SEC504: Hacker Tools, Techniques, and Incident Handling

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsApply your credits to renew your certifications
Attend a live, instructor-led class at a location near you or remotely, or train on your time over 4 months
Apply what you learn with hands-on exercises and labs
Learn Python in depth and gain essential skills for customizing and developing your own information security tools.
I have had a few Python courses in the past in school, but I am already learning new things and ways to find new information on Day 1.
Are you ready to embrace the AI revolution or cloud automation and tackle the dynamic challenges of today’s cybersecurity landscape? The skill you need is PYTHON. Want to harness massive data streams for real-time threat detection, leverage data science to uncover hidden attack patterns, or build custom tools to outpace adversaries? From AI-driven anomaly detection to advanced data analytics, Python is the backbone of modern infosec, data science, machine learning, and automation. Do you need to hunt attackers in cloud environments, analyzing forensic artifacts, or developing penetration testing exploits? Without Python your options are limited.
Python for cyber security is the must-have skill for defending modern networks. Python equips you to stay ahead in a world where threats evolve faster than ever. And SEC573 gives you just what you need to get started. Have you ever wondered why so many SANS courses include a crash course in Python? It’s because you can’t finish the labs and master those essential skills without it.
When you’re ready to stop treating Python as optional—and start wielding it as your infosec superpower—you’re ready for SEC573. This course also prepares you for the GPYC certification (GIAC Python Coder), which validates your ability to apply Python to solve real-world cybersecurity problems.
Mark Baggett has revolutionized cybersecurity through his leadership at SANS. His development of tools like Freq Server has strengthened threat detection, while his work in automation has empowered professionals to defend against evolving threats.
Read more about Mark BaggettExplore the course syllabus below to view the full range of topics covered in SEC573: Automating Information Security with Python.
The course launches with a fast-paced Python intro and the pyWars lab environment, backed by more than 100 hands-on labs. Beginners master the fundamentals, while advanced students dive into bonus challenges. You'll gain the skills to build Python tools for AI, cloud, pen testing, network defense, and beyond—no filler, just what gets results.
This section strengthens your core Python skills with hands-on labs on essential data structures like lists and dictionaries, managing isolated environments with venv, and mastering advanced debugging in VS Code. These skills are foundational across many fields, from software development to cybersecurity and data science.
In the role of a network defender, you’ll analyze logs and packet captures to identify indicators of compromise. You’ll develop scripts for continuous monitoring and master file handling, data analysis and working with network packets—fundamental skills for threat detection, incident response, and broader security operations.
In this forensics-themed section, you’ll develop the skills to manually extract and analyze digital artifacts in the absence of automated tools. You'll work with embedded data in disk images, SQL databases, and web content, and extract critical metadata—capabilities essential across incident response, threat hunting, and investigative roles.
In this offensive-themed section, you’ll build a custom remote access agent to bypass defenses when standard tools fail. Skills like process interaction, error handling, and TCP communication, while offensive in context, are essential across many cybersecurity roles.
The Capstone section challenges students to apply their skills in real-world scenarios—exploiting systems, analyzing packets, parsing logs, automating tasks, and interacting with websites. Live students compete as teams, while OnDemand students tackle challenges independently, with expert support available when needed.
This expert applies digital forensic skills to a plethora of media that encompass an investigation. The practice of being a digital forensic examiner requires several skill sets, including evidence collection, computer, smartphone, cloud, and network forensics, and an investigative mindset. These experts analyze compromised systems or digital media involved in an investigation that can be used to determine what really happened. Digital media contain footprints that physical forensic data and the crime scene may not include.
Explore learning pathThis job, which may have varying titles depending on the organization, is often characterized by the breadth of tasks and knowledge required. The all-around defender and Blue Teamer is the person who may be a primary security contact for a small organization, and must deal with engineering and architecture, incident triage and response, security tool administration and more.
Explore learning pathAdd a GIAC certification attempt and receive free two practice tests. View pricing in the info icons below.
When purchasing a live instructor-led class, add an additional 4 months of online access after your course. View pricing in the info icons below.
Python is a tool required in the world of InfoSec, and SEC573 helped me build that tool belt.
Very well put together. I have been afraid of learning how to code for years. Within the first days' worth of material my mind has been put at ease.
SEC573 is excellent. I went from having almost no Python coding ability to being able to write functional and useful programs.
Get feedback from the world’s best cybersecurity experts and instructors
Choose how you want to learn - online, on demand, or at our live in-person training events
Get access to our range of industry-leading courses and resources