Training
Featured Course View All Courses
Get a Free Hour of SANS Training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
NEW - AI Security Training
Can't find what you are looking for?

Let us help.

Contact us
Free Resources

SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

Customer Case Studies

Discover how organizations and individual cyber practitioners use SANS training and GIAC certifications

AI Risk & Readiness

Explore expert-driven guidance, training, and tools to help defend against AI-powered threats and adopt AI securely

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations

Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Group Purchasing
Group Purchasing

Offensive Operations, Penetration Testing, and Red Team Training Courses

Offensive Operations, Pen Testing and Red Teaming Training
Jump to:

Outsmart Hackers with Real-World Offensive Security Training Courses

As cyberthreats grow more sophisticated, it is critical to proactively identify and address vulnerabilities before adversaries exploit them. A SANS survey of ethical hackers found that nearly 60% can breach a corporate environment within five hours of identifying a weakness. SANS Offensive Operations delivers expert-led offensive security training courses across the entire attack surface, covering everything from penetration testing and red teaming to exploit development and hardware hacking. Through hands-on labs and industry-recognized certifications, we equip professionals to master real-world offensive techniques and adversarial tactics.

What is Offensive Security?

Offensive security is the practice of thinking and operating like a cyber attacker to uncover security gaps before they can be exploited. Rather than waiting for a breach to reveal weaknesses, offensive security professionals actively test systems, applications, networks, and devices to identify risks and improve defenses. This approach helps organizations