PEN:200 PENETRATION TESTING WITH KALI LINUX
Explore the OffSec PEN-200: Penetration Testing with Kali Linux (PWK)
The industry’s leading penetration testing course, preparing you for the world-renowned OSCP certification.
Key Features & Benefits
70+ hands-on labs simulating real-world networks and attack scenarios
Comprehensive coverage of penetration testing tools and techniques
Built on Kali Linux, the industry-standard ethical hacking platform
Prepares you for the OSCP certification, a globally respected credential
Develop practical, job-ready red teaming and offensive security skills
Learn to think and act like an attacker to strengthen defense strategies
Trusted by top companies, governments, and cybersecurity teams worldwide
A career game-changer — OSCP-certified professionals are highly sought after
Course outline
Module 01
Introduction to cybersecurity
Introduction to cybersecurity
Master the core concepts, technologies, and best practices that form the bedrock of cybersecurity, providing a solid foundation for your pen testing journey
Module 02
Report writing for penetration testers
Report writing for penetration testers
Craft clear, actionable reports to detail security vulnerabilities, their potential impact, and step-by-step remediation guidance
Module 03
Information gathering
Information gathering
Use advanced ethical hacking techniques and tools like Nmap and Shodan to map target systems and discover exploitable vulnerabilities
Module 04
Vulnerability scanning
Vulnerability scanning
Use tools like Nessus and OpenVAS to identify known vulnerabilities in networks, applications, and systems to streamline your penetration testing process
Module 05
Introduction to web applications
Introduction to web applications
Learn how web applications function, what their underlying technologies are, and the architectural weaknesses that create common attack vectors
Module 06
Common web application attacks
Common web application attacks
Explore the techniques behind common web attacks, injection flaws, session hijacking, and the essential strategies to stop them
Module 07
SQL injection attacks
SQL injection attacks
Master the art of manipulating databases through SQL injections to extract sensitive information, compromise backend systems, and escalate your privileges
Module 08
Client side attacks
Client side attacks
Exploit vulnerabilities in web browsers, browser extensions, and client-side technologies to compromise user systems and gain access
Module 09
Locating public exploits
Locating public exploits
Find reliable public exploits, assess their significance, and responsibly integrate them into your security testing workflow
Module 10
Fixing exploits
Fixing exploits
Adapt and customize existing exploits, employ obfuscation techniques, and develop creative payloads to bypass defenses and successfully test target systems
Module 11
Antivirus evasion
Antivirus evasion
Develop strategies and techniques to disguise exploits, obfuscate payloads, and evade detection by antivirus solutions to simulate real-world attacker behavior
Module 12
Password attacks
Password attacks
Uncover weak authentication practices using password cracking techniques like brute-force, dictionary attacks, and rainbow table methods to improve password security
Module 13
Windows privilege escalation
Windows privilege escalation
Identify and exploit misconfigurations and vulnerabilities in Windows systems to gain admin-level access and more control within a network
Module 14
Linux privilege escalation
Linux privilege escalation
Escalate your privileges and gain root-level access to fully compromised servers and critical infrastructure on Linux systems
Module 15
Advanced tunneling
Advanced tunneling
Establish covert channels, pivot through networks, evade detection, and maintain persistence during penetration tests with sophisticated tunneling protocols and techniques
Module 16
The metasploit framework
The metasploit framework
Use Metasploit s broad capabilities for exploit development, payload generations, and post-exploitation activities to streamline your penetration testing tasks
Module 17
Active directory: introduction and enumeration
Active directory: introduction and enumeration
Understand the structure of Active Directory, learn to enumerate users, groups, trusts, and sensitive configurations using tools like BloodHound and PowerView to identify attack paths
Module 18
Attacking active directory authentication
Attacking active directory authentication
Exploit weaknesses in Active Directory authentication mechanisms (Kerberos, NTLM, etc) to compromise credentials and gain unauthorized access
Module 19
Lateral movement in active directory
Lateral movement in active directory
Move laterally in Active Directory environments, expand your control, and achieve your penetration testing objectives with post-exploitation techniques and tools
Our partners & vendors
Ready to grow your cybersecurity team?
Training prerequisites
Core knowledge
Understanding of computer networking concepts, including: IP addressing and subnetting, routing and switching, TCP/IP stack and network protocols (e.g., DNS, HTTP, ARP, ICMP). Familiarity with common network services and how they operate.
Technical skills
Comfortable using Linux systems, including: Command-line navigation and scripting basics, file systems, permissions, and process management, installing and managing software packages
Familiarity with Windows environments and basic administration tasks. Ability to use common network and troubleshooting tools, such as: ping, traceroute, netstat, nmap, curl, nslookup, and telnet.
Recommended experience
1–2 years of experience in IT, networking, or system administration.
Completion of an entry-level security course like SEC-100: Cybersecurity Essentials or equivalent self-study.
Training & register details
TRAINING OVERVIEW
PEN-200: Penetration Testing with Kali Linux
Empower your team with advanced penetration testing expertise through the industry-leading OSCP certification.
Duration: 321h of content
Format: Online
Level: Intermediate
Language: English
Exam: online
HOW TO REGISTER
1. Submit your application
Fill out a quick application to show your interest in the OSCP training program.
2. Intro call
We’ll schedule a brief call to discuss your background, skills, and career goals.
3. Confirm your spot
Once accepted, complete your enrollment and receive all necessary course details and prep materials.
4. Start learning
Get access to the PEN-200 learning platform, explore labs, and start building your penetration testing skills.
5. Join the community
Connect with peers and mentors through exclusive chats, events, and networking opportunities.
Who is OSCP for?
Aspiring penetration testers & professionals
Kickstart your career in offensive security with hands-on, real-world hacking experience. Advance your skills and gain the OSCP certification.
Teams & enterprises
Equip your security teams to think and act like attackers, strengthening organizational defenses.
Government & Defense
Trusted by government agencies and defense sectors to develop experts in advanced cyber warfare tactics.
Educators
Enhance your training programs with practical, lab-driven penetration testing content from OffSec.
FAQ
What is the OSCP certification?
The OffSec Certified Professional (OSCP) is one of the world’s most respected penetration testing certifications. It demonstrates your ability to identify, exploit, and report vulnerabilities in real-world systems using advanced ethical hacking techniques.
How is the OSCP exam structured?
The OSCP exam is a 24-hour hands-on test where you must hack into a series of systems and complete a comprehensive penetration test report. It mirrors real-world attack scenarios and requires strategic planning, persistence, and technical skill.
Why is OSCP so highly respected?
OSCP certification is renowned because it’s 100% practical — there are no multiple-choice questions. It proves you can perform real-world penetration testing tasks, not just understand theory.