Category: Offensive Security

Learn how the University of Tulsa utilizes OffSec’s off-the-shelf “Pathways in a Box” to educate and train its students. The post How the University of Tulsa is Educating and Training the Next Generation of Cybersecurity Professionals first appeared on Offensive…

Read more →

Learn how the University of Tulsa utilizes OffSec’s off-the-shelf “Pathways in a Box” to educate and train its students. The post How the University of Tulsa is Educating and Training the Next Generation of Cybersecurity Professionals first appeared on Offensive…

Read more →

A comprehensive OffSec yearly recap: revisit some of the highlights, wins and important cybersecurity training themes that guided us through 2022. The post OffSec Yearly Recap 2022 first appeared on Offensive Security. This article has been indexed from Offensive Security…

Read more →

Accelerate your learning and earn an OffSec cybersecurity certification in just 90 days. Learn about the benefits of our 90-day course and cert bundles. The post New 90-day Course and Cybersecurity Certification Exam Bundles first appeared on Offensive Security. This…

Read more →

Wrapping up 2022 with OffSec’s Q4 community update! Find details about our latest community efforts, payment plans, live training, and much more. The post Q4 Community Updates: Bridging the Diversity Gap, New Payment Plans, and Industry Events first appeared on…

Read more →

Are you looking for top security talent to keep your organization safe from security attacks? OffSec’s Dr. Heather Monthie, Head of Cybersecurity Training, Education, and Innovation, has put together a comprehensive, detailed guide on how to identify cybersecurity skills in the job…

Read more →

In this free guide, Offensive Security provides 6 essential points to consider when you’re evaluating information security training. The post FREE WHITEPAPER: SELECTING THE BEST INFORMATION SECURITY TRAINING first appeared on Offensive Security. This article has been indexed from Offensive…

Read more →

In this free guide, Offensive Security provides 5 essential best practices for web application security, plus many more helpful nuggets of info and advice. The post FREE GUIDE – WEB APPLICATION SECURITY first appeared on Offensive Security. This article has…

Read more →

OffSec’s Dr. Heather Monthie has put together a detailed guide of how to make a great entry-level cybersecurity job description and get more qualified applicants. The post FREE WHITEPAPER – HOW TO WRITE ENTRY LEVEL CYBERSECURITY JOB DESCRIPTIONS first appeared…

Read more →

Read the free ebook and get prepared for the OSCP exam with expert tips and deep dive through your PEN-200 experience. The post Free Ebook: OSCP & PEN-200 Prep first appeared on Offensive Security. This article has been indexed from…

Read more →

Download the free guide to learn more about the Windows User Mode Exploit Development (EXP-301) course. The post Offensive Security Guide: EXP-301 first appeared on Offensive Security. This article has been indexed from Offensive Security Read the original article: Offensive…

Read more →

We’re sharing some significant updates to Exploit Database, one of OffSec’s community projects. The post Exploit Database 2022 Update first appeared on Offensive Security. This article has been indexed from Offensive Security Read the original article: Exploit Database 2022 Update

Read more →

Tristram shows you how to host a PHP web page on Kali Linux and how you can use it to stage payloads that are hidden behind a wall of conditional access requirements. The post Staged Payloads from Kali Linux |…

Read more →

Learn how Nettitude, a global provider of cybersecurity services leveraged OffSec courses to support their cybersecurity training program, support new talent, and upskill and reskill their team of professionals. The post How Nettitude Benchmarks their Cybersecurity Training Program with Industry-Recognized…

Read more →

As part of Cybersecurity Awareness Month 2022, we share out insights on starting a career in cloud security, together with key skills, prerequisites, career outlook, and much more. The post See Yourself in Cyber with OffSec: Cloud Security first appeared…

Read more →

As part of Cybersecurity Awareness Month 2022, we share a complete guide to starting a career in web application security with insight into career outlook, essential skills, and much more. The post See Yourself in Cyber with OffSec: Web Application…

