March 14, 2023Cheah Sin Ean, Donavan
Cheah Sin Ean, Donavan
OffSec Certified Expert 3 (OSCE3) holders have expert-level penetration testing skills. They have proven that they can craft their own exploits, review advanced source code in web apps to identify vulnerabilities, and have the skills and expertise necessary to conduct penetration tests against hardened systems.
By passing the relevant exams for EXP-301, PEN-300, and WEB-300 (AWAE) a student is automatically granted their OSCE3, demonstrating expertise in Offensive Security's three primary learning paths: Penetration Testing, Web Application Attacks, and Exploit Development.
Skills / Knowledge
- Persistent Cross-Site Scripting
- Session Hijacking
- .NET Deserialization
- Data Exfiltration
- Bypassing File Extension Filters
- Magic Hashes
- PostgreSQL Extension and User Defined Functions
- Bypassing REGEX restrictions
- Cross-Site Request Forgery
- Type Juggling
- Blind SQL Injection
- Bypassing File Upload Restrictions
- Loose Comparisons
- Bypassing Character Restrictions
- PostgreSQL Large Objects
- Debugging .NET Assemblies
- Client-side attacks
- Process injection and migration
- Antivirus Evasion
- Application Allow-Listing
- Bypassing Network Filters
- Windows and Linux Lateral Movement
- Active Directory Exploitation
- Microsoft SQL Attacks
- WinDbg Tutorial
- Stack Buffer Overflows
- Exploiting SEH Overflows
- IDA Pro
- Overcoming Space Restrictions
- Egghunters
- Shellcode from Scratch
- Reverese-engineering Bugs
- Stack Overflows and DEP/ASLR Bypass
- Format String Specifier Attacks
- Custom ROP chains and ROP Payload Decoders
Issued on
March 14, 2023
Expires on
Does not expire