Penetration Testing Courses

Penetration Testing Courses

SEC402: Cybersecurity Writing: Hack the Reader

Want to write better? Learn to hack the reader! Discover how to find an opening, break down your readers' defenses, and capture their attention to deliver your message--even if they‚re too busy or indifferent to others' writing. This unique course, built exclusively for cybersecurity professionals, will strengthen your writing skills and boost your security career.

SEC460: Enterprise Threat and Vulnerability Assessment

SEC460 will help build your technical vulnerability assessment skills and techniques using time-tested, practical approaches to ensure true value across the enterprise. In this course, you will use real industry-standard security tools for vulnerability assessment, management, and mitigation; learn a holistic vulnerability assessment methodology while focusing on challenges faced in a large enterprise; and practice on a full-scale enterprise range chock full of target machines representative of an enterprise environment, leveraging production-ready tools and a proven testing methodology. SEC460 takes you beyond the checklist and gives you a tour of attackers‚ perspectives that is crucial to discovering where they will strike.

"SEC460 has provided me the knowledge to build a great Vulnerability Management/Vulnerability Assessment Program that vendor courses couldn't provide."
- Eric Osmus, ConocoPhillips Company

SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling

"The training offered at SANS is the best in the industry, and the SEC504 course is a must for any IT security professional - highly recommended."
- Michael Hoffman, Shell Oil Products US

SEC542: Web App Penetration Testing and Ethical Hacking

In SEC542, you will practice the art of exploiting web applications to find flaws in your enterprise's web apps. You'll learn about the attacker's tools and methods in order to be a more powerful defender. Through detailed, hands-on exercises and with guidance from the instructor, you will learn the four-step process for web application penetration testing; inject SQL into back-end databases to learn how attackers exfiltrate sensitive data; and utilize cross-site scripting attacks to dominate a target infrastructure. You will also explore various other web app vulnerabilities in-depth using proven techniques and a structured testing regimen.

"SEC542 shows a hands-on way of doing web app penetration testing--not just how to use this tool, or that tool."
- Christopher J. Stover, Infogressive Inc.

SEC550: Active Defense, Offensive Countermeasures and Cyber Deception

In SEC550, you will learn to better understand attackers and their methods, develop new strategies to defend your network, and learn how to attack the attackers. You won't just learn about Active Defenses - you'll learn to track attackers using callback Word documents and Honeybadgers, and how to create and deploy honeypots. We'll work through many hands-on activities and labs that will enable you to quickly and easily implement what you learn in your own working environment.

"SEC550 provides defender TTPs that have the ability to be game changers."
- Kathryn Swan, Federal Resrve Bank of San Francisco

SEC560: Network Penetration Testing and Ethical Hacking

SEC560 prepares you to conduct successful penetration testing and ethical hacking projects. You will learn how to perform detailed reconnaissance, exploit target systems to gain access and measure real business risk, and scan target networks using best-of-breed tools in hands-on labs and exercises. You won't just learn run-of-the-mill options and configurations, you'll also learn the lesser-known but super-useful capabilities of the best pen test toolsets available today. The course concludes with an intensive, hands-on Capture-the-Flag exercise in which you will conduct a penetration test against a sample target organization and demonstrate the knowledge you have mastered.

"SEC560 provides practical, how-to material that I can use daily in my penetration testing activities--not only technically, but also from a business perspective."
- Steve Nolan, General Dynamics

SEC562: CyberCity Hands-on Kinetic Cyber Range Exercise

SEC562 will prepare you to analyze and assess the security of control systems and related infrastructure and find vulnerabilities that could result in significant kinetic impact. In this innovative, cutting-edge course based on the SANS CyberCity kinetic range, you will learn how to analyze, control, and defend countless control systems, protocols, and other kinetic infrastructure you will face in the future. The course is chock full of practical skills you will be able to use in your own practice, including how to conduct penetration tests and assessments associated with kinetic infrastructure, how to rapidly prototype computer attack tools against specific vulnerabilities, and many more.

SEC564: Red Team Exercises & Adversary Emulation

"The content from SEC564 is great and I will be able to implement it in my organization right away!"
- Kirk Hayes, Rapid 7

SEC567: Social Engineering for Penetration Testers

SEC567 will prepare you to add social engineering skills to your penetration testing portfolio. In this course, you will learn how to perform recon on targets using a wide variety of sites and tools, create and track phishing campaigns, and develop media payloads that effectively demonstrate compromise scenarios. You'll also learn how to conduct pretexting exercises, and you'll put what you've learned into practice with a fun Capture-the-Human exercise. SEC567 will open up new attack possibilities, help you better understand the human vulnerability in attacks, and provide you hands-on practice with snares that have been proven effective.

