PEN-200: Penetration Testing with Kali Linux (OSCP+)

  • Gain expertise in penetration testing topics, including XSS, SQL Injection, privilege escalation, Active Directory and AWS exploitation
  • Be professionally recognized for life as an OffSec Certified Professional (OSCP) and gain your 3-year OSCP+
Google 4.3/5 Average Rating
840+ Learners
Industry Recognized
Certification Body Offensive Security
Delivery Profice
Lowest price guaranteed
Self Paced Learning - 90 Days Access
€1950
Excl. VAT
Self Paced Learning - 365 Days Access
€3000
Excl. VAT
  • Exam voucher
  • Hands-on labs
  • Certificate
  • Lifetime support
  • Official courseware

Flexible payment — invoice, card or PayPal

About This Course

The Penetration Testing with Kali Linux (PEN-200) course is OffSec’s essential training program for aspiring penetration testers. The course teaches learners how to identify and exploit real-world vulnerabilities across computers, network security, web applications, and basic cloud environments. Emphasizing hands-on, practical learning, PEN-200 provides the core technical skills and mindset required to simulate offensive information security operations—and defend against them. It’s a critical resource for those pursuing roles such as security analyst, security specialist, or certified ethical hacker.

 

PEN-200 covers a wide range of topics and attack techniques, including:

  • Providing an introduction to cybersecurity and an effective learning strategy to help you get started
  • Performing enumeration and information gathering, including vulnerability scanning
  • Understanding encryption and cryptography
  • Utilizing perimeter attacks in web security and client-side attacks, where we go into depth in the commonly seen vulnerabilities such as XSS, Command Injection, Directory Traversal, File Uploads, and SQL Injection. We also cover password attacks and touch on Anti-Virus Evasion
  • Performing Windows and Linux privilege escalation and lateral movements, including pivoting and tunneling techniques
  • Using Active Directory, attacking Active Directory authentication, and lateral movement in Active Directory
  • Enumerating and attacking AWS cloud infrastructure
  • Learning how to use commonly used tools and commands in penetration testing, such as Nmap, Metasploit, Burp Suite, Hydra, Nessus, sqlmap, and Shellter

PEN-200 is organized into 20+ modules. Most modules have companion videos for the visually inclined learners. Most modules have hands-on labs to help learners practice the concept and theory taught in that module. After mastering each of the techniques and skills taught in all modules, learners can move on to the 9 challenge labs to practice a combination of skills in one lab, mimicking the real-world penetration test engagement. To help learners get ready for their OSCP+ exam, three challenge labs are designed to closely replicate the OSCP+ exam environment.

 

PEN-200 is suitable for those wishing to embark on a professional pen testing career, or wanting to learn skills possessed by pen testers. Before taking this course, we do suggest having hands-on practical knowledge of Linux and Windows administration, networking, and network scripting.

Course Information

Course Code OSCP+
Duration Self Paced
Delivery Self Paced
Exam Voucher Included
Certification Body Offensive Security
Certification OSCP+

What You Will Learn

Master information gathering and enumeration techniques Conduct vulnerability scanning with Nessus and Nmap
Perform web application and client-side attacks
Execute Windows and Linux privilege escalation techniques
Implement port redirection and SSH tunneling
Analyze and attack Active Directory environments
Utilize public exploit resources and adapt them for specific scenarios
Evade antivirus detection
Generate and debug shellcode for penetration testing
Write detailed and effective penetration testing reports

Course Curriculum

Master the core concepts, technologies, and best practices that form the bedrock of information security, providing a solid foundation for your pen testing journey

Craft clear, actionable reports to detail security vulnerabilities, their potential impact, and step-by-step remediation guidance
Use advanced ethical hacking techniques and tools like Nmap and Shodan to map target systems and discover exploitable vulnerabilities
Use tools like Nessus and OpenVAS to identify known vulnerabilities in networks, applications, and systems to streamline your penetration testing process

Learn how web applications function, what their underlying technologies are, and the architectural weaknesses that create common web security attack vectors

Explore the techniques behind common web attacks, injection flaws, session hijacking, and the essential strategies to stop them

Master the art of manipulating databases through SQL injections to extract sensitive information, compromise backend systems, and escalate your privileges

Exploit vulnerabilities in web browsers, browser extensions, and client-side technologies to compromise user systems and gain access

Find reliable public exploits, assess their significance, and responsibly integrate them into your security testing workflow
Adapt and customise existing exploits, employ obfuscation techniques, and develop creative payloads to bypass defenses and successfully test target systems
Develop strategies and techniques to disguise exploits, obfuscate payloads, and evade detection by antivirus solutions to simulate real-world attacker behavior
Uncover weak authentication practices using password cracking techniques like brute-force, dictionary attacks, and rainbow table methods to improve password security

Identify and exploit misconfigurations and vulnerabilities in Windows systems to gain admin-level access and more control within a network security framework

Escalate your privileges and gain root-level access to fully compromised servers and critical infrastructure on Linux systems
Establish covert channels, pivot through networks, evade detection, and maintain persistence during penetration tests with sophisticated tunneling protocols and techniques
Use Metasploit’s broad capabilities for exploit development, payload generations, and post-exploitation activities to streamline your penetration testing tasks

Introduction and Enumeration Understand the structure of Active Directory, learn to enumerate users, groups, trusts, and sensitive configurations using tools like BloodHound and PowerView to identify attack paths

Exploit weaknesses in Active Directory authentication mechanisms (Kerberos, NTLM, etc) to compromise credentials and gain unauthorized access

Move laterally in Active Directory environments, expand your control, and achieve your penetration testing objectives with post-exploitation techniques and tools

Get the Full Syllabus as a PDF

Curriculum, exam format & everything included — sent straight to your inbox.

All You Need to Know

Who Should Attend

The PEN-200 course is ideal for:

  • Infosec professionals transitioning into penetration testing
  • Pen testers seeking an industry-recognized pentesting certification
  • Those interested in a penetration testing career path
  • Security professionals
  • Network administrators
  • Other technology professionals
Prerequisites

While there are no formal prerequisites, it is strongly recommended that you have:

  • A solid understanding of TCP/IP networking
  • Reasonable Windows and Linux administration experience
  • Familiarity with basic Bash and/or Python scripting

Premium training, now at the lowest price.

Self Paced Learning - 90 Days Access €1950 excl. VAT
Self Paced Learning - 365 Days Access €3000 excl. VAT
4.3/5 Official Offensive Security partner Exam included 840+ alumni
Lowest price guaranteed Ready to enrol?

No payment now — reserve your seat and we'll send the invoice.

Under a minute · invoice, card or PayPal
How it works: 1 Submit your details 2 Receive your invoice 3 Pay & get access