Overview

OffSec Cyber Range (OCR) offers the most realistic hands-on, in-depth labs on the market that emulate enterprise environments, allowing your team to hone their technical, mental, and tactical skills in recognising and handling real-world incidents. OCR is tightly integrated with the OffSec learning library academy, to help the learners discover and gain new skills and knowledge as they sharpen their skills in OCR.

OCR Red ‘Attack’ is the perfect Red Teamer environment to continually advance and develop red team skills.

Read more +

Outline

OCR is a simulated real-world cyber environment containing commonly seen network configurations and vulnerabilities. The labs are updated regularly with the latest exploit vectors for the offensive and defensive teams to:

  • Sharpen their skills and stay up to date on the latest cyber threats
  • Be confident knowing they are qualified to do their job well, in the constantly changing cyber world.
  • 75+ machines
  • 30+ networks
  • 17 chains
  • 13 single machines

Features

  • Individual instances of all OCR machines
  • Powered up on demand
  • Enterprise Reporting
  • Sort by attack types
  • Access Mission Objectives
  • New attack type

Attack Types

OCR Red ‘Attack’ is the perfect Red Teamer environment to continually advance and develop red team skills and prepare for your OffSec exam. Attacks types include:

  • Windows and Linux machines: Explore vulnerabilities and misconfigurations specific to both Windows and Linux operating systems. Gain insights into privilege escalation, lateral movement, and post-exploitation techniques on these platforms.
  • Active Directory: Understand the importance of Active Directory (AD) in many corporate environments and learn how to exploit AD misconfigurations, weak authentication, and insecure permissions.
  • Web application: Learn about common web application vulnerabilities, like cross-site scripting (XSS), SQL injection, and remote code execution, to effectively assess and secure web applications.
  • Phishing attacks: Delve into social engineering techniques used to deceive individuals and trick them into revealing sensitive information or performing actions that compromise security.
  • Supply chain attacks: Examine attacks that exploit vulnerabilities in the supply chain to compromise hardware, software, or services before they reach the end-users.
  • CVE attacks: Study how attackers leverage known vulnerabilities (CVEs) in software and systems to gain unauthorized access or execute malicious code.
  • XDay attacks: Explore targeted attacks, zero-day vulnerabilities, and sophisticated intrusion techniques employed by advanced persistent threats (APTs) and nation-state actors.
Read more +

Cyber Security learning paths

Want to boost your career in cyber security? Click on the roles below to see QA's learning pathways, specially designed to give you the skills to succeed.

= Required
= Certification
Application Security
Cloud Security
Information Security Management
Security Risk
Cyber Tech Generalist
DFIR Digital Forensics & Incident Response
Industrial Controls & OT Security
NIST Pathway
OffSec
Privacy Professional
Security Auditor
Secure Coding
Cyber Blue Team
Vulnerability Assessment & Penetration Testing
AI Security
Reverse Engineer
Security Architect

Offensive Cyber Operations learning paths

Want to boost your career in the world of Offensive Cyber Operations? View QA's learning pathway below, specially designed to give you the skills to succeed.

= Required