top of page

Offensive Security Launches Bounty Program for User-Generated Machines

Offensive Security, the leading provider of hands-on cybersecurity training and certification, recently announced a new bounty program for user-generated content. Members of the infosecurity community can now receive cash bounties for submitting vulnerable virtual machines to Offensive Security (OffSec) that are eligible to be incorporated into the Proving Grounds training labs. OffSec is the only security training provider to offer bounty payments for content submissions, providing tangible rewards to the infosec community and expanding the content available in OffSec’s training labs.

“No matter how much training material you have consumed, the best way to demonstrate that you’ve acquired knowledge is to apply it,” said Ning Wang, CEO, Offensive Security. “By establishing this bounty program, OffSec is not only strengthening its training programs by incorporating the latest and greatest content from the community, we are offering people the chance to apply their knowledge by creating vulnerable machines and to get paid while doing it.”

Security professionals at all levels make extensive use of user generated machines to improve their skillsets and advance their careers. Many online communities, such as OffSec’s recently acquired VulnHub, exist solely for the purpose of sharing exploitable software with aspiring security professionals for training and development. Many industry professionals fortify their skillsets and build out their resumes by creating vulnerable systems that others can take advantage of. However these machines have traditionally been given away for free, making it difficult for machine developers to receive true value for their work.

With the new OffSec bounty program, members of the community can submit their exploitable applications through the OffSec portal and receive various cash bounties depending on the quality of the vulnerable system. If the machine meets OffSec’s criteria, it is incorporated into the OffSec Proving Grounds labs programs, where they remain available for free through PG Play.

Similar to bug bounty programs, the OffSec User Generated Machines program operates on payment tiers whereby different rewards are offered depending on which criteria the machine meets.

For further details on the user generated content program, read the FAQ or visit the OffSec website

About Offensive Security

Offensive Security is the leading provider of online penetration testing training and certification for information security professionals. Created by the community for the community, Offensive Security’s one-of-a-kind mix of practical, hands-on training and certification programs, virtual labs and open source projects provide practitioners with the highly-desired offensive skills required to advance their careers and better protect their organizations. Offensive Security is committed to funding and growing Kali Linux, the leading operating system for penetration testing, ethical hacking and network security assessments. For more information, visit and follow @offsectraining and @kalilinux.


bottom of page