Train to become OSCP+ certified
PEN-200: Penetration Testing with Kali Linux
Starting at $1,749
Level
200282h of content
- Gain expertise in penetration testing topics, including XSS, SQL Injection, privilege escalation, Active Directory and AWS exploitation
- Be professionally recognized for life as an OffSec Certified Professional (OSCP) and gain your 3-year OSCP+
Overview
PEN-200 is OffSec’s hands-on ethical hacking and penetration testing course, teaching core pentesting skills including enumeration, exploitation, and evidence gathering for proof of work. It’s designed to prepare you for the OSCP+ exam, providing you with a lifetime penetration testing certification (OSCP). It offers a strong foundation for cybersecurity professionals looking to strengthen their understanding of penetration testing methodology
The Penetration Testing with Kali Linux (PEN-200) course is OffSec’s essential training program for aspiring penetration testers. The course teaches learners how to identify and exploit real-world vulnerabilities across computers, network security, web applications, and basic cloud environments. Emphasizing hands-on, practical learning, PEN-200 provides the core technical skills and mindset required to simulate offensive information security operations—and defend against them. It’s a critical resource for those pursuing roles such as penetration tester, security analyst, security specialist, or certified ethical hacker.
PEN-200 covers a wide range of topics and attack techniques, including:
- Providing an introduction to cybersecurity and an effective learning strategy to help you get started
- Performing enumeration and information gathering, including vulnerability scanning and vulnerability assessment
- Understanding encryption and cryptography
- Utilizing perimeter attacks in web and application security as well as client-side attacks, where we go into depth in the commonly seen vulnerabilities such as XSS, Command Injection, Directory Traversal, File Uploads, and SQL Injection. We also cover password attacks and touch on Anti-Virus Evasion
- Performing Windows and Linux privilege escalation and lateral movements, including pivoting and tunneling techniques
- Using Active Directory, attacking Active Directory authentication, and lateral movement in Active Directory
- Enumerating and attacking AWS cloud infrastructure
- Learning how to use commonly used tools and commands in penetration testing, such as Nmap, Metasploit, Burp Suite, Hydra, Nessus, sqlmap, and Shellter
PEN-200 is organized into 20+ modules. Most modules have companion videos for the visually inclined learners. Most modules have hands-on labs to help learners practice the concept and theory taught in that module. After mastering each of the techniques and skills taught in all modules, learners can move on to the 9 challenge labs to practice a combination of skills in one lab, mimicking the real-world penetration test engagement. To help learners get ready for their OSCP+ certification exam, three challenge labs are designed to closely replicate the OSCP+ exam environment.
PEN-200 is suitable for those wishing to embark on a professional pen testing career, or wanting to learn ethical hacking skills possessed by pen testers. Before taking this course, we do suggest having hands-on practical knowledge of Linux and Windows administration, networking, and network scripting.
Becoming OSCP+ certified
-
24-hour proctored
All certification exams are proctored by an OffSec employee in a private VPN
-
Hands-on labs
Identify, exploit, and report real-world vulnerabilities in live lab systems
-
3 standalone machines
60% of the exam will be graded on initial access and privilege escalation
-
1 Active Directory set
40% of the exam will be simulating a breach scenario across 3 machines
OSCP+ certification
About the exam
The Offensive Security (OffSec) Certified Professional certification demonstrates your ability to ethically identify vulnerabilities, exploit systems, and escalate privileges.
$1,699/once
OSCP+ Standalone Exam
Already prepared for the exam? Purchase an OSCP+ exam attempt without the training materials.
Upon passing the exam, learners earn both the OSCP and OSCP+ certification. The OSCP+ designation will differ from the existing OSCP certification in only one way; it will expire three (3) years from issuance. The OSCP certification has no expiration date and continues to be valid indefinitely.
