<div style="margin:20px 0 0 200px"> To view the site, enable JavaScript by changing your browser options, then <a href="">Try Again</a>.</div>

Indian School of Ethical Hacking is the only OffSec Authorised Partner in Eastern India.

The OffSec Certified OSCP - OffSec Course (PEN-200) sets the industry standard by immersing learners in the world of ethical hacking. Dive into penetration testing methodologies, tools, and techniques in a hands-on, self-paced environment.

Completing this course and passing the exam will earn you the prestigious OffSec Certified Professional (OSCP) certification. This certification is highly respected, requiring holders to demonstrate their ability to successfully attack and penetrate various live machines in a secure lab environment.

The OSCP is renowned for its technical depth, making it stand out among other ethical hacking certifications. It's one of the select few that demands practical evidence of your penetration testing skills.

Ready to Become a Cybersecurity Pro with OSCP (PEN 200)?

OffSec Welcome to PEN 200: Penetration Testing with Kali Linux, exclusively offered by the Indian School of Ethical Hacking (ISOEH), the only OffSec authorized partner in Eastern India. This rigorous course is designed to transform beginners into proficient penetration testers through a detailed exploration of the ethical hacking landscape using Kali Linux, the premier tool for cybersecurity experts.

Course Overview

OffSec PEN 200 initiates such an in-depth journey where you will familiarize yourself with the course structure and our unique approach to learning. We prepare you from day one with the mindset and strategies essential for success in penetration testing. The course then progresses into specialized modules where hands-on skills are developed. Offensive Security Certified Professional (OSCP, also known as OffSec Certified Professional) is an Ethical Hacking global certification that teaches penetration testing methodologies and the use of the tools included with the Kali Linux distribution.

In this course, you will learn about Kali Linux Basics, Command Line and Bash Scripting, essential tools, Information Gathering, Vulnerability Scanning, Web Application Attacks, Client-Side Attacks, Finding and Fixing Public Exploits, File Transfers, Anti-Virus Bypass, Privilege Escalation, Password Attacks, Port Redirection and Tunnelling, Active Directory Attacks, Metasploit Framework, PowerShell Empire, Assembling the Pieces. You will be familiar with the term “Reconnaissance”. Let me introduce you to this word in a nutshell. Identifying the potential target within the environment is a critical part of the operations as the reconnaissance and network mapping process will provide insights about how big the network is or the number of the systems within the environment and then hunt for the vulnerable systems after being identified and evaluated. You will get to know about Password Spray attacks, Kerberoast attacks, AS-REProast attacks, Pass-The-Hash attacks (PTH) and many more. The more interesting topic is Active Directory (AD), which is a directory service for Windows domain networks environment created by Microsoft that contains critical information about the users, systems, or objects within the organization. This directory service has become a potential target going after by malicious threat actors during offensive operations. Port forwarding can be defined as the implementation of Network Address Translation to send requests to communicate from one IP address and port number to another when you are located outside the network. It transmits the traffic from the outside network to the local network.

Tunnelling can be defined as a protocol that lets secure passage of data from one network to another by allowing the communication of a private network to be sent across a public network, by making use of encapsulation. Tunnelling has proven to be highly beneficial as it lets an organization create their Virtual Private Network with the help of the public network and provides huge cost benefits for users on both ends.

Throughout this course, you will learn about how to find and exploit Linux vulnerabilities and misconfigurations to gain a root shell, web application assessment methodology, vulnerability scanning and many more exciting things with Practical guidance that will help you to grow as a cyber security professional in the Tech industry in 2024 and beyond.

Why Do OSCP Certification?

Elevate Your
OSCP Preparedness

Course Syllabus »

Gain exclusive access to recently retired
OSCP exam machines Practice
and refine your penetration testing techniques

Stay Ahead with the
Latest Tools

Learn from the Best and
Develop Your Adversarial Mindset

Jobs »
Duration

Duration

46 Hours – 2 classes per week

Eligibility

Eligibility

  1. Complete NPT1/ Get NPT1 Certification
  2. Complete WAPT1/ Get WAPT1 Certification
Course Fees

Course Fees

Class Room Training

Rs.2,20,000/-
Inclusive of all taxes and including exam and training fee and one mock OSCP exam

Online Training

Rs.2,50,000/-
Rs.2,20,000/-
Inclusive of all taxes and including exam and training fee and one mock OSCP exam

What You Will Get?

