GIAC GPEN Training Boot Camp

Infosec offers this five-day accelerated GPEN Boot Camp to train and prepare you for the GIAC® Penetration Tester (GPEN) certification exam, the prestigious security certification created and administered by the Global Information Assurance Certification.

Become a GIAC Penetration Tester (GPEN)

Boot camp overview

Our GPEN Boot Camp focuses on preparing you for the GPEN exam through engaging lectures and hands-on exercises. Penetration testing is a critical part of any organization’s IT security program and is required by multiple regulations and standards. You’ll leave with the ability to discover, assess and mitigate threats to information assets. GPEN holders demonstrate an understanding of penetration-testing methodologies, the relevant legal issues and the ability to properly conduct a penetration test using best practice technical and non-technical techniques.

Our program is designed around the GPEN topic areas and provides you with a quick and proven method for mastering the huge range of knowledge defined in the GPEN Exam Certification Objectives & Outcome Statements. This intense, five-day total immersion training experience is the product of a wide range of leading industry experts and authors, and has a significant return on investment, since you gain pentesting skills that are highly in demand, as well as the GIAC Penetration Tester certification.

Skill up and get certified, guaranteed

100% Satisfaction Guarantee

If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different Flex Pro or Flex Classroom course.

Knowledge Transfer Guarantee

If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.

What's included?

  • Five days of expert, live GPEN training
  • Exam Insurance
  • Exam Payment
  • Unlimited practice exam attempts
  • 100% Satisfaction Guarantee
  • Free annual Infosec Skills subscription ($299 value!)
  • 1-year access to all boot camp video replays and materials
  • Onsite proctoring of exam
  • Knowledge Transfer Guarantee

Hands-on labs

Hundreds of exercises in over 20 separate hands-on labs bring you up to speed with the latest threats to which your organization is most vulnerable. Practice penetration testing on our virtualized environment that simulates a full range of servers and services used in a real company. Learn how to compromise web servers, virtual machines, databases, routers and firewalls, and then put it all together in an unscripted evening CTF (capture the flag) exercise.

Award-winning training that you can trust

Best Product - Cybersecurity Training for Infosec Professionals

Infosec Skills

Ranked #52 in Top 100 Global Software Sellers


Best Software - Highest Satisfaction

Infosec Skills

Best IT Security-related Training Program

Infosec Skills

Best Cybersecurity Podcast

Cyber Work with Chris Sienko

Who should attend?

  • Penetration testers
  • IT security professionals whose responsibilities involve conducting security assessments
  • Ethical hackers
  • IT security auditors
  • Incident responders and computer forensic investigators
  • IT and information security professionals who want to expand their knowledge about offensive security


  • Firm understanding of the Windows operating system
  • Basic understanding of Windows and Linux command line
  • Working knowledge of computer networking and the TCP/IP protocols
  • Basic understanding of cryptographic concepts

Our clients

Bank of America
Defense Information Systems Agency

GPEN Boot Camp details

Day 1: Pentesting and reconnaissance

  • Course overview
  • Introduction to pentesting
    • Role of penetration tester
    • Penetration testing fundamentals
  • Penetration testing process
    • Penetration testing methodologies
    • Penetration testing steps
    • Reporting results
  • Reconnaissance phase
    • Finding and using publicly available information
    • Passive recon methods
    • Determining IP ranges
    • Scanning tools and techniques
    • Port scanning
    • OS fingerprinting
    • Service version scans
    • Advanced scanning techniques
    • Vulnerability scanning and mapping

Day 2: Exploitation

  • Exploitation phase
    • Types of exploits
    • Finding and using exploits
    • Metasploit framework components and terminology
    • Metasploit modules
    • Exploitation process with Metasploit
    • Creating and encoding payloads with msfvenom
    • Delivering payloads
    • Command shell vs. terminal access
    • Using meterpreter payload
  • Post-exploitation
    • Basic password attacks (guessing)
    • Obtaining and cracking password hashes
    • Advanced password cracking tools and techniques
    • Data exfiltration
    • File manipulation and movement

Day 3: Command line and PowerShell

  • Using Windows command line
    • Learning advanced command line skills
    • Gathering target system information via command line
    • Windows exploitation tools
  • Leveraging PowerShell
    • PowerShell introduction
    • PowerShell capabilities for pentesting
    • Advanced port-exploitation techniques with PowerShell

Day 4: Web app and wireless pentesting

  • Web application pentesting
    • Web application vulnerabilities overview
    • Scanning for web application vulnerabilities
    • Using proxies
    • Exploiting injection flaws
    • Exploiting XSS and CSRF
  • Attacking wireless networks
    • Wireless networks fundamentals
    • Wireless encryption standards
    • Wireless pentesting tools and techniques

Day 5: Exam review

  • GPEN exam review