Official Training Partner

Home Courses PEN-300: Evasion Techniques and Breaching Defenses

PEN-300: Evasion Techniques and Breaching Defenses

Develop advanced ethical hacking skills, including executing client-side attacks, bypassing application whitelisting, and performing advanced Active Directory attacks
Earn OffSec’s Experienced Penetration Tester (OSEP) certification upon passing the exam

4.5

Successfully delivered 49 sessions for over 91 professionals

Certification & Provider Information

Certification

OSEP

Certification Body

Offensive Security

Course Provided By

OffSec

PEN-300 is an advanced penetration testing course for experienced offensive security practitioners. Building on the skills taught in PEN-200, PEN-300 focuses on real-world techniques for breaching and operating within hardened targets and mature organizations with established security programs. The course emphasizes hands-on development of techniques and tooling, encouraging learners to move beyond off-the-shelf solutions and craft custom approaches that work against modern defenses and evolving cyber threats.

Learners will practice advanced offensive techniques covering client-side exploitation, social engineering, credential theft, lateral movement, privilege escalation, and persistence. The curriculum teaches how to evade detection from EDR and AV solutions, live off the land, and exploit application and operating system weaknesses across Windows and Linux environments.

What You’ll Learn

Advanced offensive techniques and tool development
Learn when to use common frameworks such as Metasploit and when to build custom toolchains or exploits tailored to the target environment.

Client-side attacks and social engineering
Design and execute convincing client-side vectors that compromise users and applications, including advanced phishing methods.

EDR and AV evasion
Master advanced antivirus evasion tactics, detection avoidance strategies, process migration, and in-memory payload delivery techniques.

Privilege escalation and lateral movement
Chain exploits to escalate privileges on Windows and Linux hosts, leverage Active Directory weaknesses, and reduce exposure created by a single misconfiguration or vulnerability.

Advanced Windows offensive tradecraft
Cover Windows-specific techniques such as credential harvesting, exploitation of administrative groups, persistence mechanisms, reflection-based stealth techniques, and executing staged payloads directly in memory.

Application exploitation
Find and exploit weaknesses in modern application stacks, including Java and JavaScript components, and craft reliable attack vectors against web and enterprise applications.

Maintaining access and post-exploitation
Implement advanced methods for persistence, data exfiltration, and long-term control while minimizing detection risk and protecting sensitive data.

Course Structure and Hands-on Work

PEN-300 is organized into 20-plus modules. Each module begins with theory and then moves into practical application through hands-on exercises and code examples. Many modules include video walk-throughs for visual learners. After completing the modules, learners apply what they learned in seven Challenge Labs that simulate complex, realistic engagements and prepare them for the OSEP exam. The exam requires demonstration of the ability to identify, exploit, and report on vulnerabilities, including the development of custom exploits, reflecting professional pen test reporting standards.

Prerequisites

This course is intended for those with a strong foundation in offensive security. We expect students to have completed PEN-200 and passed OSCP+ or to possess equivalent knowledge and experience. Learners should be comfortable with operating systems, TCP/IP networking, scripting (for example Python or Bash), and basic exploit development. Without that base, students may find the material challenging.

Certification

Upon successful completion of the proctored exam, learners earn OffSec’s Experienced Penetration Tester certification, OSEP, validating practical pen testing capability in advanced offensive security engagements.

Develop client-side attack techniques using Microsoft Office and other common applications, including building a reliable attack vector

Master antivirus evasion methods and tools

Bypass application whitelisting mechanisms like AppLocker

Implement advanced lateral movement strategies in Windows and Linux environments

Conduct sophisticated Active Directory exploitation and attacks to uncover hidden vulnerabilities

Evade network detection systems, including IDS and IPS

Perform advanced exploitation of Microsoft SQL and Active Directory

Use advanced programming concepts and Win32 APIs for attack development

The PEN-300 course is ideal for:

Experience penetration testers and security professionals
Those seeking to master advanced penetration testing methodologies
Existing OSCP+ certification holders

While the completion of PEN-200 (Penetration Testing with Kali Linux) is not a formal prerequisite, it is highly recommended due to the advanced nature of PEN-300.

All learners are recommended to have either taken Penetration Testing with Kali Linux (PEN-200) and passed the OSCP+ certification or have equivalent knowledge and skills.

These skills include:

Working familiarity with Kali Linux and the Linux command line
Solid ability in the enumeration of targets to identify vulnerabilities
Basic scripting abilities in Bash, Python, and PowerShell
Ability to identify and exploit vulnerabilities like SQL injection, file inclusion, and local privilege escalation
Foundational understanding of Active Directory and knowledge of basic AD attacks
Familiarity of C# programming is a plus for this course

Up to 40 (ISC)² CPE credits

Course Information

Course Code: OSEP
Duration: Self Paced
Level: Foundation
Language: English
Delivery Mode: E-Learning Self-Paced

Need Help Choosing?

