PEN-300: Evasion Techniques and Breaching Defenses (OSEP)

The advanced course for pentesters who need to operate against modern defenses — EDR, AV, and hardened enterprise networks. Course modules: • Operating System & Security Concepts — Windows internals, memory protection, security boundaries • Client-Side Code Execution — phishing with Office macros, HTML smuggling, JScript/VBS droppers • Process Hollowing & Injection — shellcode injection, DLL injection, reflective loading, APC injection • Antivirus & EDR Evasion — AMSI bypass, ETW patching, signature analysis, custom shellcode encoding • Application Whitelisting Bypass — AppLocker bypass, WDAC evasion, LOLBins (Living Off the Land Binaries) • Bypassing Network Filters — egress filtering evasion, domain fronting, encrypted C2 channels • Linux Post-Exploitation — enumeration, credential hunting, lateral movement on Linux networks • Kerberos Attacks (Advanced) — Kerberoasting at scale, AS-REP roasting, constrained delegation abuse • Active Directory Persistence — Golden Ticket, Silver Ticket, skeleton key, DCShadow, AdminSDHolder • MSSQL Server Attacks — linked server exploitation, xp_cmdshell, privilege escalation via SQL • Lateral Movement — WMI, PSExec, WinRM, DCOM, RDP session hijacking • Microsoft Defender Bypass — real-world techniques against Windows Defender in enterprise environments • Custom C2 Development — building implants that evade behavioral detection Built for experienced pentesters operating in hardened environments. Leads to the OSEP certification.