Offensive Security certifications are the most well-recognized and respected in the industry. Courses focus on real-world skills and applicability, preparing you for real-life challenges. Online, live, and in-house courses available.
Offensive Security offers a flexible training program to support enterprises and organizations of all sizes through the OffSec Flex Program.
OffSec experts guide your team in earning the industry-leading OSCP certification with virtual instruction, live demos and mentoring.
How can source code review help penetration testers with web application security assessments? Learn the benefits of white box web app penetration testing.
Read MoreDonavan Cheah gives us some of his thoughts on the subject of penetration testing, and his journey with the AWAE course in particular.
Read MoreOffSec student Christopher M Downs takes trying harder to another level: completing (and passing) his OSCP exam in the middle of a New Orleans flood. Read more about Christopher’s inspiring journey.
Read MoreSamuel Whang, a PWK graduate, details his recommendations and a unique philosophical approach for those looking to pursue their OSCP.
This article originally appeared on Sep 24, 2019, posted by Samuel Whang. It has been posted with minor edits, with permission from the author. Original post: https://medium.com/@klockw3rk/my-oscp-guide-a-philosophical-approach-a98232bc818
Read MoreIn our last blog post, we provided an example of running an unattended network installation of Kali Linux. Our scenario covered the installation of a custom Kali configuration which contained select tools required for a remote vulnerability assessment using OpenVAS and the Metasploit Framework.
Read MoreIt’s been 7 years since we released our first version of BackTrack Linux, and the ride so far has been exhilarating. When the dev team started talking about BackTrack 6 (almost a year ago), each of us put on paper a few “wish list goals” that we each wanted implemented in our “next version”. It soon became evident to us that with our 4 year old development architecture, we would not be able to achieve all these new goals without a massive restructure, so, we massively restructured and “Kali” was born. We’ve also posted a Kali Linux teaser on the BackTrack Linux site – and that’s all we’ll say for now…
Read MoreIn one of our recent engagements, we had the opportunity to test the physical security of an organization. This assessment presented an excellent scenario for a USB HID attack, where an attacker would stealthily sneak into a server room, and connect a malicious USB device to a server with logged on console, thus compromising it. From here, the “Peensy” (Penetration Testing Teensy?) was born.
Read MoreThis guide comes from my own journey from finding a buffer overflow in an OS X application to producing a working exploit. I have reasonably good exploit development skills having completed the Penetration Testing with BackTrack and Cracking the Perimeter training courses, and working on several buffer overflow exploits. The majority of my exploit development skills are based around Windows vulnerabilities and using the OllyDBG debugger.
Read MoreAs promised, we are releasing a BackTrack 4 R1 information security and penetration testing development build to the public for hardware testing.
Read MoreThe release of BackTrack 4 unleashed a whirlwind of over 1 million downloads. Information Security specialists and Penetration Testers from all over the world showing their support and love for the product that has become the #1 Penetration Testing Distribution.
Read MoreIn the past couple of years, the economy has struck hard on organizations seeking to educate their employees. Training budgets have been cut down, and choosing the right course that will give you real Return on Investment is not an easy job. This is especially true in the offensive Information Security Training arena, where standards and qualifications are weakly defined. So how can you make sure you’re getting your money’s worth ?
Welcome to our “10 questions you should be asking your Information Security Training Provider“.
Read More
