Category: Offensive Security

OffSec Yearly Recap 2022

A comprehensive OffSec yearly recap: revisit some of the highlights, wins and important cybersecurity training themes that guided us through 2022. The post OffSec Yearly Recap 2022 first appeared on Offensive Security. This article has been indexed from Offensive Security…

FREE WHITEPAPER: SELECTING THE BEST INFORMATION SECURITY TRAINING

In this free guide, Offensive Security provides 6 essential points to consider when you’re evaluating information security training. The post FREE WHITEPAPER: SELECTING THE BEST INFORMATION SECURITY TRAINING first appeared on Offensive Security. This article has been indexed from Offensive…

FREE GUIDE – WEB APPLICATION SECURITY

In this free guide, Offensive Security provides 5 essential best practices for web application security, plus many more helpful nuggets of info and advice. The post FREE GUIDE – WEB APPLICATION SECURITY first appeared on Offensive Security. This article has…

Free Ebook: OSCP & PEN-200 Prep

Read the free ebook and get prepared for the OSCP exam with expert tips and deep dive through your PEN-200 experience. The post Free Ebook: OSCP & PEN-200 Prep first appeared on Offensive Security. This article has been indexed from…

Offensive Security Guide: EXP-301

Download the free guide to learn more about the Windows User Mode Exploit Development (EXP-301) course. The post Offensive Security Guide: EXP-301 first appeared on Offensive Security. This article has been indexed from Offensive Security Read the original article: Offensive…

Exploit Database 2022 Update

We’re sharing some significant updates to Exploit Database, one of OffSec’s community projects. The post Exploit Database 2022 Update first appeared on Offensive Security. This article has been indexed from Offensive Security Read the original article: Exploit Database 2022 Update

See Yourself in Cyber with OffSec: Cloud Security

As part of Cybersecurity Awareness Month 2022, we share out insights on starting a career in cloud security, together with key skills, prerequisites, career outlook, and much more. The post See Yourself in Cyber with OffSec: Cloud Security first appeared…

See Yourself in Cyber with OffSec: Security Operations

As part of Cybersecurity Awareness Month 2022, we share a complete guide to starting a career in security operations and defense. The post See Yourself in Cyber with OffSec: Security Operations first appeared on Offensive Security. This article has been…

See Yourself in Cyber with OffSec: Security Operations

As part of Cybersecurity Awareness Month 2022, we share a complete guide to starting a career in security operations and defense. The post See Yourself in Cyber with OffSec: Security Operations first appeared on Offensive Security. This article has been…

See Yourself in Cyber with OffSec: Penetration Testing

As part of the Cybersecurity Awareness Month 2022, we share a complete guide to starting a career as a penetration tester. The post See Yourself in Cyber with OffSec: Penetration Testing first appeared on Offensive Security. This article has been…

In the Hunt for the Auto Login Setup Process

OffSec’s Csaba Fitzl shares how he reverse-engineered the macOS auto-login process, including the walls he hit, and the times he resorted to trial-and-error approaches. The post In the Hunt for the Auto Login Setup Process first appeared on Offensive Security.…

Bypassing Intel CET with Counterfeit Objects

In this blog, we’ll briefly cover how CFI mitigations works, including CET, and how we can leverage COOP to effectively bypass Intel CET on the latest Windows releases. The post Bypassing Intel CET with Counterfeit Objects first appeared on Offensive…

Offensive Security Online Community BBQ Event

Join our OffSec bbq event for the chance to win some swag! Make your favorite bbq meal and share photos on Discord. Pic with the most yums will be the winner. The post Offensive Security Online Community BBQ Event first…

Introduction to Car Hacking: The CAN Bus

The CAN bus (Controller Area Network bus) is a central network that a vehicle communicates with its components. We can think of this in regard to the fact that the vehicle has many functions that operate via electrical signals. The…

Start Studying Security with SQLi

We previously explored how Cross-Site Scripting (XSS) makes for an excellent topic to understand the reach and impact of hacking. In this post, we’ll improve on conceptual understanding and try to help non-technical folks understand one of the core issues of information…

New and Improved: Learn Fundamentals

We’re excited to announce updates and new features to Learn Fundamentals that include new course Topics, badges and assessments, and much more! The post New and Improved: Learn Fundamentals first appeared on Offensive Security. This article has been indexed from…

