Offensive Security

PEN-200 (PWK): Updated for 2023

Explore the enhancements we're made to PEN-200 (PWK) 2023, including restructured course content, expanded Learning Modules, & Challenge Labs.

Experience the Refreshed OffSec

Build the path to a secure future with the refreshed OffSec! Dive into the details behind our ever-evolving learning library, new logo, and modernized name.

#Updates

OffSec Yearly Recap 2022

A comprehensive OffSec yearly recap: revisit some of the highlights, wins and important cybersecurity training themes that guided us through 2022.

#Recap #Updates

New 90-day Course and Cybersecurity Certification Exam Bundles

Accelerate your learning and earn an OffSec cybersecurity certification in just 90 days. Learn about the benefits of our 90-day course and cert bundles.

Q4 Community Updates: Bridging the Diversity Gap, New Payment Plans, and Industry Events

Wrapping up 2022 with OffSec's Q4 community update! Find details about our latest community efforts, payment plans, live training, and much more.

#Updates

Exploit Database 2022 Update

We’re sharing some significant updates to Exploit Database, one of OffSec’s community projects.

#exploitdb #Updates

Staged Payloads from Kali Linux | PT Phone Home – PHP

Tristram shows you how to host a PHP web page on Kali Linux and how you can use it to stage payloads that are hidden behind a wall of conditional access requirements.

#exploit #php

How Nettitude Benchmarks their Cybersecurity Training Program with Industry-Recognized Training & Certifications

Learn how Nettitude, a global provider of cybersecurity services leveraged OffSec courses to support their cybersecurity training program, support new talent, and upskill and reskill their team of professionals.

#cybersecurity training

See Yourself in Cyber with OffSec: Cloud Security

As part of Cybersecurity Awareness Month 2022, we share out insights on starting a career in cloud security, together with key skills, prerequisites, career outlook, and much more.

#learn fundamentals

See Yourself in Cyber with OffSec: Web Application Security

As part of Cybersecurity Awareness Month 2022, we share a complete guide to starting a career in web application security with insight into career outlook, essential skills, and much more.

#web-300

Q3 Community Update | OffSec Academy, New Content, Giving Program

Welcome to OffSec's Q3 community update! This post discusses the launch of our Giving Program, new content, OffSec Academy, and much more.

#Updates

See Yourself in Cyber with OffSec: Security Operations

As part of Cybersecurity Awareness Month 2022, we share a complete guide to starting a career in security operations and defense.

#soc-200

In the Hunt for the Auto Login Setup Process

OffSec's Csaba Fitzl shares how he reverse-engineered the macOS auto-login process, including the walls he hit, and the times he resorted to trial-and-error approaches.

#exploit #macOS

Staged Payloads from Kali Linux | PT Phone Home – DNS

In part one of this post, Tristram teaches you how to use TXT records to stage payloads that can be retrieved through DNS lookups.

The Importance of Skilled Security Practitioners: How Security Skillfulness Reflects on Your Security Posture

Read about how the skillfulness of your security practitioners can impact your overall cybersecurity program and posture.

Bypassing Intel CET with Counterfeit Objects

In this blog, we’ll briefly cover how CFI mitigations works, including CET, and how we can leverage COOP to effectively bypass Intel CET on the latest Windows releases.