I have been looking into finding a decent Penetration Testing training.Â There are a lot of cheap (under $550), self-paced training out there.Â I have accumulated the list below (most of which are on sale this month).Â If you have taken any of these, drop a comment and let us know how they turned out.
“Pentesting with BackTrack” (previously known as Offensive Security 101) is an online course designed for network administrators and security professionals who need to get acquainted with the world of offensive security. This penetration testing course introduces the latest hacking tools and techniques, and includes remote live labs for exercising the material presented to the students.
This course gives a solid understanding of the penetration testing process, and is equally important for those wanting to either defend or attack their network. The course can be taken from your home, as long as you have a modern computer with high speed internet.
The cost for the course is $550 for training videos and documents and 30 days of lab time.Â For $150 more, you can get 60 days of lab time or purchase 30 extra days after the fact for $200.Â I have heard great things about Offensive Security Courses and would expect this to be top notch.
Heorot.net offers two penetration courses ranging from fundamentals to intermediate:
For those just starting out in the field of professional penetration testing, the Fundamentals course will provide a thorough understanding of how a professional penetration test is conducted and the methodologies behind performing an attack. It is suggested you already have a familiarity with basic Linux commands and file structure.
For those individuals familiar with hacker tools who have some penetration testing experience, the Intermediate course will provide a comprehensive understanding of how to run a penetration test in a real-world environment. Students should have a solid understanding of Linux and the ability to effectively use commercial and Open Source hacker tools.
Heorot.net was founded by Thomas Wilhelm who has contributed to the Security community with a number of great books such as Netcat Power Tools and Professional Penetration Testing along with providing the De-Ice PenTesting Live CD’s.Â You get access to the online videos for 30 days, two live CD’s that are downloadable,Â and an autographed copy of Thomas’ new book Professional Penetration Testing.Â The cost of the Fundamentals course is $395 and is currently discounted to $295 until October 1.Â The Intermediate course comes in a little more at $595 and is currently discounted to $445 until October 1.Â You also get access to version 2.0 of the courses that come out after Oct 1.Â The Fundamentals course looks very intriguing since at $295, you get some decent training and an $80 text book.Â Quite a good deal.
This was one I never heard of, until MattJay commented on it on Twitter.Â This course will cover some of the newer aspects of penetration testing such as Open Source Intelligence Gathering with Maltego and other Open Source tools.Â Â Advanced Scanning, Enumeration, Exploitation (remote and client-side), and Post-Exploitation relying heavily on the features included in the Metasploit Framework will also be covered.
How the course is run is quite different from the ones mentioned above.Â You will receive courseware and lab manual PDF’s, but you also get three 30 minute phone calls with Joe McCray to walk you through specific lab exercises and/or answer questions.Â This seems like a very interesting way to run it with the chance of interacting with a what appears to be personal phone calls with a trainer.Â You also get 30 Day Unlimited Access to LSO Lab Network from the day of course registration. The cost of the course is $300 and is currently discounted to $200 until Oct 1st. They also have a So You Wanna Be A Web App Pentester course for $450 but currently discounted to $300.
This is one of the more unknown trainings to me, so if anyone has comments on it or any training, we would love to hear them.Â If there are any other cheap ones out there, drop that in the comments too. 🙂