Certificate Programs: Pen Testing & Ethical Hacking

Certificate Programs: Pen Testing & Ethical Hacking

The SANS Technology Institute's post-baccalaureate certificate program in Penetration Testing & Ethical Hacking is based entirely upon four courses already available as an elective path through its graduate program leading to a Master of Science Degree in Information Security Engineering.

As an independent offering, the graduate certificate in Penetration Testing & Ethical Hacking is a highly technical, 13 credit hour program with a cohesive and progressive set of learning outcomes. These learning outcomes are focused on developing the student's capability to discover, analyze, and understand the implications of information security vulnerabilities in systems/networks/applications in order to identify solutions before others exploit these flaws.

Because the certificate program is based on the courses that may be chosen by a master's candidate during the normal course of studies, all credits earned while completing the Penetration Testing & Ethical Hacking certificate program may be applied directly in fulfillment of the master's degree requirements should the student matriculate in the master's program afterwards.

Penetration Testing & Ethical Hacking Certificate - 13 credit hours

Required courses (expand for more info):
ISE 5200: Hacking Techniques & Incident Response   |   SEC 504, GCIH, NetWars

SANS class: SEC504 Hacker Techniques, Exploits & Incident Handling
Assessment: GIAC GCIH, NetWars Continuous
4 Credit Hours

By adopting the viewpoint of a hacker, ISE 5200 provides an in-depth focus into the critical activity of incident handling. Students are taught how to manage intrusions by first looking at the techniques used by attackers to exploit a system. Students learn responses to those techniques, which can be adopted within the framework of the incident handling process to handle attacks in an organized way. The faculty instruction, lab exercises, exam, and NetWars simulation are coordinated to develop and test a student's ability to utilize the core capabilities required for incident handling.

ISE 6315: Web App Penetration Testing and Ethical Hacking  |  SEC 542, GWAPT

SANS class: SEC 542 Web App Penetration Testing and Ethical Hacking
Assessment: GIAC GWAPT
3 Credit Hours

ISE 6315 is a highly technical information security course in offensive strategies where students learn the art of exploiting Web applications so they can find flaws in enterprise Web apps before they are otherwise discovered and exploited. Through detailed, hands-on exercises students learn the four-step process for Web application penetration testing. Students will inject SQL into back-end databases, learning how attackers exfiltrate sensitive data. They then utilize cross-site scripting attacks to dominate a target infrastructure in a unique hands-on laboratory environment. Finally students explore various other Web app vulnerabilities in-depth with tried-and-true techniques for finding them using a structured testing regimen.


ISE 6320: Network Penetration Testing and Ethical Hacking  |  SEC 560, GPEN

SANS class: SEC 560 Network Penetration Testing and Ethical Hacking
Assessment: GIAC GPEN
3 Credit Hours

ISE 6320 prepares students to conduct successful penetration testing and ethical hacking projects. The course starts with proper planning, scoping and recon, and then dives deep into scanning, target exploitation, password attacks, and wireless and web apps with detailed hands-on exercises and practical tips for doing the job safely and effectively. Students will participate in an intensive, hands-on Capture the Flag exercise, conducting a penetration test against a sample target organization.


Selection of one (1) of the following:
ISE 6325: Mobile Device Security  |  SEC 575, GMOB

SANS class: SEC 575 Mobile Device Security and Ethical Hacking
Assessment: GIAC GMOB
3 Credit Hours

ISE 6325 helps students resolve their organization's struggles with mobile device security by equipping then with the skills needed to design, deploy, operate, and assess a well-managed secure mobile environment. From practical policy development to network architecture design and deployment, and mobile code analysis to penetration testing and ethical hacking, this course teaches students to build the critical skills necessary to support the secure deployment and use of mobile phones and tablets in their organization.


ISE 6330: Wireless Networks Penetration Testing  |  SEC 617, GAWN

SANS class: SEC 617 Wireless Ethical Hacking, Penetration Testing, and Defenses
Assessment: GIAC GAWN
3 Credit Hours

ISE 6330 takes an in-depth look at the security challenges of many different wireless technologies, exposing students to wireless security threats through the eyes of an attacker. Using readily available and custom-developed tools, students will navigate through the techniques attackers use to exploit WiFi networks, Bluetooth devices, and a variety of other wireless technologies. Using assessment and analysis techniques, this course will show students how to identify the threats that expose wireless technology and build on this knowledge to implement defensive techniques that can be used to protect wireless systems.


