Course Overview

Disclaimer: As of October 15, 2020, Cracking the Perimeter(CTP) has been retired. However, the OSCE certification will always be valid. We’ve now broken down the CTP course materials into three separate courses: Advanced Web Attacks and Exploitation, Evasion Techniques and Breaching Defenses, and Windows User Mode Exploit Development. This more than doubles the content that was in Cracking the Perimeter. Students who pass all three of these courses will now obtain the new OSCE3 certification. This page will remain active for historical purposes. Please see our announcement and FAQ for more details.


Cracking the Perimeter (CTP) is the next step for penetration testers who have completed PWK. This online, self-paced ethical hacking course is among the most challenging available.

CTP focuses more on exploit development. Students learn how to identify advanced vulnerabilities and misconfigurations in various operating systems, then execute organized attacks.

Students who complete the course and pass the exam earn the Offensive Security Certified Expert (OSCE) certification. This cert proves mastery of advanced penetration testing skills. OSCEs have also demonstrated they can think laterally and perform under pressure.


Course includes a 48-hour exam.


Learn how to develop advanced exploits.


Gain access to a virtual penetration testing lab.


Earn your OSCE certification.

Certification Process

OSCE is an advanced penetration testing certification focusing on exploit development. We recommend going for this cert after attaining your OSCP and pursuing further pentesting experience.

Once you’ve reviewed the course material, completed the exercises in CTP, and practiced your skills in the lab, you’re ready to take the certification exam.

The OSCE exam has a 48-hour time limit and consists of a hands-on penetration test in our isolated VPN exam network. The network contains varying configurations and operating systems. Points are awarded for each compromised host, based on their difficulty and level of access obtained.

You must submit a comprehensive test report as part of the exam. It should contain in-depth notes and screenshots detailing your findings.

Real-world Benefits

A passing exam grade will declare you an Offensive Security Certified Expert (OSCE).

OSCEs have proven that they can craft their own exploits, execute attacks to compromise systems, and gain administrative access.

The intense 48-hour exam also demonstrates that OSCEs have an above-average degree of persistence, determination, and ability to perform under pressure.


Register at least 10 days prior to desired start date.


Establish connection to the virtual lab.


Progress through course materials and practice your skills.


Schedule certification exam within 120 days of course completion.


Successfully complete the 48-hour exam to earn your OSCE.

Course Details

Who is this course for?

This course is designed for:

  • Experienced penetration testers
  • Seasoned, hardcore security professionals


Course Overview & Syllabus

Like other Offensive Security courses, CTP combines traditional course materials teaching advanced penetration testing skills with hands-on, practice within a virtual lab environment. The course covers the following topics in detail. View the full syllabus.

  • Introduction
  • The Web Application Angle
  • Cross Site Scripting Attacks – Scenario #1
  • Real World Scenario
  • Directory traversal – Scenario #2
  • Real World Scenario
  • The Backdoor angle
  • Backdooring PE files under Windows Vista
  • Advanced Exploitation Techniques
  • MS07-017 – Dealing with Vista
  • Cracking the Egghunter
  • The 0Day angle
  • Windows TFTP Server – Case study #1
  • HP Openview NNM – Case study #2
  • The Networking Angle – Attacking the Infrastructure
  • Bypassing Cisco Access Lists using Spoofed SNMP Requests
  • GRE Route-Map Kung Fu
  • Sniffing Remote Traffic via GRE tunnel
  • Compromised Router Config
Course Prerequisites

Cracking the Perimeter is an advanced course and requires prior knowledge of Windows exploitation techniques. You should be comfortable in OllyDbg and understand concepts such as shellcode encoding, use of the Metasploit Framework, and Linux at large.

What competencies will you gain?
  • Debugging Windows binaries
  • Working through encoding issues and space restrictions while crafting exploits
  • Understanding PE structure to learn techniques that backdoor executables and bypass AV
  • Familiarity with more advanced protections like ASLR
  • Using creative and lateral thinking to achieve expanded view of standard vectors
  • Thinking outside the box to determine innovative ways of penetrating internal networks


Supporting your Online Journey
  • 3.5 hours of course video
  • 145-page course guide
  • Active student forums
  • Access to virtual lab environment

Course Reviews


Cracking the Perimeter OSCE

OSCE Review

Course Review: OSCE

NetSec OSCE Review

Choose a learning path


Courses and Certifications