and techniques in a hands-on, self-paced environment.
OSCP Certification
Audit and secure wireless devices and is a foundational course alongside PEN-200 and benefits those who would like to gain more skills in network security.
OSWP Certification
Perform advanced penetration tests against mature organizations and focus on bypassing advanced security mechanisms.
OSEP Certification
Get a comprehensive introduction to information security concepts and hands-on experience with tools and techniques. Understanding the basics of Linux and Windows systems and dive into scripting, networking, and cryptography.
Learn advanced techniques to emulate real-world adversaries. Master event tracing, obscure Windows event logs, and execute stealthy process injection to refine your Red Team arsenal.
Learn to outsmart attackers and proactively defend your cloud assets in this learning path. Delve into sophisticated cloud penetration testing, CI/CD pipeline exploitation, and container escape techniques.
Aligned with the MITRE ATT&CK framework, This learning path covers nearly 70% of the skills required to match the entire attack framework including tactics like, Reconnaissance, Resource Development, Initial Access and eight more!
Web application testers conduct tests on software applications, network hardware, and cloud-based systems to identify vulnerabilities.
Discover and exploit common web vulnerabilities on modern applications and exfiltrate sensitive data from applications.
OSWA Certification
Learn the skills needed to conduct white box web app penetration tests.
OSWE Certification
An exploit developer (aka: Security researcher, aka: Threat Intelligence) is an individual who identifies and investigates vulnerabilities in software or systems with the intent of enhancing security. Once a vulnerability is discovered, the exploit developer writes code, known as an "exploit," to demonstrate how the vulnerability can be taken advantage of. This code serves as a proof-of-concept to validate the existence and potential impact of the vulnerability.
Learn the basics of modern exploit development and security research. Start with basic buffer overflow attacks and crack the critical security mitigation protecting enterprises.
OSED Certification
An offensive logical exploit development course for macOS, focusing on local privilege escalation and bypassing the operating system’s defenses.
OSMR Certification
Offensive logical exploit development course for macOS, focusing on local privilege escalation and bypassing the operating system’s defenses.
OSEE Certification
As a Security Operations Center (SOC) analyst, you are responsible for monitoring, detecting, and responding to cybersecurity threats and incidents within an organization. SOC analysts are at the front lines of an organization's defense against cyberattacks and play a pivotal role in maintaining its overall security posture.
Build strong fundamentals for security operations. Equip learners with fundamental skills for defensive cybersecurity challenges.
Build secure web infrastructure. Master web server hardening, secure coding techniques, database protection, and TLS/PKI. Take our OffSec Web System Administration Learning Path
Develop Windows system administration skills and harden infrastructure against attacks. Learn secure configuration, Active Directory, IIS, MSSQL, and more.
Develop UNIX system administration skills and harden infrastructure against attacks. Learn to configure Debian and macOS, harden the nginx web server, and utilize advanced security controls like SELinux and AppArmor.
Manage and mitigate security incidents within an organization. Identify, assess, and respond to security breaches, cyberattacks, or other incidents that could potentially compromise the confidentiality, integrity, or availability of an organization's data and systems.
Proactively and methodically search through computer networks, endpoints, and datasets of organizations to detect and isolate advanced threats that conventional security solutions might miss.
Secure cloud computing environments against cyber threats and ensure these systems comply with various regulatory standards including integrating security in every phase of software development and operations.
Understand and apply the fundamentals of cloud security, from Cloud Architecture and Container Technology to mastering essential security controls.
Strengthen your cloud security proficiency with an emphasis on secure cloud practices. Develop a security-centric understanding of essential cloud technologies to confidently tackle real-world cloud challenges.
Learn to outsmart attackers and proactively defend your cloud assets in this learning path. Delve into sophisticated cloud penetration testing, CI/CD pipeline exploitation, and container escape techniques.
Use Git effectively, build security perspectives on Git, and practice Git hands-on. Whether you're a developer, DevOps engineer, security engineer, or in another technical role, you'll benefit from a solid understanding of Git.
Responsible for creating computer software, software developers conceptualize software solutions, write and test code, and ensure that the final product meets the needs of users.
Practical approach to integrating security into software design and implementation, vital for protecting digital assets.
Integrate security into every phase of the software development lifecycle from coding to deployment.
Fortify web applications and explore proven techniques to safeguard software and systems.
