
Dec 13, 2024
November 2024 Content & Platform Update
Welcome to the OffSec November 2024 content update! Find the full scoop inside.
November was a busy month at OffSec, and we’re excited to share all the updates we’ve rolled out. From fresh content to platform enhancements, here’s everything new to help you level up your cybersecurity expertise
OffSec Versus takes your training to the next level with a dynamic red team vs. blue team format. This competitive cyber range immerses you in real-world attack and defense scenarios, where red team players emulate attackers while blue team players work to defend and secure systems.
It’s more than a challenge—it’s a test of your adaptability, critical thinking, and technical expertise under pressure. Whether you’re refining offensive tactics or sharpening defensive strategies, Versus provides an engaging, hands-on experience to help you master both sides of cybersecurity. Ready to prove your skills? Jump into the action today!
We continue to enrich our fundamentals library to ensure you have the right skills and expertise to start your cybersecurity journey.
- Security Misconfigurations with Java
Duration: 300mins
Job Role: Software Developer - Understanding Prompt Engineering and RAG
Duration: 90mins
Job Role: SOC Analyst, Threat Hunter, System Administrator - Using Databases with Java
Duration: 120mins
Job Role: Software Developer
We’ve released all new modules to support Apple Silicone hardware requirements. New learners will have to use a M1 machine with at least 1TB SSD.
- macOS Control Bypasses: General Course Information (Apple Silicon)
- Introduction to macOS (Apple Silicon)
- Dylib Injection (Apple Silicon)
- The Mach Microkernel (Apple Silicon)
- XPC Attacks (Apple Silicon)
- Function Hooking on macOS (Apple Silicon)
- The macOS Sandbox (Apple Silicon)
- Bypassing Transparency, Consent, and Control (Privacy) (Apple Silicon)
- GateKeeper Internals (Apple Silicon)
- Symlink and Hardlink Attacks (Apple Silicon)
- Injecting Code into Electron Applications (Apple Silicon)
- Job Role: Security Researcher
- Duration: 2700mins each (1st module is 90mins)
We’ve recently updated our list of firewalls on the support site. You can use this list of connections to add exceptions into your own corporate firewalls.
We’re removing the “Manage my team” button from the right hand side and moving the entire admin functionality inside the left nav, under the new section called: Admin Console.
Interested in securing an in-person or online live training for your team? Click here to connect with a local partner or find a course near you.
Stay in the know: Become an OffSec Insider
Get the latest updates about resources, events & promotions from OffSec!
Latest from OffSec

Research & Tutorials
CVE-2024-39914 – Unauthenticated Command Injection in FOG Project’s export.php
Discover details about CVE-2024-39914, a critical unauthenticated command injection vulnerability in FOG Project ≤ 1.5.10.34. Learn how attackers can exploit export.php to execute system commands or deploy persistent webshells.
Jun 26, 2025
2 min read

OffSec News
What It Really Means to “Try Harder”
Discover how OffSec’s “Try Harder” mantra evolved into a mindset, and how it helps learners build grit, creativity, and real-world problem-solving skills.
Jun 23, 2025
7 min read

Research & Tutorials
CVE-2025-3248 – Unauthenticated Remote Code Execution in Langflow via Insecure Python exec Usage
CVE-2025-3248 is a critical RCE vulnerability in Langflow that allows unauthenticated attackers to execute arbitrary Python code via unsanitized input to exec(). Learn how it works and how to protect your system.
Jun 18, 2025
2 min read