PEN-200: Penetration Testing with Kali Linux

PEN-200: Penetration Testing with Kali Linux

The industry-leading Penetration Testing with Kali Linux (PWK/PEN-200) course introduces penetration testing methodology, tools, and techniques in a hands-on, self-paced environment. Access PEN-200’s first Learning Module for an overview of course structure, learning approach, and what the course covers.

Learners who complete the course and pass the exam after November 1, 2024 will earn the OffSec Certified Professional (OSCP & OSCP+) penetration testing certification which requires holders to successfully attack and penetrate various live machines in a safe lab environment. These certifications are considered to be more technical than other penetration testing certifications and is one of the few that requires evidence of practical pen testing skills. The OSCP is a lifetime certification and the OSCP+ expires after 3 years, representing learners’ commitment to continuing education in the complex cybersecurity space.

OSCP+ Certification Badge

Topics covered in the Penetration Testing Course (PEN-200)

  • Introduction to Cybersecurity

    Master the core concepts, technologies, and best practices that form the bedrock of cybersecurity, providing a solid foundation for your pen testing journey.

  • Report Writing for Penetration Testers

    Learn to craft clear, actionable reports that detail security vulnerabilities, and potential impact, and provide step-by-step remediation guidance to help clients strengthen their security.

  • Information Gathering

    Employ advanced ethical hacking techniques and tools like Nmap and Shodan to meticulously map target systems, uncover potential entry points, and discover exploitable vulnerabilities.

  • Vulnerability Scanning

    Utilize powerful tools like Nessus and OpenVAS to systematically identify known vulnerabilities in networks, applications, and systems, streamlining your penetration testing process.

  • Introduction to Web Applications

    Gain a deep understanding of how web applications function, their underlying technologies, and the architectural weaknesses that give rise to common attack vectors.

  • Common Web Application Attacks

    Explore the techniques behind prevalent web attacks like cross-site scripting (XSS), injection flaws, and session hijacking, and learn essential mitigation strategies.

  • SQL Injection Attacks

    Master the art of manipulating databases via SQL injections to extract sensitive information, compromise backend systems, and escalate your privileges.

  • Client-Side Attacks

    Discover how to exploit vulnerabilities in web browsers, browser extensions, and client-side technologies like JavaScript to compromise user systems and gain unauthorized access.

  • Locating Public Exploits

    Learn where to find reliable public exploits, how to assess their applicability, and how to integrate them responsibly into your security testing workflow.

  • Fixing Exploits

    Adapt and customize existing exploits, employ obfuscation techniques, and develop creative payloads to bypass defenses and successfully test target systems.

How to enroll today

Most
popular

Course + Certification Exam Bundle

Course + Cert
Exam Bundle

$1,649

One-time payment

More information

# of Courses

1

Days of lab access

90

# of Exam attempts included

1

Best
value

Learn One

Learn
One

$2,599/year

Billed annually*

More information

# of Courses

1

Days of lab access

365

# of Exam attempts included

2

Fundamental content

Unlimited

Fundamental learning paths and assessments

Included

PEN-103 & KLCP Exam

Included

PEN-210 & OWSP Exam

Included

All
access

Learn Unlimited

Learn
Unlimited

$5,799/year

Billed annually*

More information

Recommended # of learners

2-9

# of Exam attempts included

Unlimited

Subscription Term

Annual

OffSec Learning Library Access

All access

Labs for every course

Included

# of Courses

All

Days of lab access

365

Fundamental content

Unlimited

PEN-103 & KLCP Exam

Included

PEN-210 & OWSP Exam

Included

# of Courses

1

1

All

Days of lab access

90

365

365

# of Exam attempts included

1

2

Fundamental content

N/A

PEN-103 & KLCP Exam

N/A

Included

Included

PEN-210 & OWSP Exam

N/A

Included

Included

N/A

Included

Included

Financing is now available through Climb Credit with as little as 0% APR and up to 36 monthly payments, excluding Learn Unlimited. State exclusions may apply. Learn more.

Once started, 90 day lab access cannot be paused.

Buying for a team?

What our community is saying

Alex Caughey

Alex Caughey

Security Engineer

...I would 100% recommend this course to anyone seeking a broad and thorough technical understanding of many fundamental pentest concepts and practices, all delivered through a hands-on, well structured and complete lab environment.

