For a Dutch version of this text click here.

PEN-300 is an advanced self-paced online or instructor-led training for OSCP-level penetration testers who want to further develop their skills in pentesting heavily secured (hardened) systems. The training builds on the knowledge and techniques learned in the OSCP / PEN-200 training and teaches participants to perform advanced penetration tests at mature organizations that have implemented good security measures and techniques. In this training you will not specifically learn to avoid a Blue Team, but to bypass security mechanisms that are designed to block attacks. You will learn and use skills in tailoring advanced attacks and after the training you will be able to link these attacks together.

With the OSEP PEN-300 training you will receive:

• 19+ hours of video material
• 700 pages of PDF study material
• Access to active participant forums
• 60 or 90 hours of access to the associated virtual lab environment

What will I know and master after this training?

• Operating System and Programming Theory
• Client Side Code Execution With Office
• Client Side Code Execution With Jscript
• Process Injection and Migration
• Introduction to Antivirus Evasion
• Advanced Antivirus Evasion
• Application Whitelisting
• Bypassing Network Filters
• Linux Post-Exploitation
• Kiosk Breakouts
• Windows Credentials
• Windows Lateral Movement
• Linux Lateral Movement
• Microsoft SQL Attacks
• Active Directory Exploitation
• Combining the Pieces
• Trying Harder: The Labs

Exam / Certification

This classroom or online self-paced training is the official preparation for the 48-hour hands-on OSEP exam with which the associated “Offensive Security Experienced Penetration Tester” title can be obtained.

Who is the OSEP / PEN-300 training suitable for?

Experienced penetration testers

Desired minimum prior knowledge?

• Basic knowledge of Python/Bash & PowerShell scripting
• Solid skills in naming targets and identifying associated vulnerabilities
• The ability to identify and exploit vulnerabilities such as SQL injection, file inclusion and local privilege escalation
• Fundamental knowledge of Active Directory and basic AD attacks

Duration of training

5 days in class, including 365 days access to OffSec Learn One license and lab environment.

OR

Self-study online - you determine the (lab) time you need and purchase it before you take the exam

Global content

• Evasion Techniques and Breaching Defenses: General Course Information
• Operating System and Programming Theory
• Client Side Code Execution With Office
• Client Side Code Execution With Windows Script Host
• Process Injection and Migration
• Introduction to Antivirus Evasion
• Advanced Antivirus Evasion
• Application Whitelisting
• Bypassing Network Filters
• Linux Post Exploitation
• Kiosk Breakouts
• Windows Credentials
• Windows Lateral Movement
• Linux Lateral Movement
• Microsoft SQL Attacks
• Active Directory Exploitation
• Combining the Pieces
• Trying Harder: The Labs

TSTC is the exclusive Dutch OffSec Accredited Training Partner.

Via us you only purchase official and current OffSec material, including lab time and exam.