Evasion Techniques and Breaching Defenses (PEN-300) is an advanced penetration testing course. It builds on the knowledge and techniques taught in Penetration Testing with Kali Linux, teaching students to perform advanced penetration tests against mature organizations with an established security function.
As a general rule, it will not specifically deal with the act of evading a blue team but rather focus on bypassing security mechanisms that are designed to block attacks. This course is one of the replacements for the Cracking the Perimeter (CTP) course — retired October 15, 2020.
This course is the next step for penetration testers who have completed the OSCP. View the syllabus. Topics covered include:
Operating System and Programming Theory
Client Side Code Execution With Office
Client Side Code Execution With Jscript
Process Injection and Migration
Introduction to Antivirus Evasion
Advanced Antivirus Evasion
Bypassing Network Filters
Windows Lateral Movement
Linux Lateral Movement
Microsoft SQL Attacks
Active Directory Exploitation
Combining the Pieces
Trying Harder: The Labs
WHAT COMPETENCIES WILL YOU GAIN?
Preparation for more advanced field work
Knowledge of breaching network perimeter defenses through client-side attacks, evading antivirus and allow-listing technologies
How to customize advanced attacks and chain them together