Penetration Testing Courses
SANS' Pen Test Training Courses are created to help professionals deliver high-value pen tests. Here's what you can expect from the SANS Pen Test Curriculum:
- Different platforms - Take a network, web app, mobile or wireless Pen Test course.
- A comprehensive curriculum - SANS Pen Test Curriculum spans beginner, advanced and specialist pen test skillsets.
- Cutting edge - SANS updates and refreshes Pen Test Training content regularly.
- Built by experts - All training content is created by a panel of pen test experts.
- Expert Instructors - SANS Pen Test Instructors who deliver training are globally respected, real-world practitioners.
- Extensive courseware - Students receive a library of books and resources.
- Flexible access - SANS offers different training methods.
Founded over 25 years ago, SANS now counts Fortune 500 enterprises, government departments and military bodies among its growing list of partners. We operate across more than 30 countries and have over 125,000 alumni.
Click here to jump to our full Pen Test course list
Why Choose A SANS Penetration Testing Course?
SANS' Pen Test Training Courses are developed by professionals who have earned their stripes on the discipline's front line. Our Courses are focused on equipping students with the technical skills, knowledge and tools they need to make a difference, as soon as they get back to the office.
SANS Training is hands on. Courses feature in-depth lab experiments, simulations, cryptographic challenges and war games.
These encompass:
- Modelling activities of real-world attackers
- Finding vulnerabilities in target systems
- Exploiting them under controlled circumstances
- Determining and documenting business risk
- Applying technical excellence
- Working in a professional, safe fashion according to a carefully designed scope and rules of engagement
- Helping an organisation prioritise their resources in improving its security stance
The purpose of this practical work is to practice, drill and test the knowledge that's been learned.
SANS provides the Pen Test community with free posters and downloads on our Pen Test Resources page.
Training Delivery
SANS offer a menu of training options. These include learning in a classroom-like environment at a Training Event, with a dedicated Instructor. These events offer the chance to secure a SANS Coin.
Alternatively students can take SANS Online Training. This option allows students to work in their own time, either at home or in the office.
Finally, for organisation that has over 25 students to train, we can deliver SANS Private Training. Here a SANS Instructor delivers training directly to staff, in their HQ or office.
Read what previous SANS Pen Test students thought about their training on our Testimonials page.
Certification
Many of our Pen Test Courses align with GIAC Certifications. Achieving a GIAC Pen Test Certification offers many benefits.
For employers it ensures staff possess cutting edge skills. For professionals, GIAC Certification can support career progression.
Courseware
Depending upon the course taken, Courseware can include:
- Textbooks - The textbooks, like the SANS Courses they complement, are regularly updated by our Pen Test experts.
- A tool set - If we explore a specific open source tool in class, we'll ensure students receive a copy. If there are licencing restrictions we'll ensure, at a minimum, students receive a trial version.
- Posters - To help make complex processes and concepts more digestible, SANS creates visual wall charts. They cover tips, tricks, tools, resources, and useful references.
- Virtualised resources - Where a course features it, students leave with a custom VM full of pen testing tools. The aim is to equip practitioners with the resources to carry out their own tests.
- Test subjects - Specimen software, apps and products to experiment on.
- Course audio - Access to audio files that hammer home important advice.
SANS Penetration Training Courses
SANS offers twelve distinct courses in this curriculum, covering different strands of the discipline. These courses fall into three categories - Core, Advanced and Specialist. For any questions relating to training please see our FAQs page.
SANS Core Pen Test Courses
For people new to cyber security who want to specialise in pen testing our Pen Test curriculum starts with SEC301, a course designed to teach information security's fundamentals.
From there students can move on to SEC401 - a practical, bootcamp style course designed to help defenders prevent attacks and detect adversaries.
SEC504 puts the bad guy's tactics and techniques under the microscope. It proves invaluable insight into finding vulnerabilities and discovering intrusions. By its very nature, SEC504 is aligned with criminals' latest tactics, technologies and exploits.
SANS Advanced Pen Test Courses
SANS offers a menu of courses that focus on testing and securing different technologies. For example, SEC560 explores network testing. Our SEC561 course builds on this curriculum, offering intensive, hands-on Pen Test training.
SEC562 is SANS' unique CyberCity course. CyberCity is a programme built around a fully wired, connected and scaled model of a modern city. The course teaches students how to attack and defend the city's logical and digital infrastructure.
SEC575 lasers in on mobile device security, while SEC542 tackles web app pen testing.
Developers and defenders who specialise in Python may like to explore SEC573. This course looks at how their skills can be used to aid pen testing missions.
All these courses are full of practical, real world knowledge. They explore how important tools work, and how to conduct tests in a professional and safe manner.
SANS Specialist Pen Test Courses
For students who have existing pen testing experience - or have completed SEC560 - SANS offers SEC660. This heavyweight course explores, among other topics, how today's dominant network protocols, operating systems, and cryptographic practices can be exploited.
SEC760 is one of SANS' most technically demanding courses. It tackles exploit development for pen testers. It teaches students how to write their own white-hat exploits after researching an attack surface. This might be by reverse engineering applications, kernel debugging or though patch analysis.
SEC617 is our specialist course that focuses on wireless hacking, pen test technique, and defence.
Along with networking, apps are becoming a popular business necessity. SEC642 teaches students how criminals approach attacking apps and what can be learned from their techniques.



Event | Dates | Register |
---|---|---|
Private Training Course of Your Choice | Your Choice |