Helping Educational Institutions Align to NCAE-C

This article has been indexed from Offensive Security Learn about how Offensive Security helps educational institutions align to the National Center of Academic Excellence (NCAE-C) requirements. The post Helping Educational Institutions Align to NCAE-C first appeared on Offensive Security. Read…

Celebrate the Release of Our 100th PG-Practice Machine

This article has been indexed from Offensive Security We’re celebrating the release of our 100th PG-Practice machine by showcasing the evolution of our labs since their inception. The post Celebrate the Release of Our 100th PG-Practice Machine first appeared on…

OffSec Live

This article has been indexed from Offensive Security OffSec Live: PEN-200 is a free streaming program that will facilitate interactive learning and preparedness for the OSCP. Join us on Twitch and Discord! The post OffSec Live first appeared on Offensive…

Join Our #BetheResource Challenge

This article has been indexed from Offensive Security Protect your org from cyber threats by investing in hands-on cybersecurity skills training. Learn about how you can get the most out of your training budget. The post Join Our #BetheResource Challenge…

Clarifying Hacking with XSS

This article has been indexed from Offensive Security … Read more » The post Clarifying Hacking with XSS first appeared on Offensive Security. Read the original article: Clarifying Hacking with XSS

What the Pandemic Has Taught Us

This article has been indexed from Offensive Security OffSec’s CEO Ning Wang shares five lessons she’s learned from the pandemic. Lesson one – people are more clear about the important things in life. The post What the Pandemic Has Taught…

New Subscription: Learn Fundamentals

This article has been indexed from Offensive Security Learn Fundamentals is the newest addition to the OffSec Training Library! Discover more about this entry-level cybersecurity training plan. The post New Subscription: Learn Fundamentals first appeared on Offensive Security. Read the…

New Subscription: Learn Fundamentals

This article has been indexed from Offensive Security Learn Fundamentals is the newest addition to the OffSec Training Library! Discover more about this entry-level cybersecurity training plan. The post New Subscription: Learn Fundamentals first appeared on Offensive Security. Read the…

Modernizing our Certificates and Badges

This article has been indexed from Offensive Security We’re modernizing our certifications! Learn more about why we changed the issuance of accreditations from paper to digital certifications and badges. The post Modernizing our Certificates and Badges first appeared on Offensive…

A Student Mentor’s EXP-312 and OSMR Learning Experience

This article has been indexed from Offensive Security EXP-312 is a logical exploit development course for macOS. An OffSec Student Mentor shared details about his EXP-312 experience and the OSMR exam. The post A Student Mentor’s EXP-312 and OSMR Learning…

Introduction to Game Hacking

This article has been indexed from Offensive Security Explore our guided introduction to game hacking. Learn how data in memory can be manipulated to achieve results that are outside the normal program design. The post Introduction to Game Hacking first…

5 Tips to Get a Cybersecurity Job With No Experience

This article has been indexed from Offensive Security Land that entry-level cybersecurity position! We share five tips to get a cybersecurity job with no experience, with insight from two OffSec employees. The post 5 Tips to Get a Cybersecurity Job…

5 Tips to Get a Cybersecurity Job With No Experience

This article has been indexed from Offensive Security Land that entry-level cybersecurity position! We share five tips to get a cybersecurity job with no experience, with insight from two OffSec employees. The post 5 Tips to Get a Cybersecurity Job…

Introducing Topic Exercises

This article has been indexed from Offensive Security Topic Exercises within PEN-200 (PWK) give students a more trackable, interactive learning experience. Read on to discover more about this new feature. The post Introducing Topic Exercises first appeared on Offensive Security.…

Microsoft OneDrive for macOS Local Privilege Escalation

This article has been indexed from Offensive Security Security researchers at Offensive Security discovered a vulnerability in the XPC service of Microsoft OneDrive. Here’s how it works and how to secure it. The post Microsoft OneDrive for macOS Local Privilege…

OffSec Standalone Course Pricing Changes

This article has been indexed from Offensive Security The Offensive Security standalone course pricing is changing. This blog will discuss the removal of 30 and 60-day options and changes to the OSCP price. The post OffSec Standalone Course Pricing Changes…

What to Expect From the New OSCP Exam

This article has been indexed from Offensive Security Three of our Student Mentors share their experiences to help you get familiar with the new OSCP exam environment. Read on to learn more about the new exam changes, their findings, and…

Cognitive Biases and Penetration Testing

This article has been indexed from Offensive Security Jeremy Miller shares with us his thoughts on cognitive biases and how they relate to penetration testing. The post Cognitive Biases and Penetration Testing first appeared on Offensive Security. Read the original…