OffSec is trusted by
Start learning with OffSec
$2,749/year*
Best value
Learn One
Includes one year of access to one 200 or 300-level course, the associated labs, and two exam attempts
$1,749/once
Most popular
Course + Cert Bundle
Includes 90 days of access to one 200 or 300-level course, hands-on labs, and a single exam attempt
Flexible pricing for teams of any size
Scalable options to fit your team's training needs
What changes when you earn it
OSCP+ shows hiring teams real proof of skill. It shows you can deliver under real conditions, not just talk about it.
-
Break problems down
Instead of getting stuck, you decompose and iterate under pressure
-
Stay composed when plans fail
The exam trains you to reset, reassess, and keep moving, not freeze
-
Defend with sharper judgement
Thinking like an attacker reshapes your understanding of every control
Beyond exploitation technique
What it tests
OSCP+ measures your ability to perform under pressure and real-world constraints, not just show skill in a controlled environment.
"The exam isn’t designed like a CTF. It’s designed for penetration testers. The machines reward methodical enumeration and professional decision making."
- Theodosios Psarras
A mindset that lasts
What you build
OffSec’s #TryHarder philosophy shifts your thinking from knowing tools to knowing why, when, and how to use them under pressure.
"Ironically, this journey made me an even better defender. Understanding why certain controls exist, why detections can’t be static."
- OSCP Graduate
Persistence is the standard
Failure is the feature
Not everyone passes on the first try. OSCP+ does not reward shortcuts. Multiple attempts are part of the journey.
"I failed my first exam with 20 points. Two months later, I passed with 80."
- OSCP Graduate
Are you ready to #TryHarder?
You're closer than you think.
You don’t need to be perfect. You need to be persistent. If you’re comfortable in Linux, understand basic networking, and you’re willing to sit with a hard problem...
PEN-200 FAQ
Success stories from the field
Balancing my day job while preparing for the exam was a big challenge, but I managed to push through and succeed. The "try harder" mentality fits the OSCP journey very well—not because it's impossible, but because it demands persistence and the refusal to give up.
The OSCP journey taught me to think like an attacker—a critical skill for defending sensitive assets in today’s cybersecurity landscape, and I’m excited to apply these skills in my career. I highly recommend OffSec's rigorous training to anyone looking to elevate their penetration testing expertise or security skills in general.
I would 100% recommend this course to anyone seeking a broad and thorough technical understanding of many fundamental pentest concepts and practices, all delivered through a hands-on, well structured and complete lab environment.
I'm thrilled to have obtained the OSCP certification, marking a significant accomplishment in my cybersecurity journey. OffSec's exceptional training materials, hands-on labs, and challenging exercises play an important role in honing my practical skills and application of the acquired knowledge in real-world penetration testing engagements.
Looking back, this experience taught me more than just technical skills. I learned a lot about my body, my emotions, and the importance of strategic breaks. The OSCP is not just a test of hacking skills, it's a mental and physical endurance challenge for me.
The OSCP+ does not just test your technical skills. It pushes your ability to focus under pressure, to stay disciplined, and to know when to push forward and when to step back and reassess. This was as much a mental game as a technical one. Grateful for the journey and the growth.
-
On-demand lab access
Train anytime in up-to-date, practical, cutting-edge labs
-
Structured learning modules
Progress through clear, goal-driven topics
-
Challenge-based learning
Build skills through real-world, hands-on challenges
-
AI-powered learning assistant
Get instant, guided help with complex topics
Realistic lab environments
Built to sharpen your team's skills through practical learning
Request a demo 
Kali
The stealthiest can slip past the fiercest defenses, leaving no sign behind.
Level
OSCP+ Certification
PEN-200
Origin
Born of the digital abyss, Kali weaves through encrypted fortresses with a serpentine grace, breaching firewalls unseen. Kali’s mastery lies in the art of evasion, leaving no footprint behind, purpose fulfilled with every secure pathway forged anew.
Strengths
Master of network exploitation; thrives in bypassing defenses and exploiting vulnerabilities that others overlook
Traits
Tactics of choice
Stealthy lateral movement, quietly exploiting weak points while remaining undetected, until the target is fully compromised.
