Offensive Methodology & Analysis (OMA)

Upcoming Courses

October 15 – 26, 2018


Cost (single seat): $10,000
Course Length: 10 Days

Additional group and government discounts available. Contact Parrot Labs for more information.

 Download Course Catalog

What will you get out of OMA?

This course consists of extensive hands-on labs that allow you to gain proficiency in offensive methodologies and analysis. Upon leaving this course, you will be able to apply these techniques, tactics and procedures (TTPs) to your current cyber role.

What makes OMA unique?

You’ll perform exercises and scenarios in a sandboxed network, allowing you to practice and learn at your own pace without affecting other students.

Why should you enroll in OMA?

Learn to Exploit and Expand Access into Remote Networks Using Open Source Tools.

    • Use client-side exploits against web browsers
    • Deploy and control a botnet
    • Learn how to tunnel and pivot deep into a network


OMA teaches the essentials of remote network exploitation by demonstrating offensive methodologies in a coherent framework. In this two-week class, you’ll learn how to analyze remote networks, understand what the domain controller does, learn how to find credentials, expand access across a network, and much more!


OMA provides an in-depth look at the essentials of remote network exploitation, from scanning and enumeration of a network space down to performing client-side attacks, which are quickly becoming the most reliable vector into target networks.This course is for people who love network and computer security, programmers, and people who are responsible for protecting their organizations’ networks from threats.

In this class you will use real exploits against simulated targets. For example, you will perform spear-phishing attacks against email addresses found in your scenario. Our remote target computers will check their email and open your exploit attachments and links. All exploits are performed in a realistic network with routing, public IP addresses and domain names. But don’t worry! Our network is safely sandboxed to prevent any accidents. Parrot Labs Cyber Mission Training provides a persistent and secure training environment where you can learn and practice new skills without worry.

What topics are covered in OMA?



The course begins with an overview of the Offensive Methodology and  Information Gathering using open source tools.


The first steps include scanning networks and servers using nmap, analyzing network packets (at a low level), and using simple Python scripts to scan and enumerating remote web browsers.


Using  the Metasploit Framework (MSF)  and SOCKS proxy tunnels, accessing the network is the next step. You’ll then perform manual Cross Site Scripting (XSS) and SQL Injection to compile and deploy actual malware in order to set up a small botnet.


Once you’ve successfully entered the network, you’ll explore the Windows Registry, Offensive Digital Forensics, and Windows Active Directory queries. After gaining access to the system, you’ll search for files of interest, learn to crack passwords, and use the pass-the-hash technique to maneuver around a remote Windows network.


In the final phase, you’ll review routing and network infrastructures, analyze antivirus evasion techniques, steal credentials to gain access to routers and crack Cisco passwords.


The course concludes with a full-day capstone that combines the skills learned throughout the course.

The ACE CREDIT logo is a registered trademark of the American Council on Education and cannot be used or reproduced without the express written consent of the American Council on Education.