OffSec Certified Professional (OSCP+)

Becoming OSCP+ certified - 24-hour proctored: All certification exams are proctored by an OffSec employee in a private VPN - Hands-on labs: Identify, exploit, and report real-world vulnerabilities in live lab systems - 3 standalone machines: 60% of the exam will be graded on initial access and privilege escalation - 1 Active Directory set: 40% of the exam will be simulating a breach scenario across 3 machines Train to become OSCP+ certified PEN-200: Penetration Testing with Kali Linux The Penetration Testing with Kali Linux (PEN-200) course is OffSec’s essential training program for aspiring penetration testers. The course teaches learners how to identify and exploit real-world vulnerabilities across computers, network security, web applications, and basic cloud environments. Emphasizing hands-on, practical learning, PEN-200 provides the core technical skills and mindset required to simulate offensive information security operations—and defend against them. It’s a critical resource for those pursuing roles such as penetration tester, security analyst, security specialist, or certified ethical hacker. PEN-200 covers a wide range of topics and attack techniques, including: - Providing an introduction to cybersecurity and an effective learning strategy to help you get started - Performing enumeration and information gathering, including vulnerability scanning and vulnerability assessment - Understanding encryption and cryptography - Utilizing perimeter attacks in web and application security as well as client-side attacks, where we go into depth in the commonly seen vulnerabilities such as XSS, Command Injection, Directory Traversal, File Uploads, and SQL Injection. We also cover password attacks and touch on Anti-Virus Evasion - Performing Windows and Linux privilege escalation and lateral movements, including pivoting and tunneling techniques - Using Active Directory, attacking Active Directory authentication, and lateral movement in Active Directory - Enumerating and attacking AWS cloud infrastructure - Learning how to use commonly used tools and commands in penetration testing, such as Nmap, Metasploit, Burp Suite, Hydra, Nessus, sqlmap, and Shellter PEN-200 is organized into 20+ modules. Most modules have companion videos for the visually inclined learners. Most modules have hands-on labs to help learners practice the concept and theory taught in that module. After mastering each of the techniques and skills taught in all modules, learners can move on to the 9 challenge labs to practice a combination of skills in one lab, mimicking the real-world penetration test engagement. To help learners get ready for their OSCP+ certification exam, three challenge labs are designed to closely replicate the OSCP+ exam environment. PEN-200 is suitable for those wishing to embark on a professional pen testing career, or wanting to learn ethical hacking skills possessed by pen testers. Before taking this course, we do suggest having hands-on practical knowledge of Linux and Windows administration, networking, and network scripting.