Offensive Security & Penetration Testing
Think like an attacker โ reconnaissance, exploitation, privilege escalation, Active Directory attacks, social engineering, and professional reporting.
100% Free ยท All lessons unlocked
Course Content
Foundations
Core concepts and groundwork
Engagement scoping, rules of engagement and legal basics
Reading
Passive recon โ OSINT, WHOIS and certificate transparency
Reading
Active recon โ Nmap scanning and service fingerprinting
Reading
Subdomain enumeration and attack surface mapping
Reading
Vulnerability scanning with Nessus/OpenVAS
Reading
Practice โ full recon sweep of a lab target range
Exercise
Core Skills
Essential techniques and patterns
Metasploit framework โ modules, payloads and sessions
Reading
Buffer overflows โ stack basics and shellcode concepts
Reading
Privilege escalation on Linux โ SUID, cron, kernel exploits
Reading
Privilege escalation on Windows โ services, tokens, DLL hijack
Reading
Password cracking โ Hashcat, John the Ripper and wordlists
Reading
Practice โ exploit and escalate privileges on a HackTheBox-style VM
Exercise
Applied Practice
Hands-on, real-world scenarios
Exploiting OWASP Top 10 vulnerabilities end-to-end
Reading
Burp Suite Professional workflow for manual testing
Reading
Man-in-the-middle attacks โ ARP spoofing and SSL stripping
Reading
Active Directory attacks โ Kerberoasting and pass-the-hash
Reading
Lateral movement and pivoting through networks
Reading
Practice โ compromise an Active Directory lab environment
Exercise
Advanced Topics
Deeper, more complex material
Wireless security โ WPA2/WPA3 attacks and rogue APs
Reading
Social engineering tactics โ phishing and pretexting
Reading
Building a phishing simulation with GoPhish
Reading
Physical security and badge-cloning awareness
Reading
Red team vs pentest vs purple team engagements
Reading
Practice โ run a phishing simulation campaign
Exercise
Production & Scale
Building for the real world
Persistence mechanisms and command-and-control basics
Reading
Data exfiltration techniques and detection evasion
Reading
Covering tracks vs ethical reporting obligations
Reading
Writing an executive summary and technical findings report
Reading
CVSS scoring and remediation prioritisation
Reading
Practice โ write a professional pentest report from lab findings
Exercise
Mastery & Capstone
Projects and final review
Project brief โ full-scope external + web app engagement
Reading
Recon, scan and identify the attack chain
Exercise
Exploit, escalate privileges and move laterally
Exercise
Document evidence and CVSS-score every finding
Exercise
Capstone โ submit full penetration test report
Project
100% Free ยท All lessons unlocked
Topic Overview
What you'll learn
- Core concepts and fundamentals of Offensive Security & Penetration Testing
- Industry best practices and design patterns
- Hands-on exercises with real-world scenarios
- Performance optimization and advanced techniques
- Building production-ready applications