PEN-200: Penetration Testing with Kali Linux

The Penetration Testing with Kali Linux (PEN-200) course is OffSec’s essential training program for aspiring penetration testers. The course teaches learners how to identify and exploit real-world vulnerabilities across computers, network security, web applications, and basic cloud environments. Emphasizing hands-on, practical learning, PEN-200 provides the core technical skills and mindset required to simulate offensive information security operations—and defend against them. It’s a critical resource for those pursuing roles such as security analyst, security specialist, or certified ethical hacker.

PEN-200 covers a wide range of topics and attack techniques, including:

• Providing an introduction to cybersecurity and an effective learning strategy to help you get started
• Performing enumeration and information gathering, including vulnerability scanning
• Understanding encryption and cryptography
• Utilizing perimeter attacks in web security and client-side attacks, where we go into depth in the commonly seen vulnerabilities such as XSS, Command Injection, Directory Traversal, File Uploads, and SQL Injection. We also cover password attacks and touch on Anti-Virus Evasion
• Performing Windows and Linux privilege escalation and lateral movements, including pivoting and tunneling techniques
• Using Active Directory, attacking Active Directory authentication, and lateral movement in Active Directory
• Enumerating and attacking AWS cloud infrastructure
• Learning how to use commonly used tools and commands in penetration testing, such as Nmap, Metasploit, Burp Suite, Hydra, Nessus, sqlmap, and Shellter

PEN-200 is organized into 20+ modules. Most modules have companion videos for the visually inclined learners. Most modules have hands-on labs to help learners practice the concept and theory taught in that module. After mastering each of the techniques and skills taught in all modules, learners can move on to the 9 challenge labs to practice a combination of skills in one lab, mimicking the real-world penetration test engagement. To help learners get ready for their OSCP+ exam, three challenge labs are designed to closely replicate the OSCP+ exam environment.

PEN-200 is suitable for those wishing to embark on a professional pen testing career, or wanting to learn skills possessed by pen testers. Before taking this course, we do suggest having hands-on practical knowledge of Linux and Windows administration, networking, and network scripting.

The PEN-200 course is ideal for:

• Infosec professionals transitioning into penetration testing
• Pen testers seeking an industry-recognized pentesting certification
• Those interested in a penetration testing career path
• Security professionals
• Network administrators
• Other technology professionals

While there are no formal prerequisites, it is strongly recommended that you have:

• A solid understanding of TCP/IP networking
• Reasonable Windows and Linux administration experience
• Familiarity with basic Bash and/or Python scripting

Up to 40 (ISC)² CPE credits.