=

Course Foundation (PEN-300)

The OSEP certification is based on the PEN-300 course, focusing on advanced penetration testing against hardened targets with mature defenses. This course moves beyond off-the-shelf tools, teaching you to develop custom exploits and evade modern detection systems.

Core Topics

Dive deep into advanced tradecraft with our comprehensive curriculum:

Client-Side Attacks & Social Engineering

Craft malicious Office documents and Windows Script Host payloads for advanced phishing and user exploitation.

EDR & AV Evasion

Bypass Endpoint Detection & Response and Antivirus on Windows/Linux using in-memory payload delivery.

Application Whitelisting Bypass

Execute code despite restrictive policies using Living-off-the-land techniques (PowerShell, WMI, .NET).

Privilege Escalation & Lateral Movement

Master advanced Windows tradecraft including credential harvesting, persistence, Kerberoasting, DCOM abuse, and Linux post-exploitation.

Active Directory Exploitation

Exploit AD misconfigurations and SQL servers to pivot through highly segmented networks.

Custom Payload Development

Develop custom shellcode, loaders, and C2 channels utilizing reflection-based stealth techniques.

Exam Structure

48-Hour Exam

A grueling 48-hour practical exam testing your endurance and skills.

Objective Based

Compromise six targets with multiple objectives to capture ten total flags.

Professional Report

Submission of a professional penetration test report is required for certification.

Recommended Background

  • Prior OSCP certification or equivalent skills is highly recommended.
  • Strong knowledge of Windows internals, Linux exploitation, and scripting (Python, C#, PowerShell).
  • Comfort with manual exploitation and custom tooling.

Lab Environment

Practice your skills in our extensive lab environment featuring:

  • 50+ Lab Solves: Tackle over 50 challenging lab machines and scenarios.
  • Real-World Simulation: Experience environments with mature defenses and segmentation.