Become a Partner
Add OffSec to your list of training providers
Partner with usOffSec Wins Seven Global InfoSec Awards during RSA Conference 2024
Read blogOffSec is happy to introduce our User-Generated Content (UGC) program. The program is open to the community and successful submissions will make their way to our PG Play, PG Practice, or other lab offerings where they will be exploited by thousands of users. All UGC is subject to a strict approval process by our Labs team. If accepted, and upon the successful completion of your submission review, you will receive compensation for your efforts
Read on to learn more about the several classes of requirements. As more of these requirements are met, the higher the payout per machine.
All virtual machines submitted to OffSec via the UGC program will be reviewed in detail by our labs team. This ensures your submission meets the same high standards that the virtual machines developed in-house do. All submissions have guidelines and stipulations that you need to adhere to in order to be accepted. Please read these guidelines in detail at our FAQ here.
Approved, qualifying submissions are eligible for a reward based on tiered categories. OfSec reserves the right to refuse any submission. OffSec is wholly responsible for determining the category the submission belongs to.
Submitted systems will likely fall into one of two common scenarios:
Only authors with 200 or above level certifications are eligible for bounties greater than $300.
Only Windows** and POSIX based operating systems (UNIX/LINUX) will be accepted for review at this time. Unfortunately, we cannot accept any other proprietary or commercial operating system submissions.
Submissions may meet varying levels of completeness, which will impact the compensation offered. We have detailed requirements, including alignment with the MITRE framework, exploitation walkthroughs, and system build scripts for each submission. All of this information is detailed in our submission FAQ.
OffSec is renowned for our high standards and we apply those same standards to all submissions. Your submission will be reviewed by our labs team, who will review every detail of your virtual machine and documentation. Your compensation will be based on the contents of the submission, including the actual exploit path, the creativity demonstrated, and the completeness of the submission. The more effort you put into your submission the greater the compensation awarded to you.
Please be sure to review our FAQ, which details all requirements for a submission, in detail. If you feel you are ready please use the form below to start the process.