Read more →

Welcome to OffSec’s Q3 community update! This post discusses the launch of our Giving Program, new content, OffSec Academy, and much more. The post Q3 Community Update | OffSec Academy, New Content, Giving Program first appeared on Offensive Security. This…

Read more →

As part of Cybersecurity Awareness Month 2022, we share a complete guide to starting a career in security operations and defense. The post See Yourself in Cyber with OffSec: Security Operations first appeared on Offensive Security. This article has been…

Read more →

As part of Cybersecurity Awareness Month 2022, we share a complete guide to starting a career in security operations and defense. The post See Yourself in Cyber with OffSec: Security Operations first appeared on Offensive Security. This article has been…

Read more →

As part of the Cybersecurity Awareness Month 2022, we share a complete guide to starting a career as a penetration tester. The post See Yourself in Cyber with OffSec: Penetration Testing first appeared on Offensive Security. This article has been…

Read more →

OffSec’s Csaba Fitzl shares how he reverse-engineered the macOS auto-login process, including the walls he hit, and the times he resorted to trial-and-error approaches. The post In the Hunt for the Auto Login Setup Process first appeared on Offensive Security.…

Read more →

In part one of this post, Tristram teaches you how to use TXT records to stage payloads that can be retrieved through DNS lookups. The post Staged Payloads from Kali Linux | PT Phone Home – DNS first appeared on…

Read more →

Read about how the skillfulness of your security practitioners can impact your overall cybersecurity program and posture. The post The Importance of Skilled Security Practitioners: How Security Skillfulness Reflects on Your Security Posture first appeared on Offensive Security. This article…

Read more →

Learn how students at the French training center Pôle Formation Des Industries Technologiques scored salary increases and promotions after completing Offensive Security courses. The post Students find cybersecurity career success after completing Offensive Security courses  first appeared on Offensive Security.…

Read more →

In this blog, we’ll briefly cover how CFI mitigations works, including CET, and how we can leverage COOP to effectively bypass Intel CET on the latest Windows releases. The post Bypassing Intel CET with Counterfeit Objects first appeared on Offensive…

Read more →

Join our OffSec bbq event for the chance to win some swag! Make your favorite bbq meal and share photos on Discord. Pic with the most yums will be the winner. The post Offensive Security Online Community BBQ Event first…

Read more →

Announcing changes to achieving OSCP Bonus Points and sunsetting of the PEN-200 legacy course exercises. The post OSCP Bonus Points Update: Sunsetting PEN-200 Legacy Course Exercises and a New Way to Achieve Points! first appeared on Offensive Security. This article…

Read more →

The CAN bus (Controller Area Network bus) is a central network that a vehicle communicates with its components. We can think of this in regard to the fact that the vehicle has many functions that operate via electrical signals. The…

Read more →

Welcome to our Q2 update! This post discusses the launch of student discounts, OffSec Live, our Partner Program, and much more. The post Quarterly Community Updates: Student Discounts, OffSec Live, Partner Program, & Much More! first appeared on Offensive Security.…

Read more →

We previously explored how Cross-Site Scripting (XSS) makes for an excellent topic to understand the reach and impact of hacking. In this post, we’ll improve on conceptual understanding and try to help non-technical folks understand one of the core issues of information…

Read more →

We’re excited to announce updates and new features to Learn Fundamentals that include new course Topics, badges and assessments, and much more! The post New and Improved: Learn Fundamentals first appeared on Offensive Security. This article has been indexed from…

Read more →

Learn about the cybersecurity leadership skills modern CISOs will need to succeed in the future. The post The ever-evolving role of the CISO: Cybersecurity leadership skills needed in the future of work first appeared on Offensive Security. This article has…

Read more →

TJ shows us how adversaries use macro weaponization techniques to abuse hidden functionalities contained in Office document properties. The post Weaponizing and Abusing Hidden Functionalities Contained in Office Document Properties first appeared on Offensive Security. This article has been indexed…

