Learning Paths
Explore OffSec curated cybersecurity Learning Paths
Cloud Essentials Security Training
Strengthen your cloud security proficiency with an emphasis on secure cloud practices. Develop a security-centric understanding of essential cloud technologies to confidently tackle real-world cloud challenges.
DevSecOps Essentials
Modern development demands security integrated into DevOps processes. Automate infrastructure with security in mind, optimize workflows, and accelerate software delivery.
Exploit Development Essentials
Teaches the basics of various operating systems and their vulnerabilities. Including, essential scripting skills with Python, Bash, and other tools. In addition, students learn techniques for analyzing and writing exploits.
Digital Forensics Foundations
Learn to collect and analyze digital evidence to protect your organization. Learn how to handle evidence, recover data and use popular forensic tools.
GitOps Essentials
Use Git effectively, build security perspectives on Git, and practice Git hands-on. Whether you're a developer, DevOps engineer, security engineer, or in another technical role, you'll benefit from a solid understanding of Git.
Incident Responder Foundations
Understand the essentials of incident response, from preparation and detection to recovery and post-mortem analysis. OffSec's modules are meticulously designed to provide a solid foundation for handling cyber incidents.
Intermediate Secure Software Development I
Fortify web applications and explore proven techniques to safeguard software and systems.
Intermediate Secure Software Development II
Tackle sophisticated attacks and elevate secure coding skills. Dive into configuration hardening, and vulnerability analysis to protect web applications with greater depth.
Internet of Things (IoT) Essentials
Embark on a journey into the world of embedded systems and gain a holistic understanding of their design, components, and inner workings.
Introduction to Secure Software Development
Practical approach to integrating security into software design and implementation, vital for protecting digital assets.
Introduction to Cloud Security
Understand and apply the fundamentals of cloud security, from Cloud Architecture and Container Technology to mastering essential security controls.
MITRE ATT&CK Training
Aligned with the MITRE ATT&CK framework, This learning path covers nearly 70% of the skills required to match the entire attack framework including tactics like, Reconnaissance, Resource Development, Initial Access and eight more!
MITRE D3FEND Training
3 learning paths that Build your team's defensive skill sets and address cybersecurity countermeasure components and capabilities for these three techniques.
Network Penetration Testing Essentials
Get a comprehensive introduction to information security concepts and hands-on experience with tools and techniques. Understanding the basics of Linux and Windows systems and dive into scripting, networking, and cryptography.
Offensive Cloud Foundations
Learn to outsmart attackers and proactively defend your cloud assets in this learning path. Delve into sophisticated cloud penetration testing, CI/CD pipeline exploitation, and container escape techniques.
OWASP Top 10 - 2021 Essentials
Explore OWASP’s critical risks, from Injection flaws to Broken Authentication. Gain insight into defending against Cross-Site Scripting and Insecure Deserialization.
Red Teaming
Learn advanced techniques to emulate real-world adversaries. Master event tracing, obscure Windows event logs, and execute stealthy process injection to refine your Red Team arsenal.
Secure Software Development Essentials
Integrate security into every phase of the software development lifecycle from coding to deployment.
Security Operations Essentials
Build strong fundamentals for security operations. Equip learners with fundamental skills for defensive cybersecurity challenges.
Threat Hunting Foundations
Learn to identify and investigate threats, uncover potential attack techniques, and proactively improve your security posture by addressing vulnerabilities.
UNIX System Administration Foundations
Develop UNIX system administration skills and harden infrastructure against attacks. Learn to configure Debian and macOS, harden the nginx web server, and utilize advanced security controls like SELinux and AppArmor.
Vulnerability Management Foundations
Strengthen your organization's security posture with OffSec's hands-on vulnerability management training. Learn to proactively identify and mitigate risks.
Web System Administration Foundations
Build secure web infrastructure. Master web server hardening, secure coding techniques, database protection, and TLS/PKI. Take our OffSec Web System Administration Learning Path
Web Application Assessment Essentials
A primer for advanced web application training, blending theory with practical, hands-on experiences. Dive into core web attacker methodologies, secure coding, and critical aspects like cryptography and version control with Git.
Windows System Administration Foundations
Develop Windows system administration skills and harden infrastructure against attacks. Learn secure configuration, Active Directory, IIS, MSSQL, and more.