ISE 6350: Python for Penetration Testers  |  SEC 573, GPYC

SANS class: SEC573: Python for Penetration Testers
Assessment: GIAC GPYC
3 Credit Hours

The ISE 6350 course teaches student in the pen testing specialization, and other students who want to use the Python programming language, how to enhance their overall effectiveness during information security engagements. Students will learn how to apply core programming concepts and techniques learned in other courses through the Python programming language. The course teaches skills and techniques that can enhance an information security professional in penetration tests, security operations, and special projects. Students will create simple Python-based tools to interact with network traffic, create custom executables, test and interact with databases and websites, and parse logs or sets of data.


ISE 6360: Advanced Network Penetration Testing  |  SEC 660, GXPN

SANS class: SEC 660 Advanced Penetration Testing, Exploits, and Ethical Hacking
Assessment: GIAC GXPN
3 Credit Hours

ISE 6360 builds upon ISE 6320 - Network Penetration Testing and Ethical Hacking. This advanced course introduces students to the most prominent and powerful attack vectors, allowing students to perform these attacks in a variety of hands-on scenarios.


Download the Penetration Testing & Ethical Hacking Certificate Program Briefing Document in .pdf format.

Within our broader mission to educate engineers in information security practices and techniques lies the specific need to develop individuals with deeper concentrations of capabilities in particular areas of the cybersecurity field. Just as physicians will choose sub-specialties or pilots specialize in particular aircraft types, the cybersecurity professional often requires the focused development of an integrated skillset to maximize his or her effectiveness within a sphere of knowledge.

The graduate certificate in Penetration Testing & Ethical Hacking serves to provide one such specialization in a sub-area of the information security field, and this progression of courses in penetration testing is made available just as they would be to a candidate for the master's degree in Information Security Engineering. Armed with a deep understanding of the offensive techniques used by malicious agents seeking to breach information security defenses, the professional who earns the Penetration Testing & Ethical Hacking post-baccalaureate certificate will be empowered to identify and help remediate these vulnerabilities.

Graduates of the Penetration Testing & Ethical Hacking post-baccalaureate certificate program will be able to:

  1. Conduct vulnerability scanning and exploitation of various systems and applications using a careful, documented methodology to provide explicit proof of the extent and nature of IT infrastructure risks, conducting these activities according to well-defined rules of engagement and a clear scope.
  2. Provide documentation of activities performed during testing, including all exploited vulnerabilities and how those vulnerabilities were combined into attacks to demonstrate business or institutional risk.
  3. Produce an estimated risk level for a given discovered flaw by using the amount of effort the team needed to expend in penetrating the information system as an indicator of the penetration resistance of the system.
  4. Provide actionable results with information about possible remediation measures for the successful attacks performed.

For additional, detailed technical goals for each course, please review the educational goals listed for each SANS class.

The following assessment methods will be utilized to determine if students meet the program learning outcomes:

  1. Standardized exams -
    1. Required:
      • GIAC Certified Incident Handler (GCIH) exam,
      • GIAC Web Application Penetration Testing (GWAPT) exam,
      • GIAC Penetration Tester (GPEN) exam;
    2. Elective Choice of:
      • GIAC Mobile Device Security Analyst (GMOB) exam,
      • GIAC Assessing and Auditing Wireless Networks (GAWN) exam,
      • GIAC Exploit Research and Advanced Penetration Tester (GXPN) exam.
  2. Simulation Experience - NetWars Continuous

Tuition for each course in a certificate program is $5,000, and all courses may be taken either live at a SANS event or online from home or work. Credit is earned only when a student enrolls first in a given certificate program and then registers for the appropriate graduate courses.

Admissions to the Penetration Testing & Ethical Hacking Certificate Program

To apply, please view the Admissions Page dedicated to the SANS Graduate Certificate Programs.