| Feature | OSCP (Black-box) | OSWE (White-box) | | :--- | :--- | :--- | | | No source code | Full source code provided | | Methodology | Enumeration -> Fuzzing -> Exploit | Static Analysis -> Logic Tracing -> Chaining | | Key Skill | Recon & Privilege Escalation | Code review & Scripting | | Difficulty | Hard | Expert | | Focus | Network & Basic Web | Advanced Web Logic & RCE |
The course package includes a , over 10 hours of video content, and a private lab environment. According to the official WEB-300 syllabus , the material is divided into several modules focused on specific languages and attack vectors: offensive security web expert -oswe- pdf