Talk to our course advisor for personalized guidance

Felice.deangelis@proficegroup.it

Course Curriculum

Operating System and Programming Theory

Study memory management, process scheduling, file systems, and other essential OS components, gaining a solid foundation for understanding and exploiting vulnerabilities

Client-Side Code Execution with Office

Focus on leveraging known vulnerabilities in Microsoft Office applications to craft malicious documents that trigger code execution on a victim’s machine, gaining unauthorized access and control

Client-Side Code Execution with Jscrip

Exploit Jscript for code execution attacks, gaining unauthorized access and control of machines in Windows environments

Process Injection and Migration

Master the art of stealth and persistence by injecting malicious code into legitimate running processes, migrating between processes to evade detection and maintain control when processes are terminated

Introduction to Antivirus Evasion

Create malware that goes undetected with basic techniques like obfuscation and packing to bypass and evade antivirus software

Advanced Antivirus Evasion

Use advanced methods like signature-based and heuristic-based evasion to create malware that goes undetected by complex antivirus solutions

Application Whitelisting

Bypass security measures intended to restrict the execution of unauthorized software

Bypassing Network Filters

Gain access to restricted resources and networks with different techniques for bypassing network filters and firewalls

Linux Post-Exploitation

Navigate file systems, manipulate user accounts, extract sensitive information, and establish persistent backdoors on compromised Linux systems

Windows Post-Exploitation

Navigate file systems, manipulate user accounts, extract sensitive information, and establish persistent backdoors on compromised Windows systems

Kiosk Breakouts

Break out of restricted kiosk environments like ATMs or point-of-sale terminals to gain control of their operating systems

Windows Credentials

Use different methods and techniques to extract valuable credentials like passwords and hashes from Windows systems

Windows Lateral Movement

Exploit trust relationships, leverage vulnerabilities in services and protocols with tools like PsExec and Mimikatz to gain access to systems throughout a compromised Windows network

Linux Lateral Movement

Exploit trust relationships, leverage vulnerabilities in services and protocols to gain access to systems throughout a compromised Linux network

Microsoft SQL Attacks

Attack vulnerabilities in Microsoft SQL Server databases to extract sensitive data, escalate privileges, and gain control over entire systems

Active Directory Exploitation

Exploit vulnerabilities in Active Directory to compromise domains in Windows networks

Combining the Pieces

Combine multiple exploits, techniques, and tools to create complex, multi-stage attacks to bypass multiple layers of security

Trying Harder

Apply your knowledge and skills in challenging, real-world scenarios with complex network environments, hardened security measures, and realistic attack scenarios

Course Pricing Options

Choose the package that best fits your learning needs

Self Paced Learning - 90 Days Access

Access for 90 days to Full-elearning on demand in English + Labs + exam voucher

Regular Price

€ 1,946.00

Self Paced Learning - 365 Days Access

Access for 90 days to Full-elearning on demand in English + Labs + exam voucher

Regular Price

€ 3,000.00

Early Bird Discount

Book 30 days in advance for 5% OFF

Group Discounts

10% OFF for >3 participants

Send Course Enquiry

Fill out the form and we will get back to you within 24 hours

Full Name *

Email Address *

Phone Number *

Training Mode *

Company Name (Optional)

Your Message *

Email: felice.deangelis@proficegroup.it

Whatsapp: +39 393 390 9401

Why Choose Profice?

India's Leading Training Partner with Proven Track Record

Official Partner

Authorized Training Partner delivering official curriculum

Expert Instructors

Learn from certified professionals with 10+ years experience

Hands-on Labs

Real-world projects and 24/7 lab environment access

95% Pass Rate

Industry-leading certification exam success rate

Job Assistance

Dedicated placement support with 500+ hiring partners

Lifetime Support

Ongoing mentorship and community access after course

Ready to Transform Your Career?

Join thousands of professionals who have achieved their certification goals with us

Enroll Now

2,500+ Alumni

4.8/5 Rating

NIS2 COMPLIANCE AND NIST2 CYBERSECURITY SPECIALIST

CCSP-Certified Cloud Security Professional

CISSP - Certified Information System Security Professional

ITIL® 4 FOUNDATION

ITIL® 4 LEADER: DIGITAL AND IT STRATEGY - DITS

ITIL® 4 SPECIALIST: ACQUIRING & MANAG. CLOUD SERVICES - AMCS

ITIL® 4 Specialist: Create, Deliver & Support Certification Course and Exam - CDS

ITIL® 4 Specialist: Drive Stakeholder Value - DSV

ITIL® 4 Specialist Certification Course with Exam: High Velocity IT- HVIT

ITIL® 4 SPECIALIST: IT ASSET MANAGEMENT - IT AM

ITIL® 4 STRATEGIST: DIRECT, PLAN AND IMPROVE - DPI

PRINCE2 FOUNDATION

PRINCE2 PRACTITIONER

AI ESSENTIALS

AI+ Everyone™

AI+ Executive™

AI+ Foundation™

AI+ Prompt Engineer Level 1™

AI BUSINESS

AI+ Chief AI Officer™

AI+ Finance™

AI+ Legal™

AI+ Marketing™

AI+ Product Manager™

AI+ Project Management Practitioner™

AI+ Project Manager™

AI+ Sales™

AI SECURITY

AI+ Ethical Hacker™

AI+ Security Compliance™

AI+ Security Level 1™

AI+ Security Level 2™

AI+ Security Level 3™

AI CLOUD

AI+ Architect™

AI+ Cloud™

AI DEVELOPMENT

AI+ Developer™

AI+ Engineer™

AI+ Prompt Engineer Level 2™

AI SPECIALIZATION

AI+ Agent™

AI+ UX Designer™

AI DATA & ROBOTICS

AI+ Data Agent™

AI+ Data™

AI+ Robotics™

BLOCKCHAIN & BITCOIN

Bitcoin+ Developer™

Bitcoin+ Everyone™

Bitcoin+ Executive™

Bitcoin+ Security™

Blockchain+ Developer™

Blockchain+ Executive™

ETHICAL HACKING

CEH v13

NETWORK SECURITY

CND v3

CCT

ICS/SCADA

COMPUTER FORENSICS

CHFI

Dark Web Forensic Workshop

EC-FDDW

INCIDENT HANDLING

CTIA v2

ECIH v3

CSA v2

TIE

PEN TESTING

CPENT v2

WAHS

APPLICATION SECURITY

CASE JAVA

CASE .NET

ECDE

DSE

ENCRYPTION

ECES

EXECUTIVE MANAGEMENT

ESCM Expert Scrum Master Certified