The most intense penetration testing course available in the security industry.
Penetration Testing with Kali (PWK) is a self-paced online penetration testing course designed for network administrators and security professionals who want to take a serious and meaningful step into the world of professional penetration testing. This unique penetration testing training course introduces students to the latest ethical hacking tools and techniques, including remote, virtual penetration testing labs for practicing the course materials. Penetration Testing with Kali Linux simulates a full penetration test from start to finish, by injecting the student into a target-rich, diverse, and vulnerable network environment.
Penetration Testing with Kali Linux is a foundational course, but still requires students to have certain knowledge prior to attending the online class. A solid understanding of TCP/IP, networking, and reasonable Linux skills are required. Familiarity with Bash scripting along with basic Perl or Python is considered a plus. This advanced penetration testing course is not for the faint of heart; it requires practice, testing, and the ability to want to learn in a manner that will grow your career in the information security field and overcome any learning plateau. Offensive Security challenges you to rise above the rest, dive into the fine arts of advanced penetration testing, and to Try Harder™.
We begin a new PWK course every Sunday with seats filling up rapidly, so we recommend that students begin their registration at least 10 days prior to their desired start date. The VPN lab access begins on your course start date and is a continuous block of time.
The online penetration testing labs are accessed via a VPN connection, so all students must have a high-speed Internet connection. In order to ensure a quality lab experience, you will be required to conduct a VPN connectivity test prior to making payment.
On your assigned course start date, you’ll be provided access to download all your course materials, including the 8-hour Offensive Security PWK course video series in HTML/Flash format and the 350-page PWK lab guide. You will also receive instructions on how to connect to our virtual penetration testing labs.
When your course begins, you are provided with VPN access to our vast penetration testing labs and are given access to a dedicated Windows virtual machine. You will use this access to complete various exercises and practice concepts from the PWK course.
As you progress through the PWK course materials, you will practice the tools and techniques directly on various targets within our online labs. You will then make use of your new-found skills and techniques to help you conduct a penetration test of the entire lab environment.
Successfully exploiting all of the lab systems requires a great deal of research, tenacity, and the willingness to Try Harder. However, you are not on your own; our student administrators are readily available to provide you with live support and the occasional nudge to help push you in the right direction when you’re out of options.
The Offensive Security Certified Professional (OSCP) is the companion certification for Penetration Testing with Kali Linux. The OSCP exam challenges you to prove you have a clear practical understanding of the penetration testing process and lifecycle.
Once you have completed the course and practiced your skills in our labs, you’re ready to take on the arduous 24-hour OSCP penetration testing certification exam – a real-world, hands-on penetration test that takes place in our isolated VPN exam network.
You will have 90 days from the end of your lab time to schedule and take this most unique and challenging of ethical hacking certification exams. The OSCP is very challenging and not for the faint-of-heart. However, earning it is incredibly rewarding and proves to yourself and others that you have proven practical penetration testing skills.
The following graphic is a simplified diagram of the PWK labs. You will initially connect via VPN into the Student Network and hack your way into additional networks as the course progresses. Once you have completed the course videos, you will have the basic skills required to penetrate most of the vulnerable computers in our lab. Certain machines will require additional research and a great deal of determination in order to compromise them.
Please note that all the machines in your lab range are vulnerable to some type of attack/exploit. There are also several vulnerable machines within this range that act as routers, which lead to additional vulnerable networks. As you progress through the labs, you will discover various hints to machines throughout the lab environment. These hints will show the different relationships present between the machines that will help with specific attack vectors.
The lab network contains a large number of machines which range in difficulty. One of the most important skills you will need to learn as a penetration tester is to scan a number of machines and try to find the lowest hanging fruit. The IP addresses of the systems in the lab are not in any specific sequence and you should not start at the lowest target IP address and work your way through the in numerical order. You may not be able to fully compromise a particular network without first moving into another.
The IT, Dev, and Admin networks are not directly routable from the Public network but the Public network is routable from all other networks. You will need to use various techniques to gain access to the other networks. Some of these include making use of dual-homed machines or client-side exploits.