"SEC567 exposes you to the tools and techniques needed to execute a social engineering engagement that provides value to executives and others."
- Srinath Kannan, Ernst & Young

SEC573: Automating Information Security with Python

The best penetration testers can customize existing open source tools or develop their own tools. The ability to read, write, and customize software is what distinguishes the good penetration tester from the great penetration tester. This course is designed to give you the skills you need for tweaking, customizing, or outright developing your own tools to put you on the path of becoming a great penetration tester.

"SEC573 is excellent. I went from having almost no python coding ability to being able to write functional and useful programs."
- Caleb Jaren, Microsoft

SEC575: Mobile Device Security and Ethical Hacking

SEC575 will prepare you to evaluate the security of mobile devices, effectively assess and identify flaws in mobile applications, and conduct a mobile device penetration test - all critical skills required to protect and defend mobile device deployments. In this course, you will learn how to pen test the biggest attack surface in your organization; dive deep into evaluating mobile apps, operating systems, and their associated infrastructure; and help your organization better defend against the onslaught of mobile device attacks.

"SEC575 provides an incredible amount of information, and the hands-on labs are awesome. It is a must-have for mobile penetration testers."
- Richard Takacs, Integrity360

SEC580: Metasploit Kung Fu for Enterprise Pen Testing

"SEC580 is the best course available on the planet for in-depth knowledge of Metasploit."
- Tom Reeves, Northrup Grumman

SEC617: Wireless Penetration Testing and Ethical Hacking

SEC617 will give you the skills you need to understand the security strengths and weaknesses in wireless systems. In this course, you will learn how to evaluate the ever-present cacophony of Wi-Fi networks and identify the Wi-Fi access points and client devices that threaten your organization; assess, attack, and exploit deficiencies in modern Wi-Fi deployments using WPA2 technology, including sophisticated WPA2-Enterprise networks; use your understanding of the many weaknesses in Wi-Fi protocols and apply it to modern wireless systems; and identify and attack Wi-Fi access points and exploit the behavioral differences in how client devices scan for, identify, and select access points. SEC617 is a highly technical, hands-on penetration testing skill-development class that requires a wide variety of hardware and software tools to successfully build new skills. You will receive the SANS Wireless Assessment Toolkit (SWAT), a collection of hardware and software tools to jumpstart your ability to assess wireless systems, and a customized Linux software environment to enable you to work on assessing systems and avoid fighting hardware/software incompatibility.

"Amazing class! Every day in SEC617 included essential information and valuable labs that demonstrated the need for wireless security."
- Steven Ostrander, Arma Global

SEC642: Advanced Web App Penetration Testing, Ethical Hacking, and Exploitation Techniques

SEC642 will teach you the advanced skills and techniques required to test modern web applications and next-generation technologies. In this course, you will learn through a combination of lectures, real-world experiences, and hands-on exercises that will teach you the techniques to test the security of tried-and-true internal enterprise web technologies, as well as cutting-edge Internet-facing applications. On the final day of the course, you will apply the knowledge you have acquired in a Capture-the-Flag competition, a fun environment based on real-world technologies.

"The topics in SEC642 are extremely important for this industry, and it's great to see them being covered."
- Raymond R. Pagan-Quinones, Dell/EMC Corp

SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking

SEC660 is designed as a logical progression point for students who have completed SEC560: Network Penetration Testing and Ethical Hacking, or for those with existing penetration testing experience. This course provides you with in-depth knowledge of the most prominent and powerful attack vectors and furnishes an environment to perform these attacks in numerous hands-on scenarios. The course goes far beyond simple scanning for low-hanging fruit and teaches you how to model the abilities of an advanced attacker to find significant flaws in a target environment and demonstrate the business risk associated with these flaws.

"SEC660 is the right balance between theory and practice; it's hands-on, not too hard, but also not too easy."
- Anton Ebertzeder, Siemens AG

SEC699: Purple Team Tactics - Adversary Emulation for Breach Prevention & Detection

SEC699 is SANS's advanced purple team offering, with a key focus on adversary emulation for data breach prevention and detection. Throughout this course, students will learn how real-life threat actors can be emulated in a realistic enterprise environment, including multiple AD forests. In true purple fashion, the goal of the course is to educate students on how adversarial techniques can be emulated (manual and automated) and detected (use cases/rules and anomaly-based detection). A natural follow-up to SEC599, this is an advanced SANS course offering, with 60 percent of class time spent on labs!

SEC760: Advanced Exploit Development for Penetration Testers

SEC760 will provide you with the advanced skills to improve your exploit development and understand vulnerabilities beyond a fundamental level. In this course, you will learn to reverse-engineer 32-bit and 64-bit applications, perform remote user application and kernel debugging, analyze patches for one-day exploits, and write complex exploits (such as use-after-free attacks) against modern software and operating systems. The course was designed to help you get into highly sought-after positions, teach you cutting-edge tricks to thoroughly evaluate a target, and defend against even the most skilled attackers.

"SEC760 being the most advanced SANS course comes with an intimidation factor; however, the instructor did a great job of walking through the exercises and explaining how things worked."
- Anonymous