homepage
Open menu
Contact Sales

SANS Offensive Operations Training & Certifications

Penetration Testing | Red Team | Purple Team | Exploit Development
Courses & Certifications Resources & Tools
News & UpdatesCoursesFeatured EventCertificationsInstructorsSlingshotSANS.edu ProgramFree ResourcesAbout

Latest Offensive Operations News & Updates

400x460_Network-Security-2023_30TH.jpg
Event
30th Anniversary Tap Takeover by Offensive Ops
Brace yourself for a thrilling experience at SANS Network Security! A reception party will kick us off for the week with tons of bonus sessions, Coin-A-Palooza, and our Offensive Ops CTF, including your chance to win a FREE SANS course. Click through for full event details...
Learn More
OO_Beta_Course_Page_Graphics4.jpg OO_Beta_Course_Page_Graphics4.jpg
new
Course
SEC598: Security Automation for Offense, Defense, and Cloud
SEC598: Security Automation for Offense, Defense, and Cloud will equip you with the expertise to apply automated solutions to prevent, detect, and respond to security incidents. Students first train to understand the concept of automation, then learn how existing technologies can be best leveraged to build automation stories that translate repeatable problems to automated scripts.
read more
SEC565-blacknickel-front_470x382.png

SEC565: Red Team Operations and Adversary Emulation

Offense informs defense and defense informs offense. SEC565 develops Red Team operators capable of planning and executing consistent and repeatable engagements that are focused on training and measuring the effectiveness of people, processes, and technology. This is the most comprehensive hands-on Red Team training available anywhere.

Learn More

Featured Offensive Operations Courses & Certifications

Beta
Offensive Operations
SEC598: Security Automation for Offense, Defense, and Cloud
SEC598: Security Automation for Offense, Defense, and Cloud will equip you with the expertise to apply automated solutions to prevent, detect, and respond to security incidents. Students first train to understand the concept of automation, then learn how existing technologies can be best leveraged...
Course Details
New
Offensive Operations
SEC568: Combating Supply Chain Attacks with Product Security Testing
Think Red, Act Blue - Attackers are using new methods of compromising software supply chains that bypass traditional security controls across multiple attack surfaces. SEC568 offers comprehensive training, equipping you with the technical expertise to conduct precise product security assessments...
Course Details
New
Offensive Operations
SEC670: Red Teaming Tools - Developing Windows Implants, Shellcode, Command and Control
SEC670 prepares you to create custom-compiled programs specifically for Windows and introduces students to techniques that real nation-state malware authors are currently using. You will learn the essential building blocks for developing custom offensive tools through required programming, APIs...
Course Details
New
Offensive Operations
SEC565: Red Team Operations and Adversary Emulation
Develop and improve Red Team operations for security controls in SEC565 through adversary emulation, cyber threat intelligence, Red Team tradecraft, and engagement planning. Learn how to execute consistent and repeatable Red Team engagements that are focused on the effectiveness of the people,...
Course Details
Cloud Security, Offensive Operations
SEC588: Cloud Penetration Testing
SEC588 will equip you with the latest cloud-focused penetration testing techniques and teach you how to assess cloud environments. The course dives into topics like cloud-based microservices, in-memory data stores, serverless functions, Kubernetes meshes, and containers. It also looks at how to...
Certification:

  • GCPN

Course Details
New
Offensive Operations, Penetration Testing and Red Teaming
SEC661: ARM Exploit Development
SEC661 is designed to break down the complexity of exploit development and the difficulties with analyzing software that runs on IoT devices. Students will learn how to interact with software running in ARM environments and write custom exploits against known IoT vulnerabilities.
Course Details
New
Offensive Operations
SEC556: IoT Penetration Testing
SEC556 facilitates examining the entire IoT ecosystem, helping you build the vital skills needed to identify, assess, and exploit basic and complex security mechanisms in IoT devices. This course gives you tools and hands-on techniques necessary to evaluate the ever-expanding IoT attack surface.
Course Details
New
Offensive Operations
SEC554: Blockchain and Smart Contract Security
SEC554 will teach you all topics relevant to securing, hacking, and using blockchain and smart contract technology. The course takes a detailed look at the technology that underpins multiple implementations of blockchain, the cryptography and transactions behind them, the various smart contract...
Course Details
    See All Offensive Operations Courses & Certifications

    Network Security 30th Anniversary Powered by Offensive Operations

    Prepare for an electrifying 30th anniversary celebration of SANS Network Security! Get ready for cutting-edge training, tons of bonus sessions and keynotes, immersive CTFs, and epic receptions hosted by the SANS Offensive Operations team. Brace yourself for a thrilling experience and join us in Vegas! Las Vegas, NV, US and Virtual - PT Wed, Sep 6 - Mon, Sep 11, 2023
    Register Now

    HackFest Goes To Hollywood!

    HackFest 2023 will be like no other SANS event. We're completely reimagining the most offensive event of the year and, you read that right, we're moving to Hollywood. No courses at the event, just 2 days packed with villages, new talks, challenges, and special engagements around tinseltown. Remember, if you obey all the rules, you miss all the fun. Hollywood, CA, US and Virtual - PT Thu, Nov 16 - Fri, Nov 17, 2023
    Register Now
    Landing_Page_Cert.jpg

    Offensive Operations Certifications

    GIAC's offensive operations certifications cover critical domains and highly specialized usages, ensuring professionals are well-versed in essential offensive abilities. GIAC certifications prove that you have the knowledge and skills necessary to work across specialized red, purple, and exploit development teams.

    Learn More

    The Most Offensive Faculty on The Planet

    "The SANS family of Instructors bring an incredible amount of worldwide, real-time practical experience into the classroom and have both a passion and a gift for helping students master complex subject matter. They are true leaders in the information security space." – Stephen Sims, Curriculum Lead
    View All Instructors Become an Instructor
    Offensive Operations: Slingshot

    Slingshot Linux Distribution

    Ubuntu-based Linux distribution with the MATE Desktop Environment built for use in the SANS Offensive Operations courses and for the community. Designed to be stable, reliable and lean, Slingshot is built with Vagrant and Ansible, and includes many standard pen testing tools.

    Download Slingshot
    Graduate Certificate Program in Pen Testing & Ethical Hacking

    Graduate Certificate Program in Pen Testing & Ethical Hacking

    Designed for working InfoSec and IT professionals to learn how to conduct vulnerability scanning and exploitation of various systems, provide documentation and reporting of activities performed, produce estimated risk, and provide actionable results for organizations of all sizes. The certificate includes:

    • Highly technical 13-credit-hour program
    • 4 industry-recognized GIAC certifications
    • SANS's in-depth offensive simulation capstone for real-world testing, Jupiter Rockets
    Learn More

    More Free Offensive Operations Resources

    About Offensive Operations

    SANS Offensive Operations leverages the vast experience of our esteemed faculty to produce the most thorough, cutting-edge offensive cyber security training content in the world. Our goal is to continually broaden the scope of our offensive-related course offerings to cover every possible attack vector.

    SANS Offensive Operations Curriculum offers courses spanning topics ranging from introductory penetration testing and hardware hacking, all the way to advanced exploit writing and red teaming, as well as specialized training such as purple teaming, wireless or mobile device security, and more.

    GIAC offensive operations certifications cover critical domains and highly specialized usages, ensuring professionals have the knowledge and skills necessary to work in security roles requiring hands-on experience in specific focus areas like, penetration testing, purple teaming, or exploit development. It's important for organizations and practitioners to have a training provider who covers the attack surface of the entire threat landscape, from authors and instructors who are leaders in those respective areas.