<span class="font-bold">Level up your training</span> <br /> with limited-time offers

Level up your training
with limited-time offers

Individual discounts Enterprise offers

Find OffSec training for your cybersecurity role or area of responsibility

The OffSec Learning Library has training for critical cybersecurity job roles. No matter your area of expertise, OffSec provides continuous training to keep your organization secure.

Offensive Security

Defensive Security

Secure Development

IT Team cybersecurity

Entry-level

Essentials

Intermediate

Advanced

CyberCore

Gain core knowledge required for any cybersecurity role

= Course Certification

= Learning Path Badge

Network Penetration Tester Training

Simulate cyber attacks on computer systems, networks, or applications in a controlled environment. In order to identify vulnerabilities and weaknesses to assess the security posture of a target system. Pen testers help organizations understand and rectify their vulnerabilities before malicious hackers can exploit them.

PEN-200: Penetration Testing with Kali Linux (OSCP)

Introduce penetration testing methodology, tools, and techniques in a hands-on, self-paced environment.

PEN-210: Foundational Wireless Network Attacks (OSWP)

Audit and secure wireless devices and is a foundational course alongside PEN-200 and benefits those who would like to gain more skills in network security.

PEN-300: Advanced Evasion Techniques and Breaching Defenses (OSEP)

Perform advanced penetration tests against mature organizations and focus on bypassing advanced security mechanisms.

Network Penetration Testing Essentials

Get a comprehensive introduction to information security concepts and hands-on experience with tools and techniques. Understanding the basics of Linux and Windows systems and dive into scripting, networking, and cryptography.

Red Teaming

Learn advanced techniques to emulate real-world adversaries. Master event tracing, obscure Windows event logs, and execute stealthy process injection to refine your Red Team arsenal.

Offensive Cloud Foundations

Learn to outsmart attackers and proactively defend your cloud assets in this learning path. Delve into sophisticated cloud penetration testing, CI/CD pipeline exploitation, and container escape techniques.

MITRE ATT&CK Training

Aligned with the MITRE ATT&CK framework, This learning path covers nearly 70% of the skills required to match the entire attack framework including tactics like, Reconnaissance, Resource Development, Initial Access and eight more!

Web Application Tester Training

Web application testers conduct tests on software applications, network hardware, and cloud-based systems to identify vulnerabilities.

WEB-200: Foundational Web Application Assessment with Kali Linux (OSWA)

Discover and exploit common web vulnerabilities on modern applications and exfiltrate sensitive data from applications.

WEB-300: Advanced Web Attacks and Exploitation (OSWE)

Learn the skills needed to conduct white box web app penetration tests.

Web Application Assessment Essentials

A primer for advanced web application training, blending theory with practical, hands-on experiences. Dive into core web attacker methodologies, secure coding, and critical aspects like cryptography and version control with Git.

Exploit Developer/Security Researcher/Threat Intelligence Training

An exploit developer (aka: Security researcher, aka: Threat Intelligence) is an individual who identifies and investigates vulnerabilities in software or systems with the intent of enhancing security. Once a vulnerability is discovered, the exploit developer writes code, known as an "exploit," to demonstrate how the vulnerability can be taken advantage of. This code serves as a proof-of-concept to validate the existence and potential impact of the vulnerability.

EXP-301: Windows User Mode Exploit Development (OSED)

Learn the basics of modern exploit development and security research. Start with basic buffer overflow attacks and crack the critical security mitigation protecting enterprises.

EXP-312: Advanced macOS Control Bypasses (OSMR)

An offensive logical exploit development course for macOS, focusing on local privilege escalation and bypassing the operating system’s defenses.

EXP-401: Advanced Windows Exploitation (OSEE)

Offensive logical exploit development course for macOS, focusing on local privilege escalation and bypassing the operating system’s defenses.

Exploit Development Essentials

Teaches the basics of various operating systems and their vulnerabilities. Including, essential scripting skills with Python, Bash, and other tools. In addition, students learn techniques for analyzing and writing exploits.

SOC Analyst Training

As a Security Operations Center (SOC) analyst, you are responsible for monitoring, detecting, and responding to cybersecurity threats and incidents within an organization. SOC analysts are at the front lines of an organization's defense against cyberattacks and play a pivotal role in maintaining its overall security posture.

SOC-200: Foundational Security Operations and Defensive Analysis (OSDA)

Learners gain hands-on experience with a SIEM, identifying and assessing live, end-to-end attacks against different network architectures.

Security Operations Essentials

Build strong fundamentals for security operations. Equip learners with fundamental skills for defensive cybersecurity challenges.

