دسته: OffSec

Let’s delve into the “Get Good at Python” learning path offered by OffSec. This curated cybersecurity path aims to enhance your Python skills and empower you with practical knowledge. Here’s what you can expect from this learning journey:

  1. Foundational Python Skills:
    • Dive into Python essentials, including syntax, data types, and control structures.
    • Learn how to write efficient and clean Python code.
    • Explore common libraries and modules used in Python development.
  2. Web Application Security with Python:
    • Understand how Python is leveraged in web security.
    • Explore topics such as input validation, authentication, and secure coding practices.
    • Learn about common vulnerabilities and how Python can be used to mitigate them.
  3. Automating Security Tasks:
    • Discover how Python can streamline security operations.
    • Automate repetitive tasks, such as scanning, reporting, and log analysis.
    • Gain insights into scripting for penetration testing and vulnerability assessment.
  4. Advanced Python Techniques:
    • Delve into more complex Python concepts.
    • Explore topics like multithreading, networking, and data manipulation.
    • Learn how to build custom tools and scripts for specific security scenarios.
  5. Real-World Projects and Challenges:
    • Apply your Python skills to practical scenarios.
    • Work on hands-on projects related to cybersecurity.
    • Tackle challenges that simulate real-world situations.

By completing this learning path, you’ll be well-equipped to wield Python effectively in the realm of cybersecurity. Whether you’re a beginner or looking to level up your existing Python expertise, the “Get Good at Python” path provides a comprehensive and practical approach to mastering this versatile programming language.

OffSec – Get Good at Python

ادامه مطلب

This is  a collection of Offensive Security’s curated cyber security learning paths These learning paths are designed to provide a comprehensive understanding of various cyber security domains, such as network penetration testing, web application security, wireless security, secure software development, and cloud security . Each learning path is tailored to suit the needs of cyber security enthusiasts, from beginners to advanced learners

ادامه مطلب

Learn the foundations of cybersecurity defense with Foundational Security Operations and Defensive Analysis (SOC-200), a course designed for job roles such as Security Operations Center (SOC) Analysts and Threat Hunters. Learners gain hands-on experience with a SIEM, identifying and assessing a variety of live, end-to-end attacks against a number of different network architectures. Learners who complete the course and pass the exam earn the OffSec Defense Analyst (OSDA) certification, demonstrating their ability to detect and assess security incidents.

Syllabus

  • Attacker Methodology Introduction
  • Windows Endpoint Introduction
  • Windows Server Side Attacks
  • Windows Client-Side Attacks
  • Windows Privilege Escalation
  • Windows Persistence
  • Linux Endpoint Introduction
  • Linux Server Side Attacks
  • Network Detections
  • Antivirus Alerts and Evasion
  • Network Evasion and Tunneling
  • Active Directory Enumeration
  • Windows Lateral Movement
  • Active Directory Persistence
  • SIEM Part One: Intro to ELK
  • SIEM Part Two: Combining the Logs

SOC-200: Foundational Security Operations and Defensive Analysis

ادامه مطلب

Advanced macOS Control Bypasses (EXP-312) is our first macOS security course. It’s an offensive logical exploit development course for macOS, focusing on local privilege escalation and bypassing the operating system’s defenses. EXP-312 is an advanced course that teaches the skills necessary to bypass security controls implemented by macOS, and exploit logic vulnerabilities to perform privilege escalation on macOS systems. Learners who complete the course and pass the exam earn the OffSec macOS Researcher (OSMR) certification.

Syllabus

  • Introduction to macOS internals
  • Debugging, Tracing   Hopper
  • Shellcoding in macOS
  • Dylib Injection
  • Mach and Mach injection
  • Hooking
  • XPC exploitation
  • Sandbox escape
  • Attacking privacy (TCC)
  • Symlink attacks
  • Kernel code execution
  • macOS Pentesting

EXP-312: Advanced macOS Control Bypasses

ادامه مطلب

Windows User Mode Exploit Development (EXP-301) is a course that teaches learners the basics of modern exploit development. Despite being a fundamental course, it is at the 300 level because it relies on substantial knowledge of assembly and low level programming. It begins with basic buffer overflow attacks and builds into learning the skills needed to crack the critical security mitigations protecting enterprises. Learners who complete the course and pass the exam earn the OffSec Exploit Developer (OSED) certification. The OSED is one of three certifications making up the OSCE³ certification along with the OSEP for advanced penetration testing and OSWE for web application security.

Syllabus

  • WinDbg tutorial
  • Stack buffer overflows
  • Exploiting SEH overflows
  • Intro to IDA Pro
  • Overcoming space restrictions: Egghunters
  • Shellcode from scratch
  • Reverse-engineering bugs
  • Stack overflows and DEP/ASLR bypass
  • Format string specifier attacks
  • Custom ROP chains and ROP payload decoders

EXP-301: Windows User Mode Exploit Development

ادامه مطلب

Advanced Web Attacks and exploitation (WEB-300) is an advanced web application security course that teaches the skills needed to conduct white box web app penetration tests. Learners who complete the course and pass the exam earn the OffSec Web Expert (OSWE) certification and will demonstrate mastery in exploiting front-facing web apps. The OSWE is one of three certifications making up the OSCE³ certification along with the OSEP for advanced pentesting and OSED for exploit development.

Syllabus

  • JavaScript Prototype Pollution
  • Advanced Server-Side Request Forgery (SSRF)
  • Web security tools and methodologies
  • Source code analysis
  • Persistent cross-site scripting
  • Session hijacking
  • .NET deserialization
  • Remote code execution
  • Blind SQL injection
  • Data exfiltration
  • Bypassing file upload restrictions and file extension filters
  • PHP type juggling with loose comparisons
  • PostgreSQL Extension and User Defined Functions
  • Bypassing REGEX restrictions
  • Magic hashes
  • Bypassing character restrictions
  • UDF reverse shells
  • PostgreSQL large objects
  • DOM-based cross site scripting (black box)
  • Server-side template injection
  • Weak random token generation
  • XML external entity injection
  • RCE via database functions
  • OS command injection via WebSockets (black box)

WEB-300: Advanced Web Attacks and Exploitation

ادامه مطلب