I. Overview:

The industry-leading Penetration Testing with Kali Linux (PWK/PEN-200) course introduces penetration testing methodologies, tools and techniques via hands-on experience. Learners who complete the course and pass the exam will earn the OffSec Certified Professional (OSCP) certification which requires holders to successfully attack and penetrate various live machines in a safe lab environment. The OSCP is considered to be more technical than other ethical hacking certifications and is one of the few that requires evidence of practical penetration testing skills.

II. Duration:  

05 days (40 hours)

III. Objectives:

• Learn how to become a penetration tester by using information-gathering techniques to identify and enumerate targets running various operating systems and services
• Writing basic scripts and tools to aid in the penetration testing process
• Analyzing, correcting, modifying, cross-compiling, and porting public exploit code
• Conducting remote, local privilege escalation, and client-side attacks
• Identifying and exploiting XSS, SQL injection, and file inclusion vulnerabilities in web applications
• Leveraging tunneling techniques to pivot between networks
• Creative problem-solving and lateral thinking skills

IV. Intended Audience:

• Infosec professionals transitioning into penetration testing
• Pentesters seeking one of the best pentesting certifications
• Those interested in pursuing a penetration tester career path
• Security professionals
• Network administrators
• Other technology professionals

V. Prerequisites:

All learners are required to have:

• Solid understanding of TCP/IP networking
• Reasonable Windows and Linux administration experience
• Familiarity with basic Bash and/or Python scripting

VI. Course outlines:

PEN-200 is a unique course that combines traditional course materials with hands-on simulations, using a virtual lab environment. The course covers the following topics.

1. Penetration Testing with Kali Linux: General Course Introduction
2. Introduction to Cybersecurity
3. Effective Learning Strategies
4. Report Writing for Penetration Testers
5. Information Gathering
6. Vulnerability Scanning
7. Introduction to Web Applications
8. Common Web Application Attacks
9. SQL Injection Attacks
10. Client-Side Attacks
11. Locating Public Exploits
12. Fixing Exploits
13. Antivirus Evasion
14. Password Attacks
15. Windows Privilege Escalation
16. Linux Privilege Escalation
17. Advanced Tunneling
18. The Metasploit Framework
19. Active Directory Introduction and Enumeration
20. Attacking Active Directory Authentication
21. Lateral Movement in Active Directory
22. Assembling the Pieces
23. Trying Harder: The Labs