Talk With an Expert

SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking

SEC660Offensive Operations
  • 6 Days (Instructor-Led)
  • 46 Hours (Self-Paced)
Course created by:
James ShewmakerStephen Sims
James Shewmaker & Stephen Sims
SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking
Course created by:
James ShewmakerStephen Sims
James Shewmaker & Stephen Sims
  • GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
  • 46 CPEs

    Apply your credits to renew your certifications

  • In-Person, Virtual or Self-Paced

    Attend a live, instructor-led class at a location near you or remotely, or train on your time over 4 months

  • 30 Hands-On Lab(s)

    Apply what you learn with hands-on exercises and labs

Learn advanced penetration testing skills to develop custom exploits, perform network attacks, analyze cryptographic implementations, and master advanced exploitation techniques.

Course Overview

Learn advanced penetration testing skills and explore sophisticated attack vectors and exploit development. This course spans network infrastructure attacks, cryptographic implementation testing, advanced post-exploitation techniques, and custom exploit writing for both Windows and Linux environments. Hands-on labs provide practical experience with fuzzing, return-oriented programming, exploit mitigation bypasses, and real-world application exploitation.

What You’ll Learn

  • Advanced network attack methodologies
  • Custom exploit development techniques
  • Exploit mitigation bypass strategies
  • Modern fuzzing implementations
  • Post-exploitation advancement tactics
  • Return-oriented programming mastery
  • Cryptographic weakness assessment

Business Takeaways

  • Enhanced threat detection capabilities
  • Improved security control validation
  • Reduced enterprise attack surface
  • Advanced risk assessment accuracy
  • Stronger application security testing

Course Syllabus

Explore the course syllabus below to view the full range of topics covered in SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking.

Section 1Network Attacks for Penetration Testers

Network infrastructure in cloud environments presents unique attack vectors. In the first section, security professionals explore access manipulation, protocol exploitation, and device compromise across IPv4 and IPv6. Modern cloud setups integrate legacy components, making these skills crucial for comprehensive security testing.

Topics covered

  • Network access control evasion
  • Custom protocol manipulation methods
  • Advanced IPv6 security implications
  • TLS/SSL security considerations
  • OSPF routing attack vectors

Labs

  • Captive Portal Bypass
  • Credential Theft
  • IPv6 Attacks
  • HTTP Tampering
  • Router Attacks

Section 2Crypto and Post-Exploitation

In this section, security professionals explore cryptographic exploitation and post-compromise techniques in cloud environments. Topics include cipher operations, implementation flaws, privilege escalation, and lateral movement. PowerShell plays a key role in both attack and defense, especially in hybrid clouds.

Topics covered

  • Cryptographic implementation testing
  • CBC vulnerability exploitation
  • Hash-length extension attacks
  • PowerShell offensive capabilities
  • Software restriction bypasses

Labs

  • Detecting Cryptography Implementations
  • CBC Bitflipping Attacks
  • Hash Extension Attacks
  • Kiosk Escape
  • Client-side Post Exploitation

Section 3Product Security Testing, Fuzzing, and Code Coverage

In section three, security professionals analyze cloud-native products, focusing on supply chain security, protocol manipulation, and fuzzing. Topics include custom fuzzing grammars, network protocols, file formats, and code coverage analysis for testing effectiveness.

Topics covered

  • Protocol state manipulation
  • Automated fuzzing optimization
  • Binary analysis fundamentals
  • Code coverage measurement
  • Wireless data leakage testing

Labs

  • Custom packet manipulation
  • Framework-based fuzzing
  • Binary instrumentation techniques
  • Source code analysis methods
  • AFL++ implementation strategies

Section 4Exploiting Linux for Penetration Testers

Linux exploitation is crucial in cloud security. In this section, professionals explore memory management, privilege escalation, SUID exploits, and advanced bypass techniques like ROP and ASLR evasion.

