Q4 Community Updates: Bridging the Diversity Gap, New Payment Plans, and Industry Events
The community updates cover the latest news and events from OffSec. We focus on bringing the latest updates to the community every quarter covering OffSec news, content updates, and community conferences. Enjoy reading our blogs!
Payment Plan Launch
Some students have communicated to us they face difficulties paying for their courses in one lump sum. To help address this we are proud to partner with Climb Credit to help with the upfront costs of certificates. Climb Credit offers a payment installment plan to help our students spread the cost of certification fees. Please note that OffSec does not provide payment plans for students directly, but instead we are leveraging this partner. This option is available with Climb Credit and applies to the Learn Fundamentals and Learn One subscriptions for students based in the USA. Click here if you would like to see if you qualify for the Climb Credit loan and apply.
Help Us Bridge the Diversity Gap
Cyber Diversity in Action is an initiative where OffSec donates courses to charities, foundations, or non-profit organizations that focuses on providing resources to underrepresented groups worldwide. Our program gives students a headstart to secure a job in information security. Please support our mission to remove barriers and help these groups enter the cybersecurity field. We want to hear from organizations that empower more diversity and representation in cybersecurity. Want to learn more about Cyber Diversity in Action? Click here to download more information.
Conferences and Community Events
The OffSec team has attended or sponsored the following conferences over the last quarter:
- BSides Austin
- Bsides Charlotte
- Texas Cyber Summit
- CyberCon Melbourne
- NullCon GOA
- Black Hat Middle East and Africa (MEA)
OffSec’s brand ambassadors connect with passionate cybersecurity groups and provide resources to the local community anywhere in the world. Also, OffSec’s content development team travels to conferences to teach courses to global audiences. Let’s take a closer look at each cyber event we supported last quarter.
OffSec was an event sponsor for BSides security conferences based in Ottawa, Canada, Charlotte, US, and the virtual BSides Austin for security experts and anyone interested in infosec. Contestants won PWK courses with one exam attempt for the CTF events held at each event. We are thrilled to support BSides, a community-driven group helping individuals in security and cyber security share ideas, research, and build relationships in a safe space.
OffSec supported The Texas Cyber Summit’s mission to serve underserved and women communities in cybersecurity as a prize sponsor. The summit presented OSCP courses to some students at the Virtual Students Scholarships Awards to create inclusivity in the cybersecurity community.
OffSec sponsored Hacktoria, a worldwide OSINT and infosec community network that offers free games with challenges in Cyber, Investigation, and OSINT. We supported the network with OSCP courses for winners of CTF events.
OffSec is proud to sponsor global community events aligned with our mission to empower the world to fight cyber security threats with free resources and access to PWK courses.
Black Hat MEA
OffSec trainers returned to Black Hat MEA in Saudi Arabia as a training partner to provide 100+ attendees with five in-person workshops on world-class cybersecurity and ethical hacking that prepare skilled infosec professionals. Courses included: Windows Exploitation (EXP-401), Web Attacks & Exploitation (WEB-300), Web Attacks with Kali Linux at the foundational level (WEB-200), Pentesting (PEN-200), and Security Operations & Defensive Analysis (SOC-200).
This was a learning zone that allowed participants to adopt techniques as they applied the theory in simulated virtual labs. The symposium to put in real effort, be willing to work, and learn creative solutions in their specialty areas will significantly help attendees succeed in their course. Thanks to our expert trainers for taking the time to travel to Riyadh and instruct cybersecurity courses to professionals.
Online Community Events
OffSec’s community moderators routinely host contests with free giveaways on the Discord server. A special thanks to Tristam, OffSec’s community moderator, for creating another story-writing round for the users to help inspire each other with their journey in cybersecurity. We couldn’t be happier with the community’s flood of engaging content pieces for a chance to win some cool prizes. The panel selected stories with the most emoji responses, and the top contributors won a PG Play Practice for a one-month-long practice subscription giving access to virtual hacking labs. Other prizes included OffSec’s swag items and merchandise.
OffSec provides monthly podcast interviews for the community to gain a deeper insight into cyber security. Listen to Christopher Forte talk about Cybersecurity Awareness as he shares resources he used to thrive in the field and explains why he mentors in the community. The following podcast with Bob Ragan, principal researcher at Bishop Fox, talks about the importance of Continuous Security Testing. OffSec’s community manager, TJNULL, was interviewed by the Cybersecurity Web podcast and shared tips on furthering your cybersecurity career. Check out these podcasts to learn more about each speaker’s experience in their journey and how they developed their skills to become successful.