Connor McGarr

Connor McGarr

Software Engineer III

...Things are just put in a way [in the PWK labs] where it forces you to think outside of the box. I think that is the biggest skill that a pentester can take away. You can Google something and get a gist of the technical aspects…but that creativity of ‘this is not working, now what’s my game plan’…that’s the mindset that is so valuable

Lee - @N3rdRag3PC

Lee - @N3rdRag3PC

Security QA Analyst

It's finally here! 🥺❤️

I want to give a huge shout-out to the folks over at @offsectraining for giving me the skills and training to have landed my dream job that I've had for 2 weeks now.

Forever grateful and will never forget to #tryharder ❤️

Supercharge your cybersecurity career with the OSCP+

Become an in-demand cybersecurity professional

  • Become an expert with hands-on training

    Transform your knowledge into real-world expertise by mastering the practical techniques and tools used by certified penetration testers.

  • Command a higher salary

    OSCP-certified security professionals are in high demand, empowering you to negotiate top-tier compensation for your specialized skillset.

  • Expand your skillset

    Develop proficiency in a vast array of security tools, methodologies, and attack vectors, making you an indispensable asset to any cybersecurity team.

  • Advance your career

    This broader knowledge base opens doors to a wide range of exciting cybersecurity roles, from certified ethical hacker to incident responder, threat hunter, or a software developer with a focus on building security.

  • Validate your expertise

    The OSCP penetration tester certification is globally recognized, serving as a powerful validation of your skill and dedication to cybersecurity excellence.

Open doors to exciting cybersecurity roles

  • Penetration Tester

    Proactively identify and exploit vulnerabilities in systems and networks to improve an organization’s security posture.

  • Cybersecurity Consultant

    Advise organizations on security strategies, implement security solutions, and help them mitigate cybersecurity risks.

  • Security Analyst

    Monitor networks for intrusions, analyze security events, and respond to cyber threats to protect an organization’s assets.

  • Network Security Engineer

    Design, implement, and maintain secure network infrastructures, including firewalls, intrusion detection systems, and VPNs.

  • Vulnerability Researcher

    Discover new vulnerabilities in software, hardware, and systems, developing exploits and reporting them responsibly for remediation.

Your exam toolkit

Comprehensive lab environment

Access a virtual lab to practice techniques and refine your skills in a safe, controlled setting.

Extensive course materials

Dive into detailed course content, videos, and interactive exercises covering all aspects of the exam.

Supportive community

Join a vibrant online community of OffSec students and professionals for help and collaboration.

OSCP+ prep book

FAQ

  • What is the OSCP+ certification?

    The OffSec Certified Professional (OSCP+ & OSCP) certification, are designed for cybersecurity professionals to validate practical, hands-on skills in ethical hacking and penetration testing. The OSCP+ certification is issued upon completion of the exam, anytime after November 1, 2024. Successful candidates demonstrate proficiency in identifying vulnerabilities, exploiting systems, escalating privileges, and documenting their findings in a real-world environment. The certification is relevant to roles such as penetration testers, security analysts, and consultants, confirming their ability to conduct comprehensive security assessments.

  • What's the difference between the OSCP & the OSCP+?

    Beginning November 1, 2024, when learners pass the updated exam, they will earn both the OSCP and OSCP+ certification. The OSCP+ designation will differ from the existing OSCP certification in only one way–it will expire three (3) years from issuance. During those three years learners will have the opportunity to maintain the “+” designation by completing one of three continuing education paths:

    1. Take and pass a recertification exam within 6 months of the + expiry date
    2. Take and pass another qualifying OffSec certification exam before your + expires.

    List of qualifying exams:

    • OSEP (OffSec Experienced Penetration Tester)
    • OSWA (OffSec Web Assessor)
    • OSED (OffSec Exploit Developer)
    • OSEE (OffSec Exploitation Expert)
    1. Successful completion of OffSec’s new CPE program, details of which will be announced in late 2024-early 2025

    OSCP+ not only reflects the holder’s expertise in cybersecurity but also signifies that they are up-to-date with the latest industry standards and practices. The “+” designation highlights a learner’s commitment to continuous learning and staying current in a field that is constantly evolving.

    Learners who choose not to maintain the + designation will still keep their OSCP certification.

    Please note: The OSCP certification has no expiration date and continues to be valid indefinitely.

  • What is the OSCP+ exam?

    The OffSec Certified Professional+ (OSCP+) exam is a rigorous, proctored, 24-hour practical assessment of your penetration testing skills. You’ll demonstrate your ability to identify, exploit, and report on vulnerabilities in live systems within a lab environment. Following the exam, you have an additional 24 hours to submit a comprehensive penetration testing report.