The PWK labs contain a number of simulated clients that can be exploited using client side attacks. These clients will do things that any typical human would do in a corporate setting. There are hints and information throughout the lab that will lead you to finding the simulated clients. Doing thorough post-exploitation information gathering may provide indications that target machines are communicating with one another.
The proof.txt files located on machines throughout the network are provided as a way to prove you have gained access to a particular machine and should be included in your lab report. These files should be seen only as “trophies” and not the end goal to reach. You should still aim to get a shell on the box with the highest level of privileges you possibly can.
It is highly recommended that you download and use the PWK VMware Virtual Machine image via a link that is provided in your welcome email. This image has a few different modifications compared to the standard ones listed on kali.org. The PWK VMware image is a custom build of Kali Linux and the course has been fully tested around it. Please note that if you choose not to use the PWK image, you may have issues completing the course material (e.g. Linux Buffer Overflow).
It is also not necessary to update the virtual machine in order to complete the course exercises; however, you are free to do so if you wish. Bear in mind that updating software may introduce new bugs or issues (especially if you have opted to use the “bleeding edge” repo). If you choose to update the VM, we strongly suggest that you create a snapshot of it before upgrading.
You will be provided with a Windows 7 client machine that has multiple uses while you are in the labs. Some example uses are for the buffer overflow exercises, testing payloads, or compiling Windows exploits.
To deal with the volume of information gathered during a penetration test, we suggest using KeepNote, a multipurpose note-taking application, to initially document all your findings. Using an application like KeepNote helps both in organizing the data digitally as well as mentally. When the penetration test is over, the interim documentation will be used to compile the full report. It doesn’t really matter which program you use for your interim documentation as long as the output is clear and easy to read.
Get used to documenting your work and findings — it’s the only professional way to get the job done!
During this course, you will be required to log your findings in the Offensive Security labs and exam. Once you complete the course lab guide and videos, you will be conducting a full-fledged penetration test inside our VPN lab for the THINC.local domain. The report should include, at minimum, the results of all course exercises added as an appendix, an executive summary, and a detailed rundown of all machines. A template for the penetration test report will be provided in both MS Word and Open Office formats. The penetration test report is what you would be presenting to a customer and the content that you decide to put inside your report is ultimately up to you as long as your report is clean and professional.
Learn Penetration Testing online with Kali Linux – the advanced Penetration Testing Training course by Offensive Security which leads towards the OSCP, marking you as an Offensive Security Certified Penetration Tester, with proven hands-on experience in the field.
To get a more in-depth indication of the course content and objectives of this Advanced Penetration Testing Training, please review the Course Syllabus.
This course may qualify you for 40 (ISC)² CPE Credits after you submit your documentation at the end of the course or pass the certification challenge.
|Item||Price in USD|
|Penetration Testing with Kali + 30 days Lab access + Certification||USD 800.00|
|Penetration Testing with Kali + 60 days Lab access + Certification||USD 1000.00|
|Penetration Testing with Kali + 90 days Lab access + Certification||USD 1,150.00|
|PWK Lab access – extension of 90 days||USD 600.00|
|PWK Lab access – extension of 60 days||USD 450.00|
|PWK Lab access – extension of 30 days||USD 250.00|
|PWK Lab access – extension of 15 days||USD 150.00|
|Upgrade from PWB v.3.0 to PWK||USD 200.00|
|Upgrade from PWB v.2.0 to PWK||USD 300.00|
|Upgrade from PWB v.1.0 to PWK||USD 400.00|
|OSCP – Certification retake||USD 60.00|
This was the most fun and challenging course I’ve ever taken. It’s also the most satisfying because although the course material is excellent, much of what you accomplish is due to your own hard work and commitment to Try Harder! I learned a lot and I can’t recommend it enough for anyone that wants to wants to hone their pen-testing skills – Read OSCP ReviewMike CzumakOSCP