Cyber Security Category Banner Image

OffSec PEN-300 - Evasion Techniques and Breaching Defenses (OSEP) - Self-paced

  • Length 90 days access
  • Inclusions OSEP exam
Course overview
Book now

Why study this course

PEN-300 is an advanced course, designed as the next step for penetration testers who have completed the OSCP.

Evasion Techniques and Breaching Defenses (PEN-300) is an advanced penetration testing course. It builds on the knowledge and techniques taught in Penetration Testing with Kali Linux (OSCP), teaching students to perform advanced penetration tests against mature organisations with an established security function. PEN-300 teaches the skills necessary to bypass many different types of defenses while performing advanced attacks that avoid detection. As a general rule, it will not specifically deal with the act of evading a blue team but rather focus on bypassing security mechanisms that are designed to block attacks.

Students who complete the course and pass the exam earn the OffSec Experienced Penetration Tester (OSEP) certification, demonstrating their ability to perform advanced penetration tests against mature organisations.

The OSEP is one of three certifications making up the OSCE³ certification, along with the OSWE for web application security and the OSED for exploit development.

This self-paced course includes:

  • 19+ hours of video

  • 700-page PDF course guide

  • Active student forums

  • Access to virtual lab environment

  • Closed Captioning is available for this course

  • OSEP exam voucher

 About the OSEP exam:

  • The PEN-300 course and online lab prepares you for the OSEP certification

  • 48-hour exam

  • Proctored

Learn more about the exam.

Request Course Information

What you’ll learn

  • Preparation for more advanced field work

  • Knowledge of breaching network perimeter defenses through client-side attacks, evading antivirus and allow-listing technologies

  • How to customise advanced attacks and chain them together

OffSec Partner Logo - Gold Channel

OffSec at Lumify Work

Security professionals from top organisations rely on OffSec to train and certify their personnel. Lumify Work is an Official Training Partner for OffSec.

Who is the course for?

OSCP-level penetration testers who want to develop their skills against hardened systems.

Course subjects

The course covers the following topics:

  • Operating System and Programming Theory

  • Client Side Code Execution With Office

  • Client Side Code Execution With Jscript

  • Process Injection and Migration

  • Introduction to Antivirus Evasion

  • Advanced Antivirus Evasion

  • Application Whitelisting

  • Bypassing Network Filters

  • Linux Post-Exploitation

  • Kiosk Breakouts

  • Windows Credentials

  • Windows Lateral Movement

  • Linux Lateral Movement

  • Microsoft SQL Attacks

  • Active Directory Exploitation

  • Combining the Pieces

  • Trying Harder: The Labs

View the syllabus here.


  • OSCP is strongly recommended

  • Solid ability in enumerating targets to identify vulnerabilities

  • The ability to identify and exploit vulnerabilities like SQL injection, file inclusion, and local privilege escalation

  • A foundational understanding of Active Directory and knowledge of basic AD attacks


Lumify Work offers certification and training through our partnership with OffSec. This arrangement requires Lumify Work to provide your details to OffSec for course and/or exam registration purposes.

Terms & Conditions

The supply of this course by Lumify Work is governed by the booking terms and conditions. Please read the terms and conditions carefully before enrolling in this course, as enrolment in the course is conditional on acceptance of these terms and conditions.

Request Course Information

Select and book a course

Can't find a date you like?

Contact sales