Provided by

Enquire about this course


OffSec Cyber Range (OCR) offers the most realistic hands-on, in-depth labs on the market that emulate enterprise environments, allowing your team to hone their technical, mental, and tactical skills in recognising and handling real-world incidents. OCR is tightly integrated with the OffSec learning library academy, to help the learners discover and gain new skills and knowledge as they sharpen their skills in OCR.

OCR Red ;Attack; is the perfect Red Teamer environment to continually advance and develop red team skills.



OCR is a simulated real-world cyber environment containing commonly seen network configurations and vulnerabilities. The labs are updated regularly with the latest exploit vectors for the offensive and defensive teams to:
  • Sharpen their skills and stay up to date on the latest cyber threats
  • Be confident knowing they are qualified to do their job well, in the constantly changing cyber world.
  • 75+ machines
  • 30+ networks
  • 17 chains
  • 13 single machines
  • Individual instances of all OCR machines
  • Powered up on demand
  • Enterprise Reporting
  • Sort by attack types
  • Access Mission Objectives
  • New attack type
Attack Types

OCR Red ;Attack; is the perfect Red Teamer environment to continually advance and develop red team skills and prepare for your OffSec exam. Attacks types include:
  • Windows and Linux machines: Explore vulnerabilities and misconfigurations specific to both Windows and Linux operating systems. Gain insights into privilege escalation, lateral movement, and post-exploitation techniques on these platforms.
  • Active Directory: Understand the importance of Active Directory (AD) in many corporate environments and learn how to exploit AD misconfigurations, weak authentication, and insecure permissions.
  • Web application: Learn about common web application vulnerabilities, like cross-site scripting (XSS), SQL injection, and remote code execution, to effectively assess and secure web applications.
  • Phishing attacks: Delve into social engineering techniques used to deceive individuals and trick them into revealing sensitive information or performing actions that compromise security.
  • Supply chain attacks: Examine attacks that exploit vulnerabilities in the supply chain to compromise hardware, software, or services before they reach the end-users.
  • CVE attacks: Study how attackers leverage known vulnerabilities (CVEs) in software and systems to gain unauthorized access or execute malicious code.
  • XDay attacks: Explore targeted attacks, zero-day vulnerabilities, and sophisticated intrusion techniques employed by advanced persistent threats (APTs) and nation-state actors.


Start date Location / delivery
No fixed date United Kingdom Book now
01132207150 01132207150

Related article

The Cyber Pulse is QA's new portal to free Cyber content, including on-demand webinars, articles written by leading experts,