Advanced Evasion Techniques and Breaching Defenses (OSEP)

Develop advanced penetration testing skills. Learn to bypass hardened security systems and exploit complex defenses.

Enroll
Course Thumbnail

Essential Skills Gained

Checkmark

Custom exploit development.

Checkmark

Bypassing modern security defenses.

Checkmark

Exploiting authentication and authorization flaws.

Checkmark

Attacking Active Directory and cloud environments.

Format

  • Instructor-led
  • 5 days with lectures and hands-on labs.

Audience

  • Pentesters.
  • Web Application Developers.
  • Application Security Analysts.
  • Application Security Architects.

Description

Calendar icon

Upcoming Course Dates

November 18-22, 2025

10:00 AM - 6:00 PM

Virtual: Online - ET

Enroll

$8495

Course Outline

Download PDF

Evasion Techniques and Breaching Defenses: General Course Information

  • About the PEN-300 Course.

  • Provided Material.

  • Overall Strategies for Approaching the Course.

  • About the PEN-300 VPN Labs.

  • About the OSEP Exam.

Operating System and Programming Theory

  • Programming Theory.

  • Operating System and Programming Theory.

  • Client-Side Code Execution with Office.

Client-Side Code Execution with Office

  • Will You Be My Dropper.

  • Phishing with Microsoft Office.

  • Keeping Up Appearances.

  • Executing Shellcode in Word Memory.

  • PowerShell Shellcode Runner.

  • Keep That PowerShell in Memory.

  • Talking to the Proxy.

Client-Side Code Execution with Windows Script Host

  • Creating a Basic Dropper in JScript.

  • JScript and C#.

  • In-memory PowerShell Revisited.

Process Injection and Migration

  • Finding a Home for Our Shellcode.

  • DLL Injection.

  • Reflective DLL Injection.

  • Process Hollowing.

Introduction to Antivirus Evasion

  • Antivirus Software Overview.

  • Simulating the Target Environment.

  • Locating Signatures in Files.

  • Bypassing Antivirus with Metasploit.

  • Bypassing Antivirus with C#.

  • Messing with Our Behavior.

  • Office Please Bypass Antivirus.

  • Hiding PowerShell Inside VBA.

Advanced Antivirus Evasion

  • Intel Architecture and Windows 10.

  • Antimalware Scan Interface.

  • Bypassing AMSI With Reflection in PowerShell.

  • Wrecking AMSI in PowerShell.

  • UAC Bypass vs Microsoft Defender.

  • Bypassing AMSI in JScript.

Application Whitelisting

  • Application Whitelisting Theory and Setup.

  • Basic Bypasses.

  • Bypassing AppLocker with PowerShell.

  • Bypassing AppLocker with C#.

  • Bypassing AppLocker with JScript.

Bypassing Network Filters

  • DNS Filters.

  • Web Proxies.

  • IDS and IPS Sensors.

  • Full Packet Capture Devices.

  • HTTPS Inspection.

  • Domain Fronting.

  • DNS Tunneling.

Linux Post-Exploitation

  • User Configuration Files.

  • Bypassing AV.

  • Shared Libraries.

Kiosk Breakouts

  • Kiosk Enumeration.

  • Command Execution.

  • Post-Exploitation.

  • Privilege Escalation.

  • Windows Kiosk Breakout Techniques.

Windows Credentials

  • Local Windows Credentials.

  • Access Tokens.

  • Kerberos and Domain Credentials.

  • Processing Credentials Offline.

Windows Lateral Movement

  • Remote Desktop Protocol.

  • Fileless Lateral Movement.

Linux Lateral Movement

  • Lateral Movement with SSH.

  • DevOps.

  • Kerberos on Linux.

Microsoft SQL Attacks

  • MS SQL in Active Directory.

  • MS SQL Escalation.

  • Linked SQL Servers.

Active Directory Exploitation

  • AD Object Security Permissions.

  • Kerberos Delegation.

  • Active Directory Forest Theory.

  • Burning Down the Forest.

  • Going Beyond the Forest.

  • Compromising an Additional Forest.

Combining the Pieces

  • Enumeration and Shell.

  • Attacking Delegation.

  • Owning the Domain.

Trying Harder: The Labs

  • Real Life Simulations.

  • Wrapping Up.

Your Team has Unique Training Needs.

Your team deserves training as unique as they are.

Let us tailor the course to your needs at no extra cost.