Read more →

Offensive Security is proud to support the Federal Rotational Cyber Workforce Program Act and welcomes new cybersecurity bills signed into law. The post Offensive Security Welcomes Cybersecurity Bills Signed into Law first appeared on Offensive Security. This article has been…

Read more →

Learn how Pulsar Security leveraged Offensive Security cybersecurity training program to establish their continuous workforce development and upskilled their security team. The post How Pulsar Security Established their Continuous Cyber Workforce Development first appeared on Offensive Security. This article has…

Read more →

This article has been indexed from Offensive Security Offensive Security welcomes passage of critical cybersecurity bills in Congress that will enhance America’s cybersecurity posture. The post Offensive Security Hails Passage of Several Cybersecurity Bills in Congress first appeared on Offensive…

Read more →

This article has been indexed from Offensive Security Learn about how Offensive Security helps educational institutions align to the National Center of Academic Excellence (NCAE-C) requirements. The post Helping Educational Institutions Align to NCAE-C first appeared on Offensive Security. Read…

Read more →

This article has been indexed from Offensive Security We’re celebrating the release of our 100th PG-Practice machine by showcasing the evolution of our labs since their inception. The post Celebrate the Release of Our 100th PG-Practice Machine first appeared on…

Read more →

This article has been indexed from Offensive Security OffSec Live: PEN-200 is a free streaming program that will facilitate interactive learning and preparedness for the OSCP. Join us on Twitch and Discord! The post OffSec Live first appeared on Offensive…

Read more →

This article has been indexed from Offensive Security Protect your org from cyber threats by investing in hands-on cybersecurity skills training. Learn about how you can get the most out of your training budget. The post 3 Ways to Attract…

Read more →

This article has been indexed from Offensive Security Protect your org from cyber threats by investing in hands-on cybersecurity skills training. Learn about how you can get the most out of your training budget. The post Join Our #BetheResource Challenge…

Read more →

This article has been indexed from Offensive Security Protect your org from cyber threats by investing in hands-on cybersecurity skills training. Learn about how you can get the most out of your training budget. The post 4 Tips to Implement…

Read more →

This article has been indexed from Offensive Security Protect your org from cyber threats by investing in hands-on cybersecurity skills training. Learn about how you can get the most out of your training budget. The post Hands-on Cybersecurity Skills Training…

Read more →

This article has been indexed from Offensive Security … Read more » The post Clarifying Hacking with XSS first appeared on Offensive Security. Read the original article: Clarifying Hacking with XSS

Read more →

This article has been indexed from Offensive Security OffSec’s CEO Ning Wang shares five lessons she’s learned from the pandemic. Lesson one – people are more clear about the important things in life. The post What the Pandemic Has Taught…

Read more →

This article has been indexed from Offensive Security Learn Fundamentals is the newest addition to the OffSec Training Library! Discover more about this entry-level cybersecurity training plan. The post New Subscription: Learn Fundamentals first appeared on Offensive Security. Read the…

Read more →

This article has been indexed from Offensive Security Learn Fundamentals is the newest addition to the OffSec Training Library! Discover more about this entry-level cybersecurity training plan. The post New Subscription: Learn Fundamentals first appeared on Offensive Security. Read the…

Read more →

This article has been indexed from Offensive Security We’re modernizing our certifications! Learn more about why we changed the issuance of accreditations from paper to digital certifications and badges. The post Modernizing our Certificates and Badges first appeared on Offensive…

Read more →

This article has been indexed from Offensive Security EXP-312 is a logical exploit development course for macOS. An OffSec Student Mentor shared details about his EXP-312 experience and the OSMR exam. The post A Student Mentor’s EXP-312 and OSMR Learning…

Read more →

This article has been indexed from Offensive Security A cybersecurity talent pool can fill critical positions in your organization. Learn how to identify and train employees that are interested in a career transition. The post Creating a Cybersecurity Talent Pool…

