Overview
Who Should Attend
This course is designed for a range of individuals interested in ethical hacking and penetration testing. It is suitable for individuals with a foundational understanding of networking, Linux, and basic programming, who are ready to dive deeper into the technical aspects of penetration testing. Other roles include:
Infosec professionals transitioning into penetration testing
Security analysts or engineers who want to broaden their expertise in offensive security
System Administrators looking to strengthen their knowledge of network and system vulnerabilities to enhance security
Red Team Members who need advanced hacking skills
Developers and Software Engineers who need to write more secure code
IT Managers and Network Engineers
What's In It for Me
90 days access of Offsec PEN-200 online training materials and lab access.
1 exam attempt (schedule exam date within 120 days from lab access end date)
Practice using suites of tools for vulnerability assessment.
Practice various techniques for penetration testing.
Conduct attacks on active directory environments and different challenge machines.
Learn to prepare vulnerability assessment and penetration testing reports.
Course Overview
This is a 5-day intensive course that offers the participants highly regarded, hands-on experience with carefully curated content focused on practical, real-world scenarios to equip them with the knowledge and expertise needed to identify and exploit vulnerabilities.
Participants will learn the techniques to conduct attacks on the challenge machines in different networks and scenarios and be trained to become skilled penetration testers and ethical hackers.
Course Description & Learning Outcomes
Course Objectives
Upon completing this course, participants will be able to:
Learn to document vulnerability assessment and penetration testing reports.
Learn passive and active information gathering techniques to identify and enumerate target machines running various operating systems and services.
Learn to write basic scripts and tools to aid penetration testing.
Learn to analyse, correct, modify, compile and port public exploit code for penetration testing.
Learn to conduct remote, local privilege escalation and client-side attacks.
Learn to identify and exploit SQL injection in web applications.
Learn to leverage various tunnelling techniques to pivot between networks.
Learn to conduct attacks on active directory authentication and lateral movement in the Active directory.
Course Outline
Introduction to Cybersecurity
Report Writing for Penetration Testers
Information Gathering
Vulnerability Scanning
Locating Public Exploits
Fixing Exploits
Introduction to Web Applications
SQL Injection Attacks
Password Attacks
Port Redirection and SSH Tunnelling
Linux Privilege Escalation
Windows Privilege Escalation
Active Directory Introduction and Enumeration
Attacking Active Directory Authentication
Lateral Movement in Active Directory
Certificate Obtained and Conferred by:
Certificate of Completion from NTUC LearningHub
Upon meeting at least 75% attendance and passing the assessment(s), participants will receive a Certificate of Completion from NTUC LearningHub.
Statement of Attainment (SOA) from SkillsFuture Singapore
After passing the assessment(s), participants will receive a SOA from SkillsFuture Singapore, certifying that they have achieved the following Competency Standard(s):
ICT-DIT-3012-1.1 Security Assessment and Testing
External Certification
The participant will be given one attempt for OffSec Certified Professional (OSCP) certification exam after attending this course. You have up to three opportunities to reschedule before locking in a specific date and time. For detailed instructions on scheduling, rescheduling, and checking exam expiration dates, please reference the Exams: Scheduling, Expiry, Rules and Recommendations. Upon passing the exam, you will receive the OSCP+. The OSCP certification itself never expires, while the OSCP+ status can be renewed every three years. Find out more about the renewal of Offsec certifications. This certification demonstrate proficiency in identifying vulnerabilities, exploiting systems, escalating privileges, and documenting their findings in a real-world environment. The certification is relevant to roles such as penetration testers, security analysts, and consultants, confirming their ability to conduct comprehensive security assessments.
The course fee includes 1 exam attempt. For 2nd attempt onwards you can purchase via exam e-shop.
Exam duration: 23 hours and 45 minutes to complete the exam
Exam format: 60 points (3 independent targets) + 40 points (2 clients, 1 domain controller), proctored
Passing score: Not applicable Find out more information about the OSCP Exam Guide.
*You will be awarded with the following digital badge(s) upon passing OffSec Certified Professional (OSCP) certification
Recommended Prerequisites
The admission requirements are:
Read the OSCP Exam FAQ before signing up for this program
Solid understanding of TCP/IP networking - TCP/IP Addressing and subnetting, protocols and services that use TCP/IP
Reasonable Windows and Linux administration experience - Linux Journey, Kali Linux Revealed
Active Directory - Microsoft Active Directory Domain Services Overview
Familiarity with basic Bash and/or Python scripting – Bash, Python
Understand the technical requirements of this course, Offsec Penetration Testing with Kali Linux
Understand the difference between Bind Shells and Reverse Shells
Understand the differences between Transmission Control Protocol and User Datagram Protocol
Comfortable in reading code in various languages (.NET, PHP, HTML, Python)
Know how to use common Windows and Linux command-line tools for system administration
Write a simple script in Python to automate tasks
Use Bash scripting to find and replace text in multiple files
Comfortable in reading SQL Statements
Perform reconnaissance on a given machine
Experienced working with virtual machines for penetration testing
Exploit a known vulnerability in a web application
Proficient with tools like Nmap, Metasploit, and Burp Suite
Understand what privilege escalation is
Experienced working with Windows Server or Active Directory
To ensure success in this course, prior completion of the below courses is required.
CompTIA Network+
CompTIA Linux+
CompTIA Server+
CompTIA Security+
Introduction to Python Programming
Pre-course instructions
Hardware & Software:
The Live Online Class for this course will be conducted via the Zoom platform.
Participants taking the Live Online Class must own a Zoom account and have a laptop or a desktop with “Zoom Client for Meetings” installed. Download from zoom.us/download and make sure the device requirements are met.
Good-to-have:
Wired internet connection Wired internet will provide you with stable and reliable connection.
Dual monitors Using a dual monitor setup will undoubtedly improve your training experience, enabling you to simultaneously participate in hands-on exercises and maintain engagement with your instructor.
Not recommended:
Using tablets are not recommended due to their smaller screen size, which could cause eye strain and discomfort over the course of the program's duration.
Schedule
End Date: 31 Dec 2026, Thursday
Weekdays, Weekends
Location: NTUC Trade Union House, 189556 and OnlinePricing
Course fees: SGD 5500 before GST and subsidies
Skills Covered
PROFICIENCY LEVEL GUIDE
Beginner: Introduce the subject matter without the need to have any prerequisites.
Proficient: Requires learners to have prior knowledge of the subject.
Expert: Involves advanced and more complex understanding of the subject.
- Cybersecurity (Proficiency level: Expert)