46 Hours
of in-depth training by the best cyber security experts

Industry-Designed Study Materials

OSCP
Certificate of Completion after examination and alumni status

Course Benefits:

  1. Cost effectiveness
  2. Industry accepted
  3. Global recognition

Course Details

  1. The duration of the course is 46 hours at 2 hours per week
  2. The course fee is Rs. 2,20,000/- for classroom and Rs. 2,50,000/- Rs. 2,20,000/- for online
  3. The curriculum is taught combining theory and practice
Module 1: Penetration Testing with Kali Linux: General Course Introduction Hours - 3 Topics
  • Welcome to PWK (Day 1)
  • How to Approach the Course (Day 1)
  • Summary of PWK Learning Modules (Day 1)
  • The Practice of Cybersecurity (Day 2)
  • Threats and Threat Actors (Day 2)
  • Threats and Threat Actors (Day 2)
  • The CIA Triad (Day 2)
  • Security Principles, Controls, and Strategies (Day 2)
  • Cybersecurity Laws, Regulations, Standards, and Frameworks (Day 2)
  • Career Opportunities in Cybersecurity (Day 2)
  • Learning Theory (Day 3)
  • Unique Challenges to Learning Technical Skills (Day 3)
  • OffSec Methodology (Day 3)
  • Case Study: chmod -x chmod (Day 3)
  • Tactics and Common Methods (Day 3)
  • Tactics and Common Methods (Day 3)
  • Advice and Suggestions on Exams (Day 3)
  • Practical Steps (Day 3)
  • Understanding Note-Taking (Day 4)
  • Understanding Note-Taking (Day 4)
  • Writing Effective Technical Penetration Testing Reports (Day 4)
  • The Penetration Testing Lifecycle (Day 5)
  • The Penetration Testing Lifecycle (Day 5)
  • Passive Information Gathering (Day 5)
  • Active Information Gathering (Day 5)
  • Vulnerability Scanning Theory (Day 6)
  • Vulnerability Scanning with Nessus (Day 6)
  • Vulnerability Scanning with Nessus (Day 6)
  • Vulnerability Scanning with Nmap (Day 6)
  • Web Application Assessment Methodology (Day 7)
  • Web Application Assessment Tools (Day 7)
  • Web Application Enumeration (Day 7)
  • Web Application Enumeration (Day 7)
  • Cross-Site Scripting (XSS) (Day 7)
  • Directory Traversal (Day 8)
  • File Inclusion Vulnerabilities (Day 8)
  • File Upload Vulnerabilities (Day 8)
  • File Upload Vulnerabilities (Day 8)
  • Command Injection (Day 8)
  • SQL Theory and Database Types (Day 9)
  • Manual SQL Exploitation (Day 9)
  • Manual and Automated Code Execution (Day 9)
  • Target Reconnaissance (Day 10)
  • Exploiting Microsoft Office (Day 10)
  • Abusing Windows Library Files (Day 10)
  • Getting Started (Day 11)
  • Online Exploit Resources (Day 11)
  • Offline Exploit Resources (Day 11)
  • Exploiting a Target (Day 11)
  • Fixing Memory Corruption Exploits (Day 12)
  • Fixing Web Exploits (Day 12)
  • Antivirus Evasion Software Key Components and Operations (Day 13)
  • AV Evasion in Practice (Day 13)
  • Attacking Network Services Logins (Day 14)
  • Password Cracking Fundamentals (Day 14)
  • Working with Password Hashes (Day 14)
  • Enumerating Windows (Day 15)
  • Leveraging Windows Services (Day 15)
  • Abusing other Windows Components (Day 15)
  • Enumerating Linux (Day 16)
  • Exposed Confidential Information (Day 16)
  • Insecure File Permissions (Day 16)
  • Insecure System Components (Day 16)
  • Insecure System Components (Day 16)
  • Port Forwarding with *NIX Tools (Day 17)
  • SSH Tunnelling (Day 17)
  • Port Forwarding with Windows Tools (Day 17)
  • Tunnelling Through Deep Packet Inspection (Day 18)
  • Getting Familiar with Metasploit (Day 19)
  • Using Metasploit Payloads (Day 19)
  • Performing Post-Exploitation with Metasploit (Day 19)
  • Automating Metasploit (Day 19)
  • Active Directory Manual Enumeration (Day 20)
  • Manual Enumeration Expanding our Repertoire (Day 20)
  • Active Directory Automated Enumeration (Day 20)
  • Understanding Active Directory Authentication (Day 20)
  • Performing Attacks on Active Directory Authentication (Day 20)
  • Active Directory Lateral Movement Techniques (Day 20)
  • Active Directory Persistence (Day 20)
  • Enumerating the Public Network (Day 20)
  • Attacking webserver (Day 20)
  • Gaining Access to the Internal Network (Day 20)
  • Enumerating the Internal Network (Day 20)
  • Attacking the Web Application on internal server (Day 20)
  • Gaining Access to the Domain Controller (Day 20)

