Evasion Techniques and Breaching Defences from Offensive Security

Online, Self-Paced

Evasion Techniques and Breaching Defenses (PEN-300) is an advanced penetration testing course. It builds on the knowledge and techniques taught in Penetration Testing with Kali Linux, teaching students to perform advanced penetration tests against mature organizations with an established security function. As a general rule, it will not specifically deal with the act of evading a blue team but rather focus on bypassing security mechanisms that are designed to block attacks. This course is one of the replacements for the Cracking the Perimeter (CTP) course, which was retired October 15, 2020. Students will learn how to: Bypass defenses Perform advanced attacks while avoiding detection Compromise systems configured with security in mind Those who complete the course and pass the 48-hour exam earn the Offensive Security Experienced Penetration Tester (OSEP) certification. The OSEP is one of three certifications making up the new OSCE³ certification, along with the OSWE for web application security and the OSED for exploit development.

Learning Objectives

Preparation for more advanced field work Knowledge of breaching network perimeter defenses through client-side attacks, evading antivirus and allow-listing technologies How to customize advanced attacks and chain them together

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

Exploitation Analysis
Vulnerability Assessment and Management

Overall Proficiency Level

3 - Advanced

Course Catalog Number

PEN-300

Course Prerequisites

We strongly suggest that students taking PEN-300 have either taken PWK and passed the OSCP certification, or have equivalent knowledge and skills in the following areas: Working familiarity with Kali Linux and Linux command line Solid ability in enumerating targets to identify vulnerabilities Basic scripting abilities in Bash, Python, and PowerShell Identifying and exploiting vulnerabilities like SQL injection, file inclusion, and local privilege escalation Foundational understanding of Active Directory and knowledge of basic AD attacks Familiarity with C# programming is a plus

Training Purpose

Functional Development

Skill Development

Specific Audience

All

Delivery Method

Online, Self-Paced

More courses from this provider:

Offensive Security

Contact Information

Offensive Security
230 Park Avenue
3rd Floor
New York, NY 10169

Visit course page for more information on Evasion Techniques and Breaching Defences

Feedback

If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.