Web System Administration Foundations

Build secure web infrastructure. Master web server hardening, secure coding techniques, database protection, and TLS/PKI. Take our OffSec Web System Administration Learning Path

Windows System Administration Foundations

Develop Windows system administration skills and harden infrastructure against attacks. Learn secure configuration, Active Directory, IIS, MSSQL, and more.

UNIX System Administration Foundations

Develop UNIX system administration skills and harden infrastructure against attacks. Learn to configure Debian and macOS, harden the nginx web server, and utilize advanced security controls like SELinux and AppArmor. 

Vulnerability Management Foundations

Strengthen your organization's security posture with OffSec's hands-on vulnerability management training. Learn to proactively identify and mitigate risks.

Digital Forensics & Incident Responder (DFIR) Training

Manage and mitigate security incidents within an organization. Identify, assess, and respond to security breaches, cyberattacks, or other incidents that could potentially compromise the confidentiality, integrity, or availability of an organization's data and systems.

IR-200: Foundational Incident Response (OSIR)

Build the skills needed to handle cyber incidents from detection through recovery. OffSec’s IR-200 course provides practical training to contain threats, limit damage, and ensure fast recovery, preparing learners to respond effectively to real-world attacks.

Incident Responder Foundations

Understand the essentials of incident response, from preparation and detection to recovery and post-mortem analysis. OffSec's modules are meticulously designed to provide a solid foundation for handling cyber incidents.

Threat Hunter Training

Proactively and methodically search through computer networks, endpoints, and datasets of organizations to detect and isolate advanced threats that conventional security solutions might miss.

TH-200: Foundational Threat Hunting (OSTH)

Understand the foundational aspects of threat hunting, such as the tactics of diverse threat actors, and gain hands-on experience with enterprise tools to uncover hidden threats.

Threat Hunting Foundations

Learn to identify and investigate threats, uncover potential attack techniques, and proactively improve your security posture by addressing vulnerabilities.

Security Essentials Training

Develop fundamental cybersecurity skills through hands-on exercises, learning to identify vulnerabilities, mitigate risks, and defend against cyber attacks. Gain a comprehensive understanding of core security principles, essential tools, and best practices to protect systems and data.

SEC-100: CyberCore - Security Essentials (OSCC)

CyberCore provides the essential knowledge and skills for understanding and defending against cyber threats, preparing learners for a successful cybersecurity career.

Cloud Engineer & DevSecOps Training

Secure cloud computing environments against cyber threats and ensure these systems comply with various regulatory standards including integrating security in every phase of software development and operations.

Introduction to Cloud Security

Understand and apply the fundamentals of cloud security, from Cloud Architecture and Container Technology to mastering essential security controls.

Cloud Essentials Security Training

Strengthen your cloud security proficiency with an emphasis on secure cloud practices. Develop a security-centric understanding of essential cloud technologies to confidently tackle real-world cloud challenges.

Offensive Cloud Foundations

Learn to outsmart attackers and proactively defend your cloud assets in this learning path. Delve into sophisticated cloud penetration testing, CI/CD pipeline exploitation, and container escape techniques.

GitOps Essentials

Use Git effectively, build security perspectives on Git, and practice Git hands-on. Whether you're a developer, DevOps engineer, security engineer, or in another technical role, you'll benefit from a solid understanding of Git.

DevSecOps Essentials

Modern development demands security integrated into DevOps processes. Automate infrastructure with security in mind, optimize workflows, and accelerate software delivery.

Software Developer Training

Responsible for creating computer software, software developers conceptualize software solutions, write and test code, and ensure that the final product meets the needs of users.

Introduction to Secure Software Development

Practical approach to integrating security into software design and implementation, vital for protecting digital assets.

Secure Software Development Essentials

Integrate security into every phase of the software development lifecycle from coding to deployment.

Intermediate Secure Software Development I

Fortify web applications and explore proven techniques to safeguard software and systems.

Intermediate Secure Software Development II

Tackle sophisticated attacks and elevate secure coding skills. Dive into configuration hardening, and vulnerability analysis to protect web applications with greater depth.

OWASP Top 10 - 2021 Essentials

Explore OWASP’s critical risks, from Injection flaws to Broken Authentication. Gain insight into defending against Cross-Site Scripting and Insecure Deserialization.

System Administrator Training

A system administrator manages and maintains the daily operations of computer systems and networks, ensuring that hardware and software function smoothly and efficiently. They play a crucial role in implementing and enforcing cybersecurity measures to protect data from unauthorized access and cyber threats. This focus on cybersecurity is vital because it safeguards sensitive information and maintains the integrity and reliability of the technological infrastructure on which organizations depend.

Introduction to Secure Software Development

Practical approach to integrating security into software design and implementation, vital for protecting digital assets.

