What it means to be an OSCP

When a student earns an Offensive Security certification such as the OSCP, it is a testament to the personal investment they have made as part of a commitment to excellence. Like getting a degree from a university, no matter what happens in your life from that point forward, the fact is your earned that certification and it is yours to keep. Saying this, there are some hard truths behind the path to OSCP.

Read More

MASSCAN Web Interface

A couple of weeks ago, we had the opportunity to scan and map a large IP address space covering just over 3 million hosts. Our tool of choice for this was the fast and capable masscan, which is packaged in Kali. While masscan has several convenient output formats, such as binary and XML, one feature we were missing was an easy way to search our results. We quickly whipped up a little web interface that would allow us to import and search within a masscan XML output file. This feature proved very useful for us – as once we identified a specific vulnerable pattern on a machine, we could easily cross reference this pattern with over the millions of discovered hosts in our database.

Read More

What’s New with Exploit Database?

New Features in the Exploit Database

Over the past 6 years, we have been maintaining and updating the Exploit Database on a daily basis, which now boasts over 35,000 exploits. While we constantly work on improving our back-end and entry quality. Over the years there haven’t really been any updates to the front-end, which has traditionally stayed ominously dark and foreboding. As you may have already seen this changed about two weeks ago, with the introduction of the new and improved Exploit Database website.

… Read more »

Read More

Offensive Security Say – Try Harder!

Offsec students go through hell. They endure levels of stress and frustration beyond what is considered normal, and we at Offsec appreciate this. So much in fact, that we’ve dedicated the following song to anyone who’s taken an Offsec course, and tried harder!

Read More

Happy Holidays from Offsec

We at Offensive Security would like to thank all of our students, customers, and friends for a wonderful 2014. Its been a busy but productive year, with major upgrades to Kali Linux, the release of Kali NetHunter, the public launch of the hosted virtual labs, the first ever Kali Linux Dojo, upgrades to our student labs, lots of interesting R&D, a bunch of 0-days and a number of other accomplishments. We enjoyed the journey with all of you and here is to a fun and productive 2015! We wanted to thank you with this video we produced for all y’all.

Read More

Professional Penetration Testing Labs

For the past few months, we have been quietly beta testing and perfecting our new Enterprise Penetration Testing Labs, or as we fondly call it, the “Offensive Security Proving Grounds (PG)”. Today, we are proud to unveil our hosted penetration testing labs – a safe virtual network environment designed to be attacked and penetrated as a means of learning and sharpening your penetration testing skills. The new design of the Proving Grounds include multiple interconnected subnets with a wide array of modern operating systems, including Active Directory domains, Citrix systems, corporate Antivirus solutions as well as Intrusion Prevention Systems which attackers must learn to cope with.

Read More

Kali Nexus NetHunter 1.0.2

It’s been a week since our release of the Kali Linux NetHunter, and the feedback is amazing. A NetHunter community has sprung up from nowhere, and the forums and github pages are really active. We’re completely stoked about this community response, and are eager to see it grow. After an intense week of community testing and a slew of bugfixes (including shellshock), we thought it would be a good opportunity to release a NetHunter update. Please welcome NetHunter 1.0.2.

Read More

Disarming EMET v5.0

In our previous Disarming Emet 4.x blog post, we demonstrated how to disarm the ROP mitigations introduced in EMET 4.x by abusing a global variable in the .data section located at a static offset. A general overview of the EMET 5 technical preview has been recently published here.

Read More

Disarming Enhanced Mitigation Experience Toolkit (EMET)

With the emergence of recent Internet Explorer Vulnerabilities, we’ve been seeing a trend of EMET recommendations as a path to increasing application security. A layered defense is always helpful as it increases the obstacles in the path of an attacker. However, we were wondering how much does it really benefit? How much harder does an attacker have to work to bypass these additional protections? With that in mind, we started a deep dive into EMET.

Read More

Exploit Database Hosted on GitHub

We have recently completed some renovations on the Exploit Database backend systems and moved the EDB exploit repository to Github. This means that it’s now easier than ever to copy, clone or fork the whole repository. The previous SVN CVS has been retired.

Read More

Bug Bounty Program Insights

With the nature of our business, we at Offensive Security take our system security very seriously and we appreciate the benefits of having “the crowd” scrutinize our internet presence for bugs. For this reason, we recently started our own Bug Bounty Program, which provides incentives for researchers to inform us of possible vulnerabilities in our sites in exchange for cash rewards.

Read More

Penetration Test Report 2013

We are proud to release a new, updated, sample penetration test report. This report accurately reflects the types of assessments we conduct for our clients. It incorporates changes we have made over the last two years based on customer feedback, as well as reflecting many of the types of attacks we have found to be effective in multiple customer environments.

Read More

Advanced Windows Exploitation Vienna

The Advanced Windows Exploitation (AWE) class in Vienna is coming up quick! This will be our first time teaching the class outside of the US and is the only public planned AWE this year outside of BlackHat Vegas. We have secured a beautiful facility on the 24th floor of the Millennium Tower on the Vienna waterfront, and still have a couple of seats left open. So if you are interested in coming now is the time to take action!

Read More