SINCON 2024 — PEN-300 LIVE Training: Advanced Evasion Techniques & Breaching Defenses by OffSec

Evasion Techniques and Breaching Defenses (PEN-300) is an advanced penetration testing course. Learners who complete the course and pass the exam will earn the OffSec Experienced Pentester (OSEP) certification. This course builds on the knowledge and techniques taught in Penetration Testing with Kali Linux, teaching learners to perform advanced penetration tests against mature organizations with an established security function and focusing on bypassing security mechanisms that are designed to block attacks. The OSEP is one of three certifications making up the OSCE3 certification along with the OSWE for advanced web attacks and OSED for exploit development.

TRAINING PRICE

• Super Early Bird: $7,500 USD (Sign up by 30 September 2023)
• Early Bird: $8,000 USD (Sign up by 16 February 2024)
• Standard: $9,200 USD (Sign up by 31 March 2024)
• Late: $11,100 USD

BENEFITS

• Follow up to PEN-200 (PWK)
• Covers evasion and breaching techniques in greater depth
• Prepares learners for real-life Penetration Testing fieldwork

WHO IS THIS COURSE FOR?

• PEN-300 is an advanced course designed for OSCP-level penetration testers who want to develop their skills against hardened systems
• Job roles like senior penetration tester, security researcher, application penetration tester, and any software developer working on security products could benefit from the course

PREREQUISITES

• Solid ability in enumerating targets to identify vulnerabilities
• The ability to identify and exploit vulnerabilities like SQL injection, file inclusion, and local privilege escalation
• A foundational understanding of Active Directory and knowledge of basic AD attacks

SYLLABUS

This course is the next step for penetration testers who have completed the OSCP. The course covers the following topics.

• Operating System and Programming Theory
• Client Side Code Execution With Office
• Client Side Code Execution With Jscript
• Process Injection and Migration
• Introduction to Antivirus Evasion
• Advanced Antivirus Evasion
• Application Whitelisting
• Bypassing Network Filters
• Linux Post-Exploitation
• Kiosk Breakouts
• Windows Credentials
• Windows Lateral Movement
• Linux Lateral Movement
• Microsoft SQL Attacks
• Active Directory Exploitation
• Combining the Pieces
• Trying Harder: The Labs

View the full syllabus.

WHAT COMPETENCIES WILL YOU GAIN?

• Preparation for more advanced Penetration Testing fieldwork
• Knowledge of breaching network perimeter defenses through client-side attacks, evading antivirus and allow-listing technologies
• How to customize advanced attacks and chain them together

SUPPORTING YOUR JOURNEY

• 19+ hours of video
• 700-page PDF course guide
• Active learner forums
• Access to the virtual lab environment
• FREE 90 DAYS LAB ACCESS ONLINE COURSE + 1 CERT EXAM ATTEMPT
• FREE 6-MONTHS ALL ACCESS LEARN UNLIMITED SUBSCRIPTION (worth ~$3,000 USD)
• Complimentary OffSec Merchandise (View here)

TRAINER PROFILE 

Victor Khoury

Victor is a senior developer and penetration tester. He has a passion for the security field. He graduated as a civil engineer, but during his college years, he self-studied development and security to eventually become more involved in the cybersecurity field and earned his certifications. Victor started his career as a developer (Salesforce, .NET, PHP). He previously worked on auditing web apps, securing them, and doing internal penetration testing engagements. He was also responsible for coming up with a secure design for web applications/networks. Victor is obsessed with security and development and is always willing to learn. He keeps researching and learning to get deeper and deeper in this field. He would like to make an impact in the cyber field and let people know how important security is these days, and how to properly achieve it.