Tackle sophisticated attacks and elevate secure coding skills. Dive into configuration hardening, and vulnerability analysis to protect web applications with greater depth.
Explore OWASP’s critical risks, from Injection flaws to Broken Authentication. Gain insight into defending against Cross-Site Scripting and Insecure Deserialization.
Keep systems updated with the latest software, and offer technical support to both in-house and remote users. IT generalists continually monitor network security, evaluate existing security programs, update antivirus software, and run scans to ensure network integrity.
Practical approach to integrating security into software design and implementation, vital for protecting digital assets.
Integrate security into every phase of the software development lifecycle from coding to deployment.
Fortify web applications and explore proven techniques to safeguard software and systems.
Tackle sophisticated attacks and elevate secure coding skills. Dive into configuration hardening, and vulnerability analysis to protect web applications with greater depth.
Explore OWASP’s critical risks, from Injection flaws to Broken Authentication. Gain insight into defending against Cross-Site Scripting and Insecure Deserialization.
Teaches the basics of various operating systems and their vulnerabilities. Including, essential scripting skills with Python, Bash, and other tools. In addition, students learn techniques for analyzing and writing exploits.
Build strong fundamentals for security operations. Equip learners with fundamental skills for defensive cybersecurity challenges.
Get a comprehensive introduction to information security concepts and hands-on experience with tools and techniques. Understanding the basics of Linux and Windows systems and dive into scripting, networking, and cryptography.
Aligned with the MITRE ATT&CK framework, This learning path covers nearly 70% of the skills required to match the entire attack framework including tactics like, Reconnaissance, Resource Development, Initial Access and eight more!
3 learning paths that Build your team's defensive skill sets and address cybersecurity countermeasure components and capabilities for these three techniques.
Embark on a journey into the world of embedded systems and gain a holistic understanding of their design, components, and inner workings.
Build secure web infrastructure. Master web server hardening, secure coding techniques, database protection, and TLS/PKI. Take our OffSec Web System Administration Learning Path
Develop Windows system administration skills and harden infrastructure against attacks. Learn secure configuration, Active Directory, IIS, MSSQL, and more.
Develop UNIX system administration skills and harden infrastructure against attacks. Learn to configure Debian and macOS, harden the nginx web server, and utilize advanced security controls like SELinux and AppArmor.
A system administrator manages and maintains the daily operations of computer systems and networks, ensuring that hardware and software function smoothly and efficiently. They play a crucial role in implementing and enforcing cybersecurity measures to protect data from unauthorized access and cyber threats. This focus on cybersecurity is vital because it safeguards sensitive information and maintains the integrity and reliability of the technological infrastructure on which organizations depend.
Practical approach to integrating security into software design and implementation, vital for protecting digital assets.
Integrate security into every phase of the software development lifecycle from coding to deployment.
Fortify web applications and explore proven techniques to safeguard software and systems.
Tackle sophisticated attacks and elevate secure coding skills. Dive into configuration hardening, and vulnerability analysis to protect web applications with greater depth.
Explore OWASP’s critical risks, from Injection flaws to Broken Authentication. Gain insight into defending against Cross-Site Scripting and Insecure Deserialization.
Teaches the basics of various operating systems and their vulnerabilities. Including, essential scripting skills with Python, Bash, and other tools. In addition, students learn techniques for analyzing and writing exploits.
Build strong fundamentals for security operations. Equip learners with fundamental skills for defensive cybersecurity challenges.
Get a comprehensive introduction to information security concepts and hands-on experience with tools and techniques. Understanding the basics of Linux and Windows systems and dive into scripting, networking, and cryptography.
Aligned with the MITRE ATT&CK framework, This learning path covers nearly 70% of the skills required to match the entire attack framework including tactics like, Reconnaissance, Resource Development, Initial Access and eight more!
3 learning paths that Build your team's defensive skill sets and address cybersecurity countermeasure components and capabilities for these three techniques.
Build secure web infrastructure. Master web server hardening, secure coding techniques, database protection, and TLS/PKI. Take our OffSec Web System Administration Learning Path
Develop Windows system administration skills and harden infrastructure against attacks. Learn secure configuration, Active Directory, IIS, MSSQL, and more.
Develop UNIX system administration skills and harden infrastructure against attacks. Learn to configure Debian and macOS, harden the nginx web server, and utilize advanced security controls like SELinux and AppArmor.