OSCP Exam Change

This article has been indexed from Offensive Security Learn about upcoming changes to the OSCP exam structure. New changes will better reflect the current PWK materials and the skills needed to be a successful information security professional. The post OSCP…

Learn Subscriptions: Course Structure and New Courses

This article has been indexed from Offensive Security Our Learn subscriptions now include two new courses: SOC-200 (for cyber defense roles like SOC Analysts and Threat Hunters) & WEB-200 (for App Security Analysts and Web App Pentesters). Learn about each…

Some Thoughts on Teaching Hacking

This article has been indexed from Offensive Security … Read more » The post Some Thoughts on Teaching Hacking first appeared on Offensive Security. Read the original article: Some Thoughts on Teaching Hacking

Pythonizing Nmap

This article has been indexed from Offensive Security Tristram (aka gh0x0st) shares with us some tips for using python to automate nmap and other parts of your penetration testing process. The post Pythonizing Nmap first appeared on Offensive Security. Read…

Downloads in Subscriptions

This article has been indexed from Offensive Security Have you subscribed to the OffSec Training Library? Learn about the development and release of the new OffSec course downloads feature. The post Downloads in Subscriptions first appeared on Offensive Security. Read…

The Value of SubscriptionsBy Jim O’Gorman

This article has been indexed from Offensive Security Hear from Jim O’Gorman, Chief Content and Strategy Officer on the value he sees in the new Learn One and Learn Unlimited subscriptions. The post The Value of SubscriptionsBy Jim O’Gorman first…

The Value of SubscriptionsBy Jim O’Gorman

This article has been indexed from Offensive Security Hear from Jim O’Gorman, Chief Content and Strategy Officer on the value he sees in the new Learn One and Learn Unlimited subscriptions. The post The Value of SubscriptionsBy Jim O’Gorman first…

PowerShell Obfuscation

This article has been indexed from Offensive Security In this article, community moderator Tristram (gh0x0st) shares with us an approach to scripting payload obfuscation via PowerShell in order to avoid AV and AMSI detection. The post PowerShell Obfuscation first appeared…

Learning how to hack has a long feedback loop.

This article has been indexed from Offensive Security How do we learn hacking? What is OffSec’s teaching philosophy? We answer these questions and many more in our How We Teach Hacking webinar. The post Learning how to hack has a…

What’s New at OffSec – May 2021

This article has been indexed from Offensive Security Discord Server Updates Server Statistics It’s been nearly a month since we’ve migrated the community from our Rocket.chat self-hosted platform to Discord.  Before Rocket.chat closed, we had roughly 8200 users with 200…

eXtended Flow Guard Under The Microscope

This article has been indexed from Offensive Security Microsoft seems to be continuously expanding and evolving its set of security mitigations designed and implemented for Windows 10. In this blog post, we’ll examine an upcoming security feature called eXtended Flow…

eXtended Flow Guard Under The Microscope

This article has been indexed from Offensive Security Microsoft seems to be continuously expanding and evolving its set of security mitigations designed and implemented for Windows 10. In this blog post, we’ll examine an upcoming security feature called eXtended Flow…

Intel CET In Action

Read the original article: Intel CET In Action In this article, we’ll examine how effective CET is at mitigating real-world exploits that make use of ROP or stack based buffer overflow vulnerabilities. The post Intel CET In Action first appeared…

Understanding the tools/scripts you use in a Pentest

Read the original article: Understanding the tools/scripts you use in a Pentest In this blog post Offensive Security will explain why you should take the time to understand and learn about your tools before you run them. The post Understanding…

What’s New for April 2021

Read the original article: What’s New for April 2021 We’re spilling the details! Find out what’s new and what’s coming with this monthly recap of what’s happening at Offensive Security. The post What’s New for April 2021 first appeared on…

What’s New for April 2021

Read the original article: What’s New for April 2021 We’re spilling the details! Find out what’s new and what’s coming with this monthly recap of what’s happening at Offensive Security. The post What’s New for April 2021 first appeared on…

The Broader Application of Pentesting Skills

Read the original article: The Broader Application of Pentesting Skills Learn how the fundamental skills taught in Penetration Testing with Kali Linux (PWK) are applicable beyond a career in pentesting. The post The Broader Application of Pentesting Skills first appeared…

