SEC560: Network Penetration Testing and Ethical Hacking

Course Overview

With comprehensive coverage of tools, techniques, and methodologies for network penetration testing, SEC560 truly prepares you to conduct high-value penetration testing step by step and end to end. Every organization needs skilled information security personnel who can find vulnerabilities and mitigate their effects, and this entire course is specially designed to get you ready for that role. The course starts with proper planning, scoping, and reconnaissance, then dives deep into scanning, target exploitation, password attacks, Windows Domain attacks, and Azure AD (Active Directory), with over 30 detailed hands-on labs throughout. The course is chock full of practical, realworld tips from some of the world's best penetration testers to help you do your job safely, efficiently, and skillfully.


  • SEC560.1: Comprehensive Pen Test Planning, Scoping, and Recon
  • SEC560.2: In-Depth Scanning
  • SEC560.3: Exploitation
  • SEC560.4: Password Attacks and Merciless Pivoting
  • SEC560.5: Domain Domination and Azure Annihilation
  • SEC560.6: Penetration Test and Capture-the-Flag Workshop 


In Person (6 days) / Online - Access Period: 4 months

Course Authors

  • Tim Medin, Senior Instructor
  • Erik Van Buggenhout, Senior Instructor
  • Ed Skoudis, Fellow

What You Will Learn

  • Develop tailored scoping and rules of engagement for penetration testing projects to ensure the work is focused, well defined, and conducted in a safe manner
  • Conduct detailed reconnaissance using document metadata, search engines, and other publicly available information sources to build a technical and organizational understanding of the target environment
  • Utilize the Nmap scanning tool to conduct comprehensive network sweeps, port scans, Operating System fingerprinting, and version scanning to develop a map of target environments
  • Choose and properly execute Nmap Scripting Engine scripts to extract detailed information from target systems
  • Analyze the output of scanning tools to manually verify findings and perform false positive reduction using Netcat and the Scapy packet crafting tools
  • Utilize the Windows and Linux command lines to plunder target systems for vital information that can further overall penetration test progress, establish pivots for deeper compromise, and help determine business risks