OffSec Official Learning & Channel Partner

The modern attacker's perspective — as a skill inside your team.

We deliver the full OffSec catalog across DACH, MENA and GCC — for individual learners and enterprise teams. Trainers who actually pentest between courses.

OSCPOSEPOSWEOSWAOSDAOSIROSTHOSEDOSMROSWPOSCCOSAI
For individual learners

Certify what you already know — or build a new specialisation.

From entry-level to senior consultant: we guide you through OSCP, OSEP, OSWE, OSDA and the rest of the OffSec catalog — with 1:1 mentoring, exam prep, and access to real attack scenarios from our live engagements.

  • OSCP bootcamps led by active pentesters.
  • EUR invoicing via German bank account — no credit card required.
  • 1:1 mentoring and exam prep.
  • Career paths: pentester, red teamer, SOC analyst, threat hunter.
For enterprise teams

Audit-ready skill evidence for your security team — at OffSec standard.

Learn Enterprise is the platform solution for whole teams: reassignable licences, progress reporting, LMS integration and onboarding paths that make new hires productive in weeks rather than months. We deliver the full OffSec catalog plus DACH-localised support, TIBER-/DORA-aligned vendor processes, and trainers who actually pentest between courses.

  • Reassignable licences when staff move on.
  • Progress and certification reporting for audit evidence.
  • LMS integration and structured onboarding paths.
  • Cyber ranges: live attack scenarios instead of slide decks.
  • Vendor onboarding aligned with ISO 27001, BSI IT-Grundschutz, TIBER-EU and DORA.
Why Exploit Labs — instead of OffSec direct

Original OffSec curriculum. Local support, EUR billing, regulatory clarity.

Local expertise, in your language

Original OffSec courses combined with local-language support and 1:1 mentoring — so your team applies what they learn.

Regulatory safety

Based in Germany. Meets ISO 27001, BSI IT-Grundschutz, TIBER-EU and DORA requirements. Vendor due diligence and third-party risk assessments without friction.

Billing in EUR

Payment via German bank account in Euro. No cross-border transactions, no FX risk, no credit-card requirement.

Exclusive extras

Beyond standard OffSec bootcamps: extra trainings, 1:1 mentoring, and access to attack scenarios from our live engagements.

Trainers with a dual role

Our trainers are active red team consultants and pentesters — with real project experience from banks, insurers and critical infrastructure.

Strategic partner

From first enquiry to sustained capability — including career guidance, exam prep, and follow-on engagements.

The full OffSec catalog

From foundational level to senior exploit development.

SEC-100OSCC-SEC

CyberCore — Security Essentials

Foundational · Offensive

Solid entry-level foundation: offensive and defensive techniques, network and system admin, scripting, cloud security and secure coding. Hands-on labs plus a 6-hour proctored exam with Attack, Defend and Build phases.

PEN-200OSCP

Penetration Testing with Kali Linux

200 · Offensive

The globally recognised pentesting standard. Plan attacks, compromise networks, exploit vulnerabilities — in realistic lab environments. Ends in OSCP, the international benchmark for penetration testers.

PEN-210OSWP

Foundational Wireless Network Attacks

Foundational · Wireless

Solid foundation in wireless pentesting. Analyse WiFi networks, exploit weaknesses. Ideal for practitioners deepening their wireless security skills. Ends in OSWP.

PEN-300OSEP

Advanced Evasion Techniques & Breaching Defenses

300 · Offensive

Senior-level advanced penetration testing. EDR evasion, bypassing controls, red-team techniques in realistic scenarios. Ends in the coveted OSEP certification.

WEB-200OSWA

Foundational Web Application Assessments

200 · Offensive

Hands-on coverage of the most common web weaknesses: SQL injection, XSS, session hijacking and more. For developers and security professionals mastering web application security. Ends in OSWA.

WEB-300OSWE

Advanced Web Attacks & Exploitation

300 · Offensive

Complex web attacks in a white-box environment. Deep code analysis, exploit chaining, authentication bypasses. Ends in OSWE — a must for web security specialists.

SOC-200OSDA

Security Operations & Defensive Analysis

200 · Defensive

For aspiring SOC analysts and threat hunters. SIEM-based practice: detect, analyse and respond to attacks. Ends in OSDA — evidence of solid defensive security skills.

IR-200OSIR

Foundational Incident Response

200 · Defensive

The full incident response lifecycle: preparation, detection, containment, eradication, recovery, post-mortem. Hands-on labs in forensics, communications, case management and malware analysis. Ends in OSIR.

TH-200OSTH

Foundational Threat Hunting

200 · Defensive

Core threat hunting skills: threat landscape analysis (APTs, ransomware), endpoint and network IoC detection, proactive methods without pre-defined indicators. Challenge lab plus OSTH certification.

EXP-301OSED

Windows User Mode Exploit Development

300 · Exploit Dev

Entry to Windows exploit development: bypass DEP and ASLR, build ROP chains, write shellcode. Ends in OSED — evidence of deep Windows security and exploit-dev expertise.

