Uncertain Times — Infosec's here to help. Learn about remote testing and other COVID-19 resources.

GPEN Certification Training Boot Camp

Infosec offers this five-day accelerated GPEN Boot Camp to train and prepare you for the GIAC® Penetration Tester (GPEN) certification exam, the prestigious security certification created and administered by the Global Information Assurance Certification.

Become a GIAC Penetration Tester (GPEN)

Boot camp overview

Our GPEN Boot Camp focuses on preparing you for the GPEN exam through engaging lectures and hands-on exercises. Penetration testing is a critical part of any organization’s IT security program and is required by multiple regulations and standards. You’ll leave with the ability to discover, assess and mitigate threats to information assets. GPEN holders demonstrate an understanding of penetration-testing methodologies, the relevant legal issues and the ability to properly conduct a penetration test using best practice technical and non-technical techniques.

Our program is designed around the GPEN topic areas and provides you with a quick and proven method for mastering the huge range of knowledge defined in the GPEN Exam Certification Objectives & Outcome Statements. This intense, five-day total immersion training experience is the product of a wide range of leading industry experts and authors, and has a significant return on investment, since you gain pentesting skills that are highly in demand, as well as the GIAC Penetration Tester certification.

Skill up and get certified, guaranteed

100% Satisfaction Guarantee

If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different Flex Pro or Flex Classroom course.

Knowledge Transfer Guarantee

If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.

What's included?

  • Five days of Infosec training with a leading security expert, bringing field experience and insight
  • Infosec digital courseware (physical textbooks available to purchase)
  • GPEN sample exam questions
  • Pre-paid card to cover the cost of exam fees
  • 90-day access to replays of daily lessons (Flex Pro)
  • 100% Satisfaction Guarantee

Hands-on labs

Hundreds of exercises in over 20 separate hands-on labs bring you up to speed with the latest threats to which your organization is most vulnerable. Practice penetration testing on our virtualized environment that simulates a full range of servers and services used in a real company. Learn how to compromise web servers, virtual machines, databases, routers and firewalls, and then put it all together in an unscripted evening CTF (capture the flag) exercise.

Award-winning training that you can trust

Best Software - Highest Satisfaction

Infosec Skills

Best IT Security-related Training Program

Infosec Skills

Best Cybersecurity Podcast

Cyber Work with Chris Sienko

Innovation Award - Software

Infosec

Technical Skills Development Software

Infosec Skills

Who should attend?

  • Penetration testers
  • IT security professionals whose responsibilities involve conducting security assessments
  • Ethical hackers
  • IT security auditors
  • Incident responders and computer forensic investigators
  • IT and information security professionals who want to expand their knowledge about offensive security

Prerequisites

  • Firm understanding of the Windows operating system
  • Basic understanding of Windows and Linux command line
  • Working knowledge of computer networking and the TCP/IP protocols
  • Basic understanding of cryptographic concepts

Can’t get away for a week?

Learn cybersecurity on-demand.

Get the cybersecurity training you need at a pace that fits your schedule with a subscription to Infosec Skills. Includes unlimited access to hundreds of additional on-demand courses — plus cloud-hosted cyber ranges where you can practice and apply knowledge in real-world scenarios — all for just $34 a month!

  • 70+ learning paths
  • 500+ courses
  • Cloud-hosted cyber ranges and hands-on projects
  • Skill assessments and certification practice exams
  • Infosec community peer support

Our clients

FedEx
Microsoft
Bank of America
Defense Information Systems Agency
Symantec

GPEN Boot Camp details

Day 1: Pentesting and reconnaissance

  • Course overview
  • Introduction to pentesting
    • Role of penetration tester
    • Penetration testing fundamentals
  • Penetration testing process
    • Penetration testing methodologies
    • Penetration testing steps
    • Reporting results
  • Reconnaissance phase
    • Finding and using publicly available information
    • Passive recon methods
    • Determining IP ranges
    • Scanning tools and techniques
    • Port scanning
    • OS fingerprinting
    • Service version scans
    • Advanced scanning techniques
    • Vulnerability scanning and mapping

Day 2: Exploitation

  • Exploitation phase
    • Types of exploits
    • Finding and using exploits
    • Metasploit framework components and terminology
    • Metasploit modules
    • Exploitation process with Metasploit
    • Creating and encoding payloads with msfvenom
    • Delivering payloads
    • Command shell vs. terminal access
    • Using meterpreter payload
  • Post-exploitation
    • Basic password attacks (guessing)
    • Obtaining and cracking password hashes
    • Advanced password cracking tools and techniques
    • Data exfiltration
    • File manipulation and movement

Day 3: Command line and PowerShell

  • Using Windows command line
    • Learning advanced command line skills
    • Gathering target system information via command line
    • Windows exploitation tools
  • Leveraging PowerShell
    • PowerShell introduction
    • PowerShell capabilities for pentesting
    • Advanced port-exploitation techniques with PowerShell

Day 4: Web app and wireless pentesting

  • Web application pentesting
    • Web application vulnerabilities overview
    • Scanning for web application vulnerabilities
    • Using proxies
    • Exploiting injection flaws
    • Exploiting XSS and CSRF
  • Attacking wireless networks
    • Wireless networks fundamentals
    • Wireless encryption standards
    • Wireless pentesting tools and techniques

Day 5: Exam review

  • GPEN exam review

Exceptional learning experiences powered by LX Labs cyber expertise

Infosec Flex boot camps are powered by LX Labs — our elite team of cyber SMEs, learning specialists and community of top-ranked security instructors, published authors and sought-after industry leaders. We rigorously vet each boot camp to guarantee it meets certification and compliance requirements and aligns with recognized guidelines like the NICE Cybersecurity Workforce Framework.

LX Labs