Student Spotlight: Meet Mihai, a 16 year old OSCP holder
Meet Mihai, a 16 year old OSCP holder and PWK graduate out of Romania. Read more about his tremendous start and journey into infosec.
Read MoreStudent Spotlight: Flood Survivor and OSCP Graduate
OffSec student Christopher M Downs takes trying harder to another level: completing (and passing) his OSCP exam in the middle of a New Orleans flood. Read more about Christopher’s inspiring journey.
Read MoreTry Harder: From Mantra to Mindset
Our community manager, Tony Punturiero, breaks down the meaning of Offensive Security’s legendary motto “Try Harder”, and how it can help jump start your cyber career.
Read MoreWhat it means to be an OSCP
When a student earns an Offensive Security certification such as the OSCP, it is a testament to the personal investment they have made as part of a commitment to excellence. Like getting a degree from a university, no matter what happens in your life from that point forward, the fact is your earned that certification and it is yours to keep. Saying this, there are some hard truths behind the path to OSCP.
Read MoreOffensive Security Say – Try Harder!
Offsec students go through hell. They endure levels of stress and frustration beyond what is considered normal, and we at Offsec appreciate this. So much in fact, that we’ve dedicated the following song to anyone who’s taken an Offsec course, and tried harder!
Read MoreHappy Holidays from Offsec
We at Offensive Security would like to thank all of our students, customers, and friends for a wonderful 2014. Its been a busy but productive year, with major upgrades to Kali Linux, the release of Kali NetHunter, the public launch of the hosted virtual labs, the first ever Kali Linux Dojo, upgrades to our student labs, lots of interesting R&D, a bunch of 0-days and a number of other accomplishments. We enjoyed the journey with all of you and here is to a fun and productive 2015! We wanted to thank you with this video we produced for all y’all.
Read MoreQuickZip Stack BOF : A box of chocolates – part 2
Today (as promised in part 1 of the QuickZip Stack BOF exploit write-up), I will explain how to build the exploit for the quickzip vulnerability using a pop pop ret pointer from an OS dll.
At the end of part 1, I challenged you, the Offensive Security Blog reader, to try to build this exploit (using a ppr pointer from an OS dll) yourself (try hard) and to contact me if you were able to complete the exercise.
Read MoreQuickZip Stack BOF 0day: a box of chocolates
A few days ago, one of my friends (mr_me) pointed me to an application that appeared to be acting somewhat “buggy” while processing “specifically” crafted zip files. After playing with the zip file structure for a while (thanks again, mr_me, for documenting the zip file structure), I found a way to make the application crash and overwrite a exception handler structure.
In this article, I will explain the steps I took to build an exploit for this bug.
Read More