Study any time, from any device.

GPEN Certification Training Boot Camp

Infosec offers this five-day accelerated GPEN Boot Camp to train and prepare you for the GIAC® Penetration Tester (GPEN) certification exam, the prestigious security certification created and administered by the Global Information Assurance Certification.

Become a GIAC Penetration Tester (GPEN)

Boot camp overview

Our GPEN Boot Camp focuses on preparing you for the GPEN exam through engaging lectures and hands-on exercises. Penetration testing is a critical part of any organization’s IT security program and is required by multiple regulations and standards. You’ll leave with the ability to discover, assess and mitigate threats to information assets. GPEN holders demonstrate an understanding of penetration-testing methodologies, the relevant legal issues and the ability to properly conduct a penetration test using best practice technical and non-technical techniques.

Our program is designed around the GPEN topic areas and provides you with a quick and proven method for mastering the huge range of knowledge defined in the GPEN Exam Certification Objectives & Outcome Statements. This intense, five-day total immersion training experience is the product of a wide range of leading industry experts and authors, and has a significant return on investment, since you gain pentesting skills that are highly in demand, as well as the GIAC Penetration Tester certification.

Skill up and get certified, guaranteed

100% Satisfaction Guarantee

If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different Flex Pro or Flex Classroom course.

Knowledge Transfer Guarantee

If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.

What's included?

  • Five days of Infosec training with a leading security expert, bringing field experience and insight
  • Infosec digital courseware (physical textbooks available to purchase)
  • GPEN sample exam questions
  • Pre-paid card to cover the cost of exam fees
  • 90-day access to replays of daily lessons (Flex Pro)
  • 100% Satisfaction Guarantee

Hands-on labs

Hundreds of exercises in over 20 separate hands-on labs bring you up to speed with the latest threats to which your organization is most vulnerable. Practice penetration testing on our virtualized environment that simulates a full range of servers and services used in a real company. Learn how to compromise web servers, virtual machines, databases, routers and firewalls, and then put it all together in an unscripted evening CTF (capture the flag) exercise.

Award-winning training that you can trust

Rising Star

Partner Award

G2 Crowd Leader

Technical Skills Development Software

Gold Winner

Best Cybersecurity Education Provider

Publisher's Choice

Security Training for Infosec Professionals

Top 20 Company

IT Training

Who should attend?

  • Penetration testers
  • IT security professionals whose responsibilities involve conducting security assessments
  • Ethical hackers
  • IT security auditors
  • Incident responders and computer forensic investigators
  • IT and information security professionals who want to expand their knowledge about offensive security


  • Firm understanding of the Windows operating system
  • Basic understanding of Windows and Linux command line
  • Working knowledge of computer networking and the TCP/IP protocols
  • Basic understanding of cryptographic concepts

Can’t get away for a week?

Learn cybersecurity on-demand.

Get the cybersecurity training you need at a pace that fits your schedule with a subscription to Infosec Skills. Includes unlimited access to hundreds of additional on-demand courses — plus cloud-hosted cyber ranges where you can practice and apply knowledge in real-world scenarios — all for just $34 a month!

  • 400+ courses
  • 4 cyber range environments
  • 100+ hands-on labs
  • Certification practice exams
  • 50+ learning paths

You're in good company.

"I’ve taken five boot camps with Infosec and all my instructors have been great."

Jeffrey Coa

Information Security Systems Officer

"Comparing Infosec to other vendors is like comparing apples to oranges. My instructor was hands-down the best I’ve had." 

James Coyle

FireEye, Inc.

"I knew Infosec could tell me what to expect on the exam and what topics to focus on most."

Julian Tang

Chief Information Officer

Our clients

Bank of America
Defense Information Systems Agency

GPEN Boot Camp details

Day 1: Pentesting and reconnaissance

  • Course overview
  • Introduction to pentesting
    • Role of penetration tester
    • Penetration testing fundamentals
  • Penetration testing process
    • Penetration testing methodologies
    • Penetration testing steps
    • Reporting results
  • Reconnaissance phase
    • Finding and using publicly available information
    • Passive recon methods
    • Determining IP ranges
    • Scanning tools and techniques
    • Port scanning
    • OS fingerprinting
    • Service version scans
    • Advanced scanning techniques
    • Vulnerability scanning and mapping

Day 2: Exploitation

  • Exploitation phase
    • Types of exploits
    • Finding and using exploits
    • Metasploit framework components and terminology
    • Metasploit modules
    • Exploitation process with Metasploit
    • Creating and encoding payloads with msfvenom
    • Delivering payloads
    • Command shell vs. terminal access
    • Using meterpreter payload
  • Post-exploitation
    • Basic password attacks (guessing)
    • Obtaining and cracking password hashes
    • Advanced password cracking tools and techniques
    • Data exfiltration
    • File manipulation and movement

Day 3: Command line and PowerShell

  • Using Windows command line
    • Learning advanced command line skills
    • Gathering target system information via command line
    • Windows exploitation tools
  • Leveraging PowerShell
    • PowerShell introduction
    • PowerShell capabilities for pentesting
    • Advanced port-exploitation techniques with PowerShell

Day 4: Web app and wireless pentesting

  • Web application pentesting
    • Web application vulnerabilities overview
    • Scanning for web application vulnerabilities
    • Using proxies
    • Exploiting injection flaws
    • Exploiting XSS and CSRF
  • Attacking wireless networks
    • Wireless networks fundamentals
    • Wireless encryption standards
    • Wireless pentesting tools and techniques

Day 5: Exam review

  • GPEN exam review