Read more →

This article has been indexed from Offensive Security Explore our guided introduction to game hacking. Learn how data in memory can be manipulated to achieve results that are outside the normal program design. The post Introduction to Game Hacking first…

Read more →

This article has been indexed from Offensive Security Land that entry-level cybersecurity position! We share five tips to get a cybersecurity job with no experience, with insight from two OffSec employees. The post 5 Tips to Get a Cybersecurity Job…

Read more →

This article has been indexed from Offensive Security Land that entry-level cybersecurity position! We share five tips to get a cybersecurity job with no experience, with insight from two OffSec employees. The post 5 Tips to Get a Cybersecurity Job…

Read more →

This article has been indexed from Offensive Security Learn how to set SMART goals for your cybersecurity career path with some great tips from Dr. Heather Monthie. The post Goals for Your Cybersecurity Career Path:Setting New Year’s Resolutions first appeared…

Read more →

This article has been indexed from Offensive Security OffSec’s Content Product Manager Jeremy Miller continues to reflect on the meaning of failure in cybersecurity in Part II of his blog. The post Reflections on Failure, Part TwoStumbling toward the doors…

Read more →

This article has been indexed from Offensive Security OffSec’s Content Product Manager Jeremy Miller reflects on the meaning of failure in cybersecurity in Part I of his blog. The post Reflections on Failure, Part OneStumbling toward the doors of progress…

Read more →

This article has been indexed from Offensive Security Topic Exercises within PEN-200 (PWK) give students a more trackable, interactive learning experience. Read on to discover more about this new feature. The post Introducing Topic Exercises first appeared on Offensive Security.…

Read more →

This article has been indexed from Offensive Security Security researchers at Offensive Security discovered a vulnerability in the XPC service of Microsoft OneDrive. Here’s how it works and how to secure it. The post Microsoft OneDrive for macOS Local Privilege…

Read more →

This article has been indexed from Offensive Security The Offensive Security standalone course pricing is changing. This blog will discuss the removal of 30 and 60-day options and changes to the OSCP price. The post OffSec Standalone Course Pricing Changes…

Read more →

This article has been indexed from Offensive Security Three of our Student Mentors share their experiences to help you get familiar with the new OSCP exam environment. Read on to learn more about the new exam changes, their findings, and…

Read more →

This article has been indexed from Offensive Security Jeremy Miller shares with us his thoughts on cognitive biases and how they relate to penetration testing. The post Cognitive Biases and Penetration Testing first appeared on Offensive Security. Read the original…

Read more →

This article has been indexed from Offensive Security Learn about upcoming changes to the OSCP exam structure. New changes will better reflect the current PWK materials and the skills needed to be a successful information security professional. The post OSCP…

Read more →

This article has been indexed from Offensive Security Our Learn subscriptions now include two new courses: SOC-200 (for cyber defense roles like SOC Analysts and Threat Hunters) & WEB-200 (for App Security Analysts and Web App Pentesters). Learn about each…

Read more →

This article has been indexed from Offensive Security … Read more » The post Some Thoughts on Teaching Hacking first appeared on Offensive Security. Read the original article: Some Thoughts on Teaching Hacking

Read more →

This article has been indexed from Offensive Security Tristram (aka gh0x0st) shares with us some tips for using python to automate nmap and other parts of your penetration testing process. The post Pythonizing Nmap first appeared on Offensive Security. Read…

Read more →

This article has been indexed from Offensive Security Have you subscribed to the OffSec Training Library? Learn about the development and release of the new OffSec course downloads feature. The post Downloads in Subscriptions first appeared on Offensive Security. Read…

Read more →

This article has been indexed from Offensive Security Hear from Jim O’Gorman, Chief Content and Strategy Officer on the value he sees in the new Learn One and Learn Unlimited subscriptions. The post The Value of SubscriptionsBy Jim O’Gorman first…

Read more →

This article has been indexed from Offensive Security Hear from Jim O’Gorman, Chief Content and Strategy Officer on the value he sees in the new Learn One and Learn Unlimited subscriptions. The post The Value of SubscriptionsBy Jim O’Gorman first…