The Broader Application of Pentesting Skills

Read the original article: The Broader Application of Pentesting Skills Learn how the fundamental skills taught in Penetration Testing with Kali Linux (PWK) are applicable beyond a career in pentesting. The post The Broader Application of Pentesting Skills first appeared…

J3rryBl4nks’s PEN-300 Approach

Read the original article: J3rryBl4nks’s PEN-300 Approach OSCP holder J3rryBl4nks shares his thoughts on Offensive Security’s Evasion Techniques and Breaching Defenses course. The post J3rryBl4nks’s PEN-300 Approach first appeared on Offensive Security.   Become a supporter of IT Security News…

J3rryBl4nks’s PEN-300 Approach

Read the original article: J3rryBl4nks’s PEN-300 Approach OSCP holder J3rryBl4nks shares his thoughts on Offensive Security’s Evasion Techniques and Breaching Defenses course. The post J3rryBl4nks’s PEN-300 Approach first appeared on Offensive Security.   Become a supporter of IT Security News…

New Exploit Development Course: EXP-301

Read the original article: New Exploit Development Course: EXP-301 Get official answers to the most common questions about OffSec’s new Windows User Mode Exploit Development course and the OSED exam. The post New Exploit Development Course: EXP-301 first appeared on…

New Exploit Development Course: EXP-301

Read the original article: New Exploit Development Course: EXP-301 Get official answers to the most common questions about OffSec’s new Windows User Mode Exploit Development course and the OSED exam. The post New Exploit Development Course: EXP-301 first appeared on…

OffSec 2020 Recap

Read the original article: OffSec 2020 Recap Take a look back at 2020’s course launches and updates, and learn what to expect in 2021 with this year-end recap from Offensive Security. The post OffSec 2020 Recap first appeared on Offensive…

OffSec 2020 Recap

Read the original article: OffSec 2020 Recap Take a look back at 2020’s course launches and updates, and learn what to expect in 2021 with this year-end recap from Offensive Security. The post OffSec 2020 Recap first appeared on Offensive…

Proving Grounds as a Recruitment Tool

Read the original article: Proving Grounds as a Recruitment Tool Learn how Packetlabs used Offensive Security’s Proving Grounds solution to identify and hire top penetration testing talent. The post Proving Grounds as a Recruitment Tool first appeared on Offensive Security.…

Student Spotlight: Perseverance with Rana Khalil

Read the original article: Student Spotlight: Perseverance with Rana Khalil OSCP holder Rana Khalil shares her journey to becoming a cybersecurity analyst and her thoughts on what it takes to succeed. The post Student Spotlight: Perseverance with Rana Khalil first…

Microsoft Teams for macOS Local Privilege Escalation

Read the original article: Microsoft Teams for macOS Local Privilege Escalation Security researchers at Offensive Security discovered a vulnerability in the XPC service of Microsoft Teams. Here’s how it works and how to secure it. The post Microsoft Teams for…

PEN-300 Frequently Asked Questions

Read the original article: PEN-300 Frequently Asked Questions Get official answers to the most common questions about OffSec’s new Evasion Techniques and Breaching Defenses course and the OSEP exam. The post PEN-300 Frequently Asked Questions first appeared on Offensive Security.…

New Pentesting Course: PEN-300

Read the original article: New Pentesting Course: PEN-300 Learn about OffSec’s new Evasion Techniques and Breaching Defenses course (PEN-300) and OSEP certification. This course is one of the replacements for CTP. The post New Pentesting Course: PEN-300 first appeared on…

New Pentesting Course: PEN-300

Read the original article: New Pentesting Course: PEN-300 Learn about OffSec’s new Evasion Techniques and Breaching Defenses course (PEN-300) and OSEP certification. This course is one of the replacements for CTP. The post New Pentesting Course: PEN-300 first appeared on…

A Path to Success in the PWK Labs

Read the original article: A Path to Success in the PWK Labs As part of our ongoing efforts to support student success, we’re introducing a new learning path for the PWK labs. Find out more – along with pass rate…

TJnull’s guide to building a Home Lab

Read the original article: TJnull’s guide to building a Home Lab Build your own home lab with this extensive guide from TJnull. He covers the why and how, offers points of consideration, and shares his top resources.   Advertise on…

TJnull’s guide to building a Home Lab

Read the original article: TJnull’s guide to building a Home Lab Build your own home lab with this extensive guide from TJnull. He covers the why and how, offers points of consideration, and shares his top resources.   Advertise on…