Topics covered

  • Stack memory management
  • Symbol resolution methods
  • Code execution redirection
  • Stack protection defeat
  • Return-oriented programming

Labs

  • Linux buffer overflow exploitation
  • Return-to-libc implementation
  • Stack canary analysis
  • ASLR bypass techniques
  • 64-bit binary exploitation

Section 5Exploiting Windows for Penetration Testers

Windows systems remain prevalent in hybrid cloud environments, necessitating deep understanding of Windows-specific security features. In this section, practitioners examine process structures, exception handling, and API interactions. Content covers stack-based attacks, DEP bypass, and ROP chains, with special attention given to client-side exploitation.

Topics covered

  • Windows OS protection analysis
  • Stack exploitation fundamentals
  • ROP chain construction
  • Client-side attack vectors
  • Shellcode development

Labs

  • Windows 11 vulnerability analysis
  • SafeSEH bypass implementation
  • ROP chain development
  • DEP mitigation techniques
  • Commercial application testing

Section 6Capture The Flag!

A comprehensive challenge environment integrates cloud and traditional infrastructure components. Students face escalating difficulties across Linux and Windows systems, network infrastructure, and cloud services. The scoring system provides immediate feedback on successful exploitation, with point values reflecting real-world complexity and impact.

Topics covered

  • Multi-vector attack planning
  • Escalation path identification
  • Network attack implementation
  • System compromise techniques
  • Post-exploitation methods

Labs

  • Local privilege escalation
  • Remote system exploitation
  • Network infrastructure attacks
  • Protocol manipulation scenarios
  • Cross-platform attack chains

Things You Need To Know

Relevant Job Roles

Exploitation Analyst (DCWF 121)

DoD 8140: Cyber Effects

Collaborates to identify access and collection gaps using cyber resources and techniques to penetrate target networks and support mission operations.

Explore learning path

Cyber Operations Planner (DCWF 332)

DoD 8140: Cyber Effects

Coordinates cyber operations plans, working with analysts and operators to support targeting and synchronization of actions in cyberspace.

Explore learning path

Course Schedule & Pricing

Looking for Group Purchase Options?Contact Us
Filter by:
  • Location & instructor

    Virtual (OnDemand)

    Instructed by Barrett Darnell
    Date & Time
    OnDemand (Anytime)Self-Paced, 4 months access
    Course price
    $8,780 USD*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    Amsterdam, NL & Virtual (live)

    Instructed by Michiel Lemmens
    Date & Time
    Fetching schedule..View event details
    Course price
    €8,230 EUR*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    Las Vegas, NV, US & Virtual (live)

    Instructed by Stephen Sims
    Date & Time
    Fetching schedule..View event details
    Course price
    $8,780 USD*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    Singapore, SG & Virtual (live)

    Instructed by James Shewmaker
    Date & Time
    Fetching schedule..View event details
    Course price
    $8,900 USD*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    Munich, DE

    Instructed by Michiel Lemmens
    Date & Time
    Fetching schedule..View event details
    Course price
    €8,230 EUR*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    San Diego, CA, US & Virtual (live)

    Instructed by Douglas McKee
    Date & Time
    Fetching schedule..View event details
    Course price
    $8,780 USD*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    Tokyo, JP & Virtual (live)

    Instructed by James Shewmaker
    Date & Time
    Fetching schedule..View event details
    Course price
    ¥1,335,000 JPY*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    Washington, DC, US & Virtual (live)

    Instructed by Stephen Sims
    Date & Time
    Fetching schedule..View event details
    Course price
    $8,780 USD*Prices exclude applicable local taxes
    Registration Options
Showing 8 of 12

Benefits of Learning with SANS

Instructor teaching to a class

Get feedback from the world’s best cybersecurity experts and instructors

OnDemand Mobile App

Choose how you want to learn - online, on demand, or at our live in-person training events

Resources

Get access to our range of industry-leading courses and resources