Read more →

This article has been indexed from Offensive Security The OffSec Training Library is a subscription-based cybersecurity training platform. Discover more about our Learn One and Learn Unlimited subscriptions. The post New OffSec Training Library Subscriptions: Learn One and Learn Unlimited…

Read more →

This article has been indexed from Offensive Security The OffSec Training Library is a subscription-based cybersecurity training platform. Discover more about our Learn One and Learn Unlimited subscriptions. The post New OffSec Training Library Subscriptions: Learn One and Learn Unlimited…

Read more →

This article has been indexed from Offensive Security In this article, community moderator Tristram (gh0x0st) shares with us an approach to scripting payload obfuscation via PowerShell in order to avoid AV and AMSI detection. The post PowerShell Obfuscation first appeared…

Read more →

This article has been indexed from Offensive Security How do we learn hacking? What is OffSec’s teaching philosophy? We answer these questions and many more in our How We Teach Hacking webinar. The post Learning how to hack has a…

Read more →

This article has been indexed from Offensive Security Discord Server Updates Server Statistics It’s been nearly a month since we’ve migrated the community from our Rocket.chat self-hosted platform to Discord.  Before Rocket.chat closed, we had roughly 8200 users with 200…

Read more →

This article has been indexed from Offensive Security Students can now take advantage of their PWK Labs IT network, with the addition of 5 RECENTLY retired OSCP exam machines. Read on to learn more about why we’ve made these changes.…

Read more →

This article has been indexed from Offensive Security Microsoft seems to be continuously expanding and evolving its set of security mitigations designed and implemented for Windows 10. In this blog post, we’ll examine an upcoming security feature called eXtended Flow…

Read more →

This article has been indexed from Offensive Security Microsoft seems to be continuously expanding and evolving its set of security mitigations designed and implemented for Windows 10. In this blog post, we’ll examine an upcoming security feature called eXtended Flow…

Read more →

Apple recently fixed three vulnerabilities in macOS 11.3’s Preferences. Here we present our writeup about how we identified one of the issues, and how we exploited it. The post CVE-2021-1815 – macOS local privilege escalation via Preferences first appeared on…

Read more →

Read the original article: Intel CET In Action In this article, we’ll examine how effective CET is at mitigating real-world exploits that make use of ROP or stack based buffer overflow vulnerabilities. The post Intel CET In Action first appeared…

Read more →

Read the original article: Understanding the tools/scripts you use in a Pentest In this blog post Offensive Security will explain why you should take the time to understand and learn about your tools before you run them. The post Understanding…

Read more →

Read the original article: What’s New for April 2021 We’re spilling the details! Find out what’s new and what’s coming with this monthly recap of what’s happening at Offensive Security. The post What’s New for April 2021 first appeared on…

Read more →

Read the original article: What’s New for April 2021 We’re spilling the details! Find out what’s new and what’s coming with this monthly recap of what’s happening at Offensive Security. The post What’s New for April 2021 first appeared on…

Read more →

Read the original article: The Broader Application of Pentesting Skills Learn how the fundamental skills taught in Penetration Testing with Kali Linux (PWK) are applicable beyond a career in pentesting. The post The Broader Application of Pentesting Skills first appeared…

Read more →

Read the original article: The Broader Application of Pentesting Skills Learn how the fundamental skills taught in Penetration Testing with Kali Linux (PWK) are applicable beyond a career in pentesting. The post The Broader Application of Pentesting Skills first appeared…

Read more →

Read the original article: J3rryBl4nks’s PEN-300 Approach OSCP holder J3rryBl4nks shares his thoughts on Offensive Security’s Evasion Techniques and Breaching Defenses course. The post J3rryBl4nks’s PEN-300 Approach first appeared on Offensive Security.   Become a supporter of IT Security News…

