Introduction of Recently Retired OSCP Exam Machines in PWK Labs

Over the years our Penetration Testing with Kali Linux (PWK) course, previously known as Pentesting with BackTrack (PWB), has earned a reputation of being the de-facto standard for educational content…

eXtended Flow Guard Under The Microscope

Microsoft seems to be continuously expanding and evolving its set of security mitigations designed and implemented for Windows 10. In this blog post, we’ll examine an upcoming security feature called…

CVE-2021-1815 – macOS local privilege escalation via Preferences

Apple recently fixed three vulnerabilities in macOS 11.3’s Preferences. Although we also reported the vulnerability, it was first found by Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020). Here we presentour…

Intel CET In Action

As part of our continuous update cycles for our Advanced Windows Exploitation (AWE) class, we examine each new security mitigation and ensure we understand how it works and how it…

Understanding the tools/scripts you use in a Pentest

Earlier today a student shared with the infosec community that they failed their OSCP exam because they used a popular Linux enumeration tool called linPEAS. linPEAS is a well-known enumeration…

What’s New for April 2021

We’ve decided to try a new, “What’s New at OffSec” blog post series to share Offsec and cybersecurity industry-related news, interesting happenings, topics, thoughts and more. Admittedly inspired by Bungie’s…

The Broader Application of Pentesting Skills

Entering or advancing in an information security career requires an investment in training and certification. Whether you’re new to infosec or interested in transitioning from another industry, a few certifications…

J3rryBl4nks’s PEN-300 Approach

Guest post by J3rryBl4nks, OffSec student and OSCP holder My PEN-300 Approach My name is J3rryBl4nks. I have been in roles in information technology for 17 years. I started out…

New Exploit Development Course: EXP-301

When we announced our intention to retire our Cracking the Perimeter (CTP) course and revamp the OSCE certification, we also shared information about the courses which would replace it. Those…

OffSec 2020 Recap

2020 has been quite a year, hasn’t it? It’s been challenging in so many ways, but it was also exciting for us at OffSec. We thrive on bringing new training…