Hacking Tutorials

Read All Tutorials »
Building a career in Digital Forensics - How promising is the future? A thorough career guide
Building a career in Digital Forensics - How promising is the future? A thorough career guide
Read Details »

Hacking Videos

Explore All Videos »
How to Hiding Your Secret File using Steganography?
View On Youtube »

Related Course


Enroll Now »

Enroll Now

Fields marked with * are mandatory.

Know Your Faculty
Sandeep Sengupta
Sandeep Sengupta
CISA, Certified Ethical Hacker, ISO 27001:2013 Lead Auditor, Lead Privacy auditor, GDPR Implementer

21 years of experience working in India, New Zealand & Singapore; in Information Security domain as Ethical Hacker, ISO 27001 Lead Auditor / Tutor, BS 10012 Privacy Lead Auditor, Mr. Sandeep Sengupta has conducted security audit in companies like ONGC, KPMG, PWC, Airtel, Vodafone, Accenture, Capgemini, Vedanta, PayU, Bandhan Bank, ABP, etc.

He has been invited as a speaker at FICCI, VIT (Vellore), Nasscom, CII, BCCI, ICAI, ISACA, FICCI, CeBIT, US High Commission (Kolkata), etc. He has taken part in several Television shows on ABP, ETV, NDTV, AajTak, Times Now, etc. In 2005, Sandeep founded the online community "Hackers Library"; which had 80,000+ members, making it the largest Indian online forum for cyber-security professionals at its time. Mr. Sengupta is the committee member at Nasscom (East) & CII ICT-East.

Gulab Mondal
Gulab Mondal
OSCE | CISSP | OSCP | CEH | OT/SCADA Security | IOT Security | VCISO | Consultant | Master's Digital Forensics

Starting as a Self-taught pentester, Gulab holds Certified Information Systems Security Professional(CISSP), Offensive Security Certified Expert(OSCE), Offensive Security Certified Professional(OSCP) & Certified Ethical Hacker(CEH) Certifications.

As a startup Director, Gulab has worked towards building a stable and reliable cybersecurity firm with remarkable growth.

Under Gulab's leadership, ISOAH has successfully increased the delivering value to the customer, resulting in 200% growth in the business compared to the last many years.

Gulab also acts as technical team lead for any Cyber Security project at ISOAH. ISOAH successfully delivered cyber Security projects for companies like TATA STEEL, BANDHAN BANK, VEDANTA, AMRI HOSPITALS, AMBUJA NEOTIA, ELECTRO STEEL, DIAMOND BEVERAGE, CESC, SRMB, OnProcess, RIVET HAMMER, GLOBSYN, BALCO, TATA Medical Center & many more.

Sagar Neogi
Sagar Neogi
MCA, OSCP, CRTP, CEH

Have an experience of 5 years in handling various VAPT projects including Web Applications, Android, IOS, Cloud, Source Code Reviews, Enterprise Network and Active Directory environments. Have also performed various security testing for AMAZON AWS.