OffSec Live, not to be confused with OffSec Academy, provides free weekly live streams on course reviews and lab demonstrations and covers skills you must have to succeed in a cybersecurity career. Anyone in cybersecurity, information security, or interested in these fields can join the live sessions every Friday at 12 p.m. ET on the OffSec Official Twitch page. Our content developers and academy staff members provided demonstrations on exercises for all course levels with an overview of each course to help students choose the best career approach. Our sessions provide student support by other staff members to set yourself up for career success. Amy, our tech recruiter, shared interviewing tips and answered questions from the community, OffSec’s staff members shared their journey, struggles, and unique paths in the cybersecurity field, and S1REN ended the year with a special holiday PG Practice box walkthrough. Our highly interactive live sessions allow the community to ask questions and engage with others in the chat box. We are thrilled to hear that this has been a great learning experience for all, as our speakers enjoy connecting with the audience. Check the events calendar for upcoming events on our Twitch channel and the OffSec Live FAQ page for questions and answers.
Watch OffSec Live Recordings on YouTube:
- SOC-100 Windows Networking and Services
- SOC-200 Combining the Logs in SIEM
- WEB-200 Cross Site Scripting
- How to Write a Cyber Security Resume
- How to Break into a Cybersecurity Career
OffSec Academy: PEN-200 provides live video-stream teaching for registered students on the PWK course with guidance on the PEN-200 material and lab demonstrations leading toward successful exam preparation for the OSCP certification. Click here to learn more and register.
OffSec’s Defense Content Developer, Gage Bennett, hosted our first AMA Reddit about Cyber Security and Defense Content Creation. During the two-hour session, the community had a chance to ask our expert questions about defensive cyber training. These are some of the most popular questions:
What are the most common ways hackers get into networks?
Are there a lot of different methods for them to get into networks?
What are some of the less common ways?
What are some warning signs that an undetected attacker would be attempting to escalate privileges on a machine?
Click here to read the conversations and his personal experiences defending different types of networks as a cyber operations specialist for the army. We thank Gage for his time and dedication to helping the community understand defensive cyber training. Keep an eye out for more AMA Reddits with our content developers on our subreddit event calendar.
We are excited to share the fourth release of Kali Linux 2022. There are normal items, such as updates and new tools. What stands out this time is, we have been putting Kali on even more platforms, such as a “Genetic Cloud” image (perfect if you use OpenStack), pre-generated QEMU VM (handy if you use Proxmox Virtual Environments (VE) or virt-manager, as well as another format for Vagrant (libvirt)! Kali is back on the Microsoft Azure marketplace for another cloud offering too.
Speaking of new, we are delighted to announce Kali NetHunter Pro. Our NetHunter series has Kali on mobile devices, free & open-source. However, where this differs is rather than being based on Android (Kali NetHunter), for the first time, we have a “true” release based on Linux (NetHunter Pro). We currently support Pine64’s PinePhone and PinePhone Pro.
With updates, desktop environments have been upgraded to GNOME 43 & KDE 5.26, introducing new features, enhancements, and tweaked widgets. We are also on Linux Kernel 6.0.0, and various tools have also been updated.
Kali NetHunter has also been updated to gain internal Bluetooth support, audio, and mouse jack support, improved Kali NetHunter app, and bug fixes.
We have also added six new tools to Kali’s arsenal.
We released a Press-Pack for Kali, with all our standard images in various formats and colors. Additionally, we expanded our social networks and joined more to help keep you up-to-date with activity:
- Facebook: facebook.com/KaliLinux
- Instagram: instagram.com/KaliLinux
- Mastodon: @firstname.lastname@example.org
- Twitter: twitter.com/KaliLinux
Click here to learn more about this release!
Content and Labs
We are excited to add new Topics, Challenges, and machines to our library. Updates include:
SSD-100 NEW TOPICS
We’ve released SSD-100 with five new Topics:
- Introduction to SQL Injection
- Introduction to Web Application Debugging
- Secure Development Lifecycle
- Introduction to SSD-100
- Introduction to Templating Engines
EXP-100 NEW TOPICS
We’ve released the following new topics:
- Intro to Windbg, Part I
- Intro to Windbg, Part II
CLD-100 NEW TOPICS
We’ve released the following new topics:
- Getting Started with Git
- Git Branching and Merging
WEB-100 NEW TOPIC
We’ve released the following new topic:
- Introduction to Git Security
OTHER FUNDAMENTAL CONTENT
We’ve released the following new topic:
- Effective Learning Strategies
Join over 60,000 cybersecurity professionals and students from around the world. We provide a community for individuals and organizations to share ideas, insights, proven practices, and practical suggestions. Connect and stay informed on emerging developments.Updates