  • What format is the OSCP+ exam in?

    The OSCP+ exam is entirely hands-on. You will be given access to a lab environment and tasked with compromising live systems, demonstrating your practical penetration testing abilities.

  • Who is the PEN-200 course for?

    The PEN-200 course is ideal for security professionals seeking to enhance their ethical hacking skills and earn the industry-recognized OSCP pen testing certification. It’s designed for individuals who have a solid foundation in networking and basic familiarity with Linux and Windows systems.

  • What are the prerequisites for PEN-200?

    While there are no formal prerequisites, it’s strongly recommended that you have:

    • A solid foundation in TCP/IP networking
    • Basic scripting abilities (e.g., Bash, Python)
    • Familiarity with Linux and Windows operating systems

    Learners can also go through our Network Penetration Testing Essentials Learning Path to ensure they’re ready for the course, included in Learn Fundamentals and Learn One subscriptions.

  • What competencies will I gain?

    Upon completing PEN-200 and successfully passing the OSCP exam, you’ll have mastered core penetration testing methodologies, including:

    • Information gathering and vulnerability scanning
    • Exploit development and execution
    • Privilege escalation (Windows and Linux)
    • Web application attacks
    • Active Directory exploitation
  • How does OffSec support my online journey?

    Throughout the online training course, you’ll have access to:

    • A virtual lab environment for hands-on practice
    • Extensive course information and materials, including videos and exercises
    • A vibrant online community of students and OffSec professionals
  • What is the exam retake policy?

    If a learner needs more lab access time or needs to retake an exam, Exam Retakes & Lab Extensions can be purchased additionally through the OffSec Training Library.

    • OSCP Certification Exam Retake Fee: $249
    • PEN-200 lab access extension of 30 days: $359
  • What’s next after the OSCP+?

    The OSCP+ certification opens up a wide range of exciting possibilities within cybersecurity!  Here are a few paths to consider, depending on your interests:

    • Deepen your penetration testing expertise: Advance your skills with specialized courses in web application security (WEB-200/300) or take on the rigorous PEN-300: Advanced Evasion Techniques and Breaching Defenses (OSEP) course.
    • Develop exploit writing skills: Learn the intricate art of crafting your own exploits with courses focused on windows and macOS vulnerabilities (EXP-301/312).
    • Transition into defensive roles: Gain a strong foundation in security operations and incident response (SOC-200, Incident Responder Essentials Learning Path) to enhance your value as a well-rounded security professional.
    • Explore lateral movements: Design your ideal career path by strategically combining OffSec’s offerings. Pursue roles like secure software developer, cloud engineer, or threat hunter by supplementing your OSCP knowledge with adjacent specializations.

OffSec Penetration Testing Courses & Certifications

Advance your cybersecurity career with OffSec

Most
popular

Course & Cert <br /> Exam Bundle Course & Cert <br /> Exam Bundle

Course & Cert
Exam Bundle

$1,649/once

The bundle includes 90 days of access to a single course, the associated labs and a single exam attempt.

Best
value

Learn <br/>One Learn <br/>One

Learn
One

$2,599/year*

One year of lab access alongside a single course plus two exam attempts.

All
access

Learn <br/>Unlimited Learn <br/>Unlimited

Learn
Unlimited

$5,799/year

Unlimited OffSec Learning Library access plus unlimited exam attempts for one year.

Large teams

Learn <br/>Enterprise Learn <br/>Enterprise

Learn
Enterprise

Get a quote

Flexible terms and volume discounts available.

learn-one

Learn One is an annual subscription for individuals and organizations who want to enroll in a single course and ultimately earn an OffSec certification. Learn One includes one course of your choice, two cert exam attempts, hands-on lab access, and all Learn Fundamentals content.

What’s included

1 year of access to the course of your choice

2 exam attempts during your subscription

365 days of lab access

1 year of unlimited access to all fundamental content and OffSec curated Learning Paths

PEN-103 + 1 KLCP exam attempt

PEN-210 + 1 OSWP exam attempt

1 download of course material

Financing for Learn Fundamentals and Learn One now available through Climb Credit with as little as 0% APR and up to 36 monthly payments.

State exclusions may apply. Learn more.

Graduation cap icon colored in with a gradient fading from purple to teal

New to cybersecurity want to get educated on fundamental content before signing up?

Check out Cyberversity - our free resource library covering essential cybersecurity topics.

Learn more