Area of interest/expertise: Active Directory Penetration Testing and Hardening of Enterprise Network Security, OT/SCADA Penetration Testing and IOT/Hardware based hacking and penetration testing.

Kirit Sankar Gupta
Kirit Sankar Gupta
B. Tech (IT), OSCP, CEH 10.0, CHFI 9.0, ISO Certified Lead Security Incident Manager (ISO/IEC 27035), ISO Certified Lead Forensic Examiner (CLFE), CCNA, CCNP

A Penetration Tester with 6 years of experience, Kirit has the expertise in Mobile Application Pentesting Network, IoT Penetration Testing, Source-code review, Fuzzing, Red teaming, Social Engineering, Digital Forensics and Incident Response, Dev(Sec)Ops, Malware Analysis as well as SOC analysis. He has been acknowledged for reporting critical vulnerabilities to Uber, Apple, Flipkart, and MIT. Mr. Kirit Sankar Gupta is the member of Data Security Council of India (Kolkata).

Saumitra Biswas
Saumitra Biswas
M Tech - Computer Science, MSc (Statistics), GATE qualified

Mr. Saumitra Biswas is M.Tech in computer science from Netaji Subhash Engineering College, GATE qualified in computer science and a MSC in statistics from Kalyani University. He has 20 years of experience. His technical interests include Machine Learning, Neural Networks, Genetic Algorithms and Object Oriented Programming. He is skilled in C, C++, C#, Dotnet, Java, Python, Matlab, Unix, MS Windows XP, Windows 7, My SQL, Oracle, MS Access, HTML, XML, CSS and PHP. He take classes on AI & ML in ISOAH, as well as act as mentors to interns & project trainees.

Amrita Acharya
Amrita Acharya
M Tech in CSE, ISO 27001 Lead Auditor (IRCA/BSI)

After completion of her Master degree, she has worked with ISOAH as an intern for few years before joining full time as secuity analyst. She has been involved in internal audit, policy design, ISMS consultancy for more than 2 years. She is well versed in Kali Linux, Nmap, Metasploit, ITGC, ISO 27001 & COBIT framework. ISOAH clients she has provided active consultancy are CESC, Diadem, Lexplosion, Diamond Beverages, etc. As part of her hobby, she has been a professional model in her free time.

>
<

Job Prospects & Job Sources

Profiles that count for OSCP Certified Individuals include:

  • Penetration Testers: Break into computer systems, networks, or applications to find and fix vulnerabilities.
  • Ethical Hackers: Use hacking skills for good to identify and fix security vulnerabilities.
  • Information Security Consultant: Provide expert advice on security measures and solutions.
  • Security Testers: Evaluate the security of systems to identify vulnerabilities.
  • Security Analysts: Monitor computer networks for security threats or unauthorized users.
  • Security Engineers: Design and build secure systems and networks.
  • Network Server Administrators: Manage and maintain network servers and related systems.
  • Firewall Administrators: Manage and configure firewalls to protect networks from unauthorized access.
  • System Administrators: Manage and maintain computer systems and networks.
  • Risk Assessment Professionals: Identify and assess risks to an organization's information and assets.

The average salary of an OSCP-certified IT employee in India is Rs 18 lakhs annually.

FAQs

What competencies will you gain?
  • Learn to Identify Targets: Use information-gathering techniques to identify and enumerate targets running various operating systems and services.
  • Scripting Skills: Develop basic scripts and tools to aid in the penetration testing process.
  • Exploit Code Analysis: Analyze, correct, modify, cross-compile, and port public exploit code.
  • Attack Techniques: Conduct remote, local privilege escalation, and client-side attacks.
  • Web Application Security: Identify and exploit XSS, SQL injection, and file inclusion vulnerabilities in web applications.
  • Network Pivoting: Leverage tunnelling techniques to pivot between networks.
  • Problem-Solving Skills: Develop creative problem-solving and lateral thinking skills.
Is there any doubt clearing session?

7 days doubt clearing session.

Can I appear for a mock exam?

Yes, you can appear for a mock OSCP exam.

Member of:

NASSCOM
Data Security Council of India