September 2023 Content & Platform Update

The OffSec Learning Library (OLL) continues to evolve nearly daily in response to the dynamic cybersecurity landscape. With each passing month, the OLL deepens in specialized knowledge and broadens in diverse cybersecurity topics. 

This month, we’re proud to introduce a selection of 17 brand-new Learning Modules that further equip individuals and organizations with the most comprehensive and up-to-date cybersecurity learning resources available.

For those committed to building resilient software, these modules address common vulnerabilities and best practices:

• Credential Attacks for Developers
• Password Reset Vulnerabilities for Developers
• Cryptography for Web Developers

For those who specialize in identifying and exploiting vulnerabilities, these modules offer insights into advanced offensive techniques and the attacker’s mindset:

• Process Injection for Red Teamers
• Impairing Event Tracing for Windows (ETW) in User Mode
• Impairing Event Tracing for Windows (ETW) in Kernel Mode
• Windows Event Log Tampering Techniques
• Attacking Active Directory
• Hands-on SQL Injection with Python
• Firmware Analysis Basics
• Automated Firmware Unpackers
• Introduction to Embedded Systems

Navigate the complexities of cloud environments and continuous integration/continuous deployment with:

• Attacking CI/CD – Leaked Secrets to Poisoned Pipeline
• Attacking CI/CD – Insufficient Flow Control
• Attacking CI/CD – Dependency Chain Abuse

Sharpen your defensive skills and stay ahead of threats with modules focused on protection, detection, and response:

• Threat Hunting Overview
• Introduction to AD Certificate Services