In this article, you can find answers to the following questions:
- What is an overview of the PEN-300 course?
- What are the prerequisites for Evasion Techniques and Breaching Defenses?
- What are the reporting requirements for PEN-300?
- What is the OSEP certification?
What is an overview of the PEN-300 course?
Advanced Evasion Techniques and Breaching Defenses covers more advanced topics of breaching network internal defenses through client-side attacks as well as evading antivirus and defeating application allow-listing technologies.
Specifically, we focus on how to customize those attacks and chain them together; for example, in an advanced Active Directory exploitation such as the compromise of an Active Directory Forest. PEN-300 does even more to prepare you for what happens in the field than PEN-200.
As a general rule, it will not specifically deal with the act of evading a blue team but rather focus on bypassing security mechanisms that are designed to block attacks.
What are the prerequisites for Evasion Techniques and Breaching Defenses?
All learners are recommended to have either taken Penetration Testing with Kali Linux (PEN-200) and passed the OSCP certification or have equivalent knowledge and skills. These skills include:
- Working familiarity with Kali Linux and the Linux command line
- Solid ability in enumeration of targets to identify vulnerabilities
- Basic scripting abilities in Bash, Python, and PowerShell
- Ability to identify and exploit vulnerabilities like SQL injection, file inclusion, and local privilege escalation
- Foundational understanding of Active Directory and knowledge of basic AD attacks
Familiarity of C# programming is a plus for this course. The full syllabus may be viewed here.
What are the reporting requirements for PEN-300?
The only report that is required for the PEN-300 course is the exam report, should you choose to attempt the OSEP certification exam.
What is the OSEP certification?
OSEP is the certification obtained from going through the PEN-300 course and passing the exam. The acronym stands for OffSec Experienced Penetration Tester.
For more information, please visit the course page and read our blog posts:
NEW Pentesting Course: PEN-300 and PEN-300 Frequently Asked Questions
STILL HAVE QUESTIONS?
Chat with the OffSec Support Team