Course Overview

Penetration Testing with Kali Linux is the foundational course at Offensive Security. Those new to OffSec or penetration testing should start here.

This online ethical hacking course is self-paced. It introduces penetration testing tools and techniques via hands-on experience. PWK trains not only the skills, but also the mindset required to be a successful penetration tester.

What’s new in PWK for 2020?


  • Modules
    • Active Directory Attacks
    • PowerShell Empire
    • Introduction to Buffer Overflows
    • Bash Scripting
  • Labs: 3 dedicated student virtual machines (Windows 10 client, Active Directory domain controller, Debian client), more shared lab machines
  • New target network to facilitate a hands-on walkthrough demonstrating a complete penetration testing exercise
  • Extra mile exercises


  • All existing modules were updated, most notably:
    • Passive Information Gathering
    • Win32 Buffer Overflows
    • Privilege Escalation
    • Client-Side Attacks
    • Web Application Attacks
    • Port Redirection and Tunneling
    • The Metasploit Framework
  • Updates to existing machines’ OS and attack vectors

To learn more about the updated modules and get answers to some frequently asked questions, see the announcement blog post.

Students who complete the course and pass the exam earn the coveted Offensive Security Certified Professional (OSCP) certification.


Course includes a 24-hour exam.


Learn ethical hacking tools and techniques.


Gain access to a virtual penetration testing lab.

Offensive Security Certified Professional (OSCP)

Earn your OSCP certification.

Certification Process

Once you’ve completed PWK and practiced your skills in the labs, you’re ready to take the certification exam. OSCP is a foundational penetration testing certification, intended for those seeking a step up in their skills and career.

The OSCP exam has a 24-hour time limit and consists of a hands-on penetration test in our isolated VPN network. You’ll receive the exam and connectivity instructions for an isolated network for which you have no prior knowledge or exposure. Points are awarded for each compromised host, based on their difficulty and level of access obtained.

You must submit a comprehensive penetration test report as part of your exam. Reports should contain in-depth notes and screenshots detailing your findings. This exam is proctored.

Real-world Benefits

A passing exam grade will declare you an Offensive Security Certified Professional (OSCP). The OSCP certification is well-known, respected, and required for many top cybersecurity positions.

Certified OSCPs are able to identify existing vulnerabilities and execute organized attacks in a controlled and focused manner. They can leverage or modify existing exploit code to their advantage, perform network pivoting and data exfiltration, and compromise systems due to poor configurations.

Completing the 24-hour exam demonstrates persistence and determination. An OSCP has also shown they can think outside the box while managing both time and resources.


Register at least 10 days prior to desired start date.


Establish connection to the virtual lab.


Progress through course materials and practice your skills.


Schedule certification exam within 120 days of course completion.

Offensive Security Certified Professional (OSCP)

Successfully complete 24-hour exam and earn your OSCP.

Course Details

Who is this course for?

This course is designed for information security professionals who want to take a serious and meaningful step into the world of professional penetration testing. This includes:

  • Pentesters seeking an industry-leading certification
  • Security professionals
  • Network administrators
  • Other technology professionals


Course Syllabus

PWK is a unique course that combines traditional course materials with hands-on simulations, using a virtual lab environment. The course covers the following topics. View the full syllabus.

  • Penetration Testing: What You Should Know
  • Getting Comfortable with Kali Linux
  • Command Line Fun
  • Practical Tools
  • Bash Scripting
  • Passive Information Gathering
  • Active Information Gathering
  • Vulnerability Scanning
  • Web Application Attacks
  • Introduction to Buffer Overflows
  • Windows Buffer Overflows
  • Linux Buffer Overflows
  • Client-Side Attacks
  • Locating Public Exploits
  • Fixing Exploits
  • File Transfers
  • Antivirus Evasion
  • Privilege Escalation
  • Password Attacks
  • Port Redirection and Tunneling
  • Active Directory Attacks
  • The Metasploit Framework
  • PowerShell Empire
  • Assembling the Pieces: Penetration Test Breakdown
  • Trying Harder: The Labs
Course Prerequisites

All students are required to have:

  • Solid understanding of TCP/IP networking
  • Reasonable Windows and Linux administration experience
  • Familiarity of Bash scripting with basic Python or Perl a plus


What competencies will you gain?
  • Using information gathering techniques to identify and enumerate targets running various operating systems and services
  • Writing basic scripts and tools to aid in the penetration testing process
  • Analyzing, correcting, modifying, cross-compiling, and porting public exploit code
  • Conducting remote, local privilege escalation, and client-side attacks
  • Identifying and exploiting XSS, SQL injection, and file inclusion vulnerabilities in web applications
  • Leveraging tunneling techniques to pivot between networks
  • Creative problem solving and lateral thinking skills


Supporting your Online Journey
  • 17+ hours of video
  • 850-page PDF course guide
  • Over 70 machines
  • Active student forums
  • Access to virtual lab environment


Course Reviews


My Philosophical Approach to OSCP

OSCP Review

How I became an Offensive Security Certified Professional

Course Pricing

All prices in US dollars.

Live Classes

QA – JUNE 7 TO 11 2021

Location: London, England, UK

Sign Up

QA – NOVEMBER 8 TO 12 2021

Location: London, England, UK

Sign Up

Are You Ready?

Register for PWK