We can host this training at your preferred location. Contact us!

Evasion Techniques and Breaching Defenses (PEN-300) is an advanced penetration testing course. Learners who complete the course and pass the exam will earn the OffSec Experienced Pentester (OSEP) certification. This course builds on the knowledge and techniques taught in Penetration Testing with Kali Linux, teaching learners to perform advanced penetration tests against mature organisations with an established security function and focuses on bypassing security mechanisms that are designed to block attacks. The OSEP is one of three certifications making up the OSCE³ certification along with the OSWE for advanced web attacks and OSED for exploit development.

Solid ability in enumerating targets to identify vulnerabilities
The ability to identify and exploit vulnerabilities like SQL injection, file inclusion, and local privilege escalation
A foundational understanding of Active Directory and knowledge of basic AD attacks

Bypass defences
Perform advanced attacks while avoiding detection
Compromise systems configured with security in mind
Those who complete the course and pass the 48-hour exam earn the Offensive Security Experienced Penetration Tester (OSEP) certification
Preparation for more advanced field work
Knowledge of breaching network perimeter defences through client-side attacks, evading antivirus and allow-listing technologies
How to customise advanced attacks and chain them together

About the Exam

The PEN-300 course and online lab prepares you for the OSEP certification
48-hour exam
Proctored

Module 1 - Operating System and Programming Theory

Programming Theory
Operating System and Programming Theory
Client Side Code Execution With Office

Module 2 - Client Side Code Execution With Office

Will You Be My Dropper
Phishing with Microsoft Office
Keeping Up Appearances
Executing Shellcode in Word Memory
PowerShell Shellcode Runner
Keep That PowerShell in Memory
Talking To The Proxy
Wrapping Up

Module 3 - Client Side Code Execution With Windows Script Host

Creating a Basic Dropper in Jscript
Jscript and C#
In-memory PowerShell Revisited
Wrapping Up

Module 4 - Process Injection and Migration

Finding a Home for Our Shellcode
DLL Injection
Reflective DLL Injection
Process Hollowing
Wrapping Up

Module 5 - Introduction to Antivirus Evasion

Antivirus Software Overview
Simulating the Target Environment
Locating Signatures in Files
Bypassing Antivirus with Metasploit
Bypassing Antivirus with C#
Messing with Our Behaviour
Office Please Bypass Antivirus
Hiding PowerShell Inside VBA
Wrapping Up

Module 6 - Advanced Antivirus Evasion

Intel Architecture and Windows 10
Antimalware Scan Interface
Bypassing AMSI With Reflection in PowerShell
Wrecking AMSI in PowerShell
UAC Bypass vs Microsoft Defender
Bypassing AMSI in JScript
Wrapping Up

Module 7 - Application Whitelisting

Application Whitelisting Theory and Setup
Basic Bypasses
Bypassing AppLocker with PowerShell
Bypassing AppLocker with C#
Bypassing AppLocker with JScript
Wrapping Up

Module 9 - Bypassing Network Filters

DNS Filters
Web Proxies
IDS and IPS Sensors
Full Packet Capture Devices
HTTPS Inspection
Domain Fronting
DNS Tunnelling
Wrapping Up

Module 10 - Linux Post-Exploitation

User Configuration Files
Bypassing AV
Shared Libraries
Wrapping Up

Module 11 - Kiosk Breakouts

Kiosk Enumeration
Command Execution
Post-Exploitation
Privilege Escalation
Windows Kiosk Breakout Techniques
Wrapping Up

Module 12 - Windows Credentials

Local Windows Credentials
Access Tokens
3 Kerberos and Domain Credentials
Processing Credentials Offline
Wrapping Up

Module 13 - Windows Lateral Movement

Remote Desktop Protocol
Fileless Lateral Movement
Wrapping Up

Module 14 - Linux Lateral Movement

Lateral Movement with SSH
DevOps
Kerberos on Linux
Wrapping Up

Module 15 - Microsoft SQL Attacks

MS SQL in Active Directory
MS SQL Escalation
Linked SQL Servers
Wrapping Up

Module 16 - Active Directory Exploitation

AD Object Security Permissions
Kerberos Delegation
Active Directory Forest Theory
Burning Down the Forest
Going Beyond the Forest
Compromising an Additional Forest
Wrapping Up

Module 17 - Combining the Pieces

Enumeration and Shell
Attacking Delegation
Owning the Domain
Wrapping Up

Module 18 Trying Harder: The Labs

Real Life Simulations
Wrapping Up

OffSec PEN-300 (OSEP) Training Course in Norway

The Nordic country Norway, is in Northern Europe. Known for its stunning natural beauty, including fjords, mountains, and forests, Norway is also famous for its high standard of living and strong social welfare system. Norway's capital and largest city is Oslo. Tromsø, Bergen, Trondheim and Stavanger are the other tourist attracting cities of Norway.

Norway is a constitutional monarchy with King Harald V as the head of state. The country has a population of 5,425,270 as of January 2022. Norway is a relatively small country and has a relatively low population density, with much of its land area covered by forests, mountains, and fjords. Despite its small size, Norway is known for its rich cultural heritage, strong economy, and stunning natural beauty, which attracts millions of visitors every year. This Nordic country is also known for its winter sports, such as skiing and snowboarding, and is a popular destination for outdoor enthusiasts.

Norway has a long history of invention and is home to numerous more top-tier tech firms and research facilities, such as; Kongsberg Gruppen, Telenor, Atea, Evry and Gjensidige Forsikring.

Due to the country's high latitude, there are large seasonal variations in daylight. From late May to late July, the sun never completely descends beneath the horizon. Which attracts many tourists around the world to see the "Land of the Midnight Sun". Tourists mainly visit Sognefjord, Norway's Largest Fjord, Pulpit Rock, one of the most photographed sites in Norway and of course the capital; Oslo.

Oslo is considered the business center of Norway. It is the country's largest city and the capital of Norway. The city is home to many of Norway's largest and most important companies, as well as several international organizations and research institutions. Additionally, the city is a popular tourist destination, known for its scenic location on the Oslo Fjord, its many museums and cultural attractions, and its vibrant nightlife and dining scene. Some of the most popular museums in Oslo are The Norwegian Museum of Cultural History, The Nobel Peace Center, The National Museum of Art, Architecture, and Design, The Munch Museum and The Vigeland Museum.

OffSec PEN-300 (OSEP) Training in Norway

Upcoming Trainings

Related Trainings

OffSec PEN-300 (OSEP) Training in Norway

Prerequisites

What You Will Learn

Outline

Upcoming Trainings

Related Trainings