Train to become OSCP+ certified
PEN-200: Penetration Testing with Kali Linux
Starting at $1,749
Level
200287h of content
- Gain expertise in penetration testing topics, including XSS, SQL Injection, privilege escalation, Active Directory and AWS exploitation
- Be professionally recognized for life as an OffSec Certified Professional (OSCP) and gain your 3-year OSCP+
Overview
PEN-200 is OffSec’s hands-on course, teaching core pentesting skills including enumeration, exploitation, and evidence gathering for proof of work. It’s designed to prepare you for the OSCP+ exam, providing you with a lifetime OSCP certification. It offers a strong foundation for cybersecurity professionals looking to strengthen their understanding of penetration testing methodology
The Penetration Testing with Kali Linux (PEN-200) course is OffSec’s essential training program for aspiring penetration testers. The course teaches learners how to identify and exploit real-world vulnerabilities across computers, network security, web applications, and basic cloud environments. Emphasizing hands-on, practical learning, PEN-200 provides the core technical skills and mindset required to simulate offensive information security operations—and defend against them. It’s a critical resource for those pursuing roles such as security analyst, security specialist, or certified ethical hacker.
PEN-200 covers a wide range of topics and attack techniques, including:
- Providing an introduction to cybersecurity and an effective learning strategy to help you get started
- Performing enumeration and information gathering, including vulnerability scanning
- Understanding encryption and cryptography
- Utilizing perimeter attacks in web security and client-side attacks, where we go into depth in the commonly seen vulnerabilities such as XSS, Command Injection, Directory Traversal, File Uploads, and SQL Injection. We also cover password attacks and touch on Anti-Virus Evasion
- Performing Windows and Linux privilege escalation and lateral movements, including pivoting and tunneling techniques
- Using Active Directory, attacking Active Directory authentication, and lateral movement in Active Directory
- Enumerating and attacking AWS cloud infrastructure
- Learning how to use commonly used tools and commands in penetration testing, such as Nmap, Metasploit, Burp Suite, Hydra, Nessus, sqlmap, and Shellter
PEN-200 is organized into 20+ modules. Most modules have companion videos for the visually inclined learners. Most modules have hands-on labs to help learners practice the concept and theory taught in that module. After mastering each of the techniques and skills taught in all modules, learners can move on to the 9 challenge labs to practice a combination of skills in one lab, mimicking the real-world penetration test engagement. To help learners get ready for their OSCP+ exam, three challenge labs are designed to closely replicate the OSCP+ exam environment.
PEN-200 is suitable for those wishing to embark on a professional pen testing career, or wanting to learn skills possessed by pen testers. Before taking this course, we do suggest having hands-on practical knowledge of Linux and Windows administration, networking, and network scripting.
Becoming OSCP+ certified
-
24-hour proctored
All exams are proctored by an OffSec employee in a private VPN
-
Hands-on labs
Identify, exploit, and report real-world vulnerabilities in live lab systems
-
3 standalone machines
60% of the exam will be graded on initial access and privilege escalation
-
1 Active Directory set
40% of the exam will be simulating a breach scenario across 3 machines
OSCP+ certification
About the exam
The OffSec Certified Professional certification demonstrates your ability to ethically identify vulnerabilities, exploit systems, and escalate privileges.
$1,699/once
OSCP+ Standalone Exam
Already prepared for the exam? Purchase an OSCP+ exam attempt without the training materials.
Upon passing the exam, learners earn both the OSCP and OSCP+ certification. The OSCP+ designation will differ from the existing OSCP certification in only one way; it will expire three (3) years from issuance. The OSCP certification has no expiration date and continues to be valid indefinitely.
Start learning with OffSec
$2,749/year*
Best value
Learn One
Includes one year of access to one 200 or 300-level course, the associated labs, and two exam attempts
$1,749/once
Most popular
Course + Cert Bundle
Includes 90 days of access to one 200 or 300-level course, the associated labs, and a single exam attempt
Train your team with OffSec
$6,099/year*
All access
Learn Unlimited
Unlimited OffSec Learning Library access plus unlimited exam attempts for one year
Get a quote
Large teams
Learn Enterprise
Unlimited OffSec Learning Library access with flexible terms and volume discounts available
Validate your expertise.
Amplify your impact.
-
Mindset & work ethic
Instill a relentless problem-solving mindset that employers value highly in security professionals
-
Globally recognized certification
OffSec certs build elite, hands-on skills trusted by the world's top companies
-
Organization value & trust
Trusted to train skilled, consistent, and reliable security teams
-
Certified candidates win
91% of respondents prefer to hire candidates with certifications (Fortinet, 2024 Cybersecurity Skills Gap Report)
Realistic lab environments
Built to sharpen skills through practical, immersive learning
Request a free trial -
On-demand lab access
Train anytime in up-to-date, practical, cutting-edge labs
-
Structured learning modules
Progress through clear, goal-driven topics
-
Challenge-based learning
Build skills through real-world, hands-on challenges
-
AI-powered learning assisstant
Get instant, guided help with complex topics
Success stories from the field
Balancing my day job while preparing for the exam was a big challenge, but I managed to push through and succeed. The "try harder" mentality fits the OSCP journey very well—not because it's impossible, but because it demands persistence and the refusal to give up.
The OSCP journey taught me to think like an attacker—a critical skill for defending sensitive assets in today’s cybersecurity landscape, and I’m excited to apply these skills in my career. I highly recommend OffSec's rigorous training to anyone looking to elevate their penetration testing expertise or security skills in general.
I would 100% recommend this course to anyone seeking a broad and thorough technical understanding of many fundamental pentest concepts and practices, all delivered through a hands-on, well structured and complete lab environment.
I'm thrilled to have obtained the OSCP certification, marking a significant accomplishment in my cybersecurity journey. OffSec's exceptional training materials, hands-on labs, and challenging exercises play an important role in honing my practical skills and application of the acquired knowledge in real-world penetration testing engagements.
Looking back, this experience taught me more than just technical skills. I learned a lot about my body, my emotions, and the importance of strategic breaks. The OSCP is not just a test of hacking skills, it's a mental and physical endurance challenge for me.
The OSCP+ does not just test your technical skills. It pushes your ability to focus under pressure, to stay disciplined, and to know when to push forward and when to step back and reassess. This was as much a mental game as a technical one. Grateful for the journey and the growth.
PEN-200 FAQ
Flexible pricing for teams of any size
Scalable options to fit your team's training needs