Read more →

Read the original article: J3rryBl4nks’s PEN-300 Approach OSCP holder J3rryBl4nks shares his thoughts on Offensive Security’s Evasion Techniques and Breaching Defenses course. The post J3rryBl4nks’s PEN-300 Approach first appeared on Offensive Security.   Become a supporter of IT Security News…

Read more →

Read the original article: New Exploit Development Course: EXP-301 Get official answers to the most common questions about OffSec’s new Windows User Mode Exploit Development course and the OSED exam. The post New Exploit Development Course: EXP-301 first appeared on…

Read more →

Read the original article: New Exploit Development Course: EXP-301 Get official answers to the most common questions about OffSec’s new Windows User Mode Exploit Development course and the OSED exam. The post New Exploit Development Course: EXP-301 first appeared on…

Read more →

Read the original article: EVASION TECHNIQUES AND BREACHING DEFENSES (PEN-300) AND OSEP EXAM REVIEW What do you need to know before taking Evasion Techniques and Breaching Defenses (PEN-300)? Nullg0re gives us his review on the new course. The post EVASION…

Read more →

Read the original article: OffSec 2020 Recap Take a look back at 2020’s course launches and updates, and learn what to expect in 2021 with this year-end recap from Offensive Security. The post OffSec 2020 Recap first appeared on Offensive…

Read more →

Read the original article: OffSec 2020 Recap Take a look back at 2020’s course launches and updates, and learn what to expect in 2021 with this year-end recap from Offensive Security. The post OffSec 2020 Recap first appeared on Offensive…

Read more →

Read the original article: Proving Grounds as a Recruitment Tool Learn how Packetlabs used Offensive Security’s Proving Grounds solution to identify and hire top penetration testing talent. The post Proving Grounds as a Recruitment Tool first appeared on Offensive Security.…

Read more →

Read the original article: Student Spotlight: Perseverance with Rana Khalil OSCP holder Rana Khalil shares her journey to becoming a cybersecurity analyst and her thoughts on what it takes to succeed. The post Student Spotlight: Perseverance with Rana Khalil first…

Read more →

Read the original article: Microsoft Teams for macOS Local Privilege Escalation Security researchers at Offensive Security discovered a vulnerability in the XPC service of Microsoft Teams. Here’s how it works and how to secure it. The post Microsoft Teams for…

Read more →

Read the original article: PEN-300 Frequently Asked Questions Get official answers to the most common questions about OffSec’s new Evasion Techniques and Breaching Defenses course and the OSEP exam. The post PEN-300 Frequently Asked Questions first appeared on Offensive Security.…

Read more →

Read the original article: New Pentesting Course: PEN-300 Learn about OffSec’s new Evasion Techniques and Breaching Defenses course (PEN-300) and OSEP certification. This course is one of the replacements for CTP. The post New Pentesting Course: PEN-300 first appeared on…

Read more →

Read the original article: New Pentesting Course: PEN-300 Learn about OffSec’s new Evasion Techniques and Breaching Defenses course (PEN-300) and OSEP certification. This course is one of the replacements for CTP. The post New Pentesting Course: PEN-300 first appeared on…

Read more →

Read the original article: A Path to Success in the PWK Labs As part of our ongoing efforts to support student success, we’re introducing a new learning path for the PWK labs. Find out more – along with pass rate…

Read more →

Read the original article: TJnull’s guide to building a Home Lab Build your own home lab with this extensive guide from TJnull. He covers the why and how, offers points of consideration, and shares his top resources.   Advertise on…

Read more →

Read the original article: TJnull’s guide to building a Home Lab Build your own home lab with this extensive guide from TJnull. He covers the why and how, offers points of consideration, and shares his top resources.   Advertise on…

Read more →

Read the original article: Wekan Authentication Bypass – Exploiting Common Pitfalls of MeteorJS In this post, Dejan walks us through an authentication bypass vulnerability discovered in Wekan and reported by Offensive Security.   Advertise on IT Security News. Read the…

Read more →