Secure Software Development Essentials

Integrate security into every phase of the software development lifecycle from coding to deployment.

Intermediate Secure Software Development I

Fortify web applications and explore proven techniques to safeguard software and systems.

Intermediate Secure Software Development II

Tackle sophisticated attacks and elevate secure coding skills. Dive into configuration hardening, and vulnerability analysis to protect web applications with greater depth.

OWASP Top 10 - 2021 Essentials

Explore OWASP’s critical risks, from Injection flaws to Broken Authentication. Gain insight into defending against Cross-Site Scripting and Insecure Deserialization.

Exploit Development Essentials

Teaches the basics of various operating systems and their vulnerabilities. Including, essential scripting skills with Python, Bash, and other tools. In addition, students learn techniques for analyzing and writing exploits.

Security Operations Essentials

Build strong fundamentals for security operations. Equip learners with fundamental skills for defensive cybersecurity challenges.

Network Penetration Testing Essentials

Get a comprehensive introduction to information security concepts and hands-on experience with tools and techniques. Understanding the basics of Linux and Windows systems and dive into scripting, networking, and cryptography.

MITRE ATT&CK Training

Aligned with the MITRE ATT&CK framework, This learning path covers nearly 70% of the skills required to match the entire attack framework including tactics like, Reconnaissance, Resource Development, Initial Access and eight more!

MITRE D3FEND Training

3 learning paths that Build your team's defensive skill sets and address cybersecurity countermeasure components and capabilities for these three techniques.

Web System Administration Foundations

Build secure web infrastructure. Master web server hardening, secure coding techniques, database protection, and TLS/PKI. Take our OffSec Web System Administration Learning Path

Windows System Administration Foundations

Develop Windows system administration skills and harden infrastructure against attacks. Learn secure configuration, Active Directory, IIS, MSSQL, and more.

UNIX System Administration Foundations

Develop UNIX system administration skills and harden infrastructure against attacks. Learn to configure Debian and macOS, harden the nginx web server, and utilize advanced security controls like SELinux and AppArmor. 

IT Generalist Training

Keep systems updated with the latest software, and offer technical support to both in-house and remote users. IT generalists continually monitor network security, evaluate existing security programs, update antivirus software, and run scans to ensure network integrity.

Introduction to Secure Software Development

Practical approach to integrating security into software design and implementation, vital for protecting digital assets.

Secure Software Development Essentials

Integrate security into every phase of the software development lifecycle from coding to deployment.

Intermediate Secure Software Development I

Fortify web applications and explore proven techniques to safeguard software and systems.

Intermediate Secure Software Development II

Tackle sophisticated attacks and elevate secure coding skills. Dive into configuration hardening, and vulnerability analysis to protect web applications with greater depth.

OWASP Top 10 - 2021 Essentials

Explore OWASP’s critical risks, from Injection flaws to Broken Authentication. Gain insight into defending against Cross-Site Scripting and Insecure Deserialization.

Exploit Development Essentials

Teaches the basics of various operating systems and their vulnerabilities. Including, essential scripting skills with Python, Bash, and other tools. In addition, students learn techniques for analyzing and writing exploits.

Security Operations Essentials

Build strong fundamentals for security operations. Equip learners with fundamental skills for defensive cybersecurity challenges.

Network Penetration Testing Essentials

Get a comprehensive introduction to information security concepts and hands-on experience with tools and techniques. Understanding the basics of Linux and Windows systems and dive into scripting, networking, and cryptography.

MITRE ATT&CK Training

Aligned with the MITRE ATT&CK framework, This learning path covers nearly 70% of the skills required to match the entire attack framework including tactics like, Reconnaissance, Resource Development, Initial Access and eight more!

MITRE D3FEND Training

3 learning paths that Build your team's defensive skill sets and address cybersecurity countermeasure components and capabilities for these three techniques.

Internet of Things (IoT) Essentials

Embark on a journey into the world of embedded systems and gain a holistic understanding of their design, components, and inner workings.

Web System Administration Foundations

Build secure web infrastructure. Master web server hardening, secure coding techniques, database protection, and TLS/PKI. Take our OffSec Web System Administration Learning Path

Windows System Administration Foundations

Develop Windows system administration skills and harden infrastructure against attacks. Learn secure configuration, Active Directory, IIS, MSSQL, and more.

UNIX System Administration Foundations

Develop UNIX system administration skills and harden infrastructure against attacks. Learn to configure Debian and macOS, harden the nginx web server, and utilize advanced security controls like SELinux and AppArmor. 

DevSecOps Essentials

Modern development demands security integrated into DevOps processes. Automate infrastructure with security in mind, optimize workflows, and accelerate software delivery.