EXP-312OSMR

Advanced macOS Control Bypasses

300 · Exploit Dev

Focused on macOS exploits and privilege escalation. Assess Apple systems for weaknesses, bypass controls deliberately. Ends in OSMR — specialist status for macOS security research.

SJD-100OSCC-SJD

Secure Java Development Essentials

Foundational · Secure Coding

For developers: secure Java programming, common attack scenarios, best practices. OSCC-SJD positions you as the go-to voice in secure coding and development teams.

Plans & pricing

From CyberCore to Learn Enterprise.

Course + Cert Bundle and Learn One are single-course packages: at checkout you pick one course from the OffSec catalog (OSCP, OSEP, OSWE, OSDA …). Learn Enterprise gives your team access to the entire catalog — see the table below for the exact differences.

Already know what you need? Head straight to checkout. Still weighing options? Get in touch — we'll help you pick. Prices in EUR, net, plus statutory VAT.

FeatureCyberCore™Course + Cert BundleLearn OneLearn Enterprise
Lab access (days)36590365365
Exam attempts212 + 1× KLCP + 1× OSWP6 per seat/year · KLCP/OSWP unlimited
100-level courses
200- & 300-level courses
Fundamentals learning paths
Proving Grounds Play
Proving Grounds Practice
PEN-103 access
PEN-210 accessoptional
Reassignable licence5+ seats
Price (net, +VAT)€800€1.545€2.425€5.500+
CyberCore™
€800 + VAT

One-time · EUR invoice · VAT calculated at checkout.

Course + Cert Bundle
€1.545 + VAT

One-time · EUR invoice · VAT calculated at checkout.

Learn One
€2.425 + VAT

One-time · EUR invoice · VAT calculated at checkout.

Learn Enterprise
€5.500 / seat / year · + VAT
Subtotal: 27,500
Exploit Bootcamps

Game of Active Directory — 2-day Windows AD hacking with Kali Linux.

Our own bootcamps — on-site in Reykjavík and Dubai or fully remote in German. Hands-on attack paths: enumeration, Kerberos attacks, lateral movement, domain dominance. Prices per format below (net, plus VAT).

What is Game of Active Directory (GOAD v3)?

GOAD is Orange Cyberdefense's open-source Active Directory lab — now the de-facto standard for practising real-world Windows AD attack techniques. Version 3 uses Ansible to spin up a full multi-forest with two domains (sevenkingdoms.local and north.sevenkingdoms.local) plus a trust-linked essos.local — five Windows servers, an IIS web host and an MSSQL host, intentionally misconfigured.

In the bootcamp you work the full chain: unauthenticated recon and AS-REP roasting, LLMNR/NBT-NS poisoning with Responder, SMB relay against unhardened hosts, Kerberoasting and silver/golden tickets, ACL abuse (GenericAll, WriteDACL) via BloodHound, delegation attacks (unconstrained, constrained, RBCD), coercion via PetitPotam, MSSQL linked-server abuse, ADCS abuse (ESC1/ESC8), and cross-domain / cross-forest movement using SID history and trust tickets — all the way to enterprise admin.

All you need is a laptop with Kali Linux (VM or native). Everything else — toolchain, cheat-sheets, attack paths — is provided.

Exploit Online (DE)
129 € + VAT

Game of Active Directory · 2 days

  • Online · German
  • 1–2 Dec 2026 · Remote
Or request invoice / group booking
Join the waiting list
Exploit Iceland — live bootcamp logoExploit Iceland
999 € + VAT

Game of Active Directory · 2 days

  • Reykjavík
  • 15–16 Oct 2026 · Venue: TBA
Or request invoice / group booking
Join the waiting list
Exploit Dubai — live bootcamp logoExploit Dubai
999 € + VAT

Game of Active Directory · 2 days

  • Dubai
  • 5–6 Nov 2026 · Venue: TBA
Or request invoice / group booking
Join the waiting list
Red Blue Alliance · Partner Trainings

OffSec live trainings with our partner Red Blue Alliance.

We co-deliver selected OffSec courses with Red Blue Alliance. Registration and pricing directly at redbluealliance.com.

PEN-200 · OSCP+

Penetration Testing with Kali Linux

  • 31 Aug – 04 Sep 2026 · Frankfurt · 5-day intensive · Guaranteed
  • 27 Oct – 19 Nov 2026 · Online · 4 Tuesdays 9–17 CET · from 5 attendees
Dates & pricing on Red Blue Alliance
AI-300 · OSAI+ (Neu)

Advanced AI Red Teaming

  • Coming soon · 8×4 h online (14–18 CET) · Waiting list
Dates & pricing on Red Blue Alliance
The difference

A decade of live-earned exploits

Supplementary material from ten years of live operations — techniques you won't find in a slide deck.

Trainers who run live engagements

Not full-time trainers — practitioners who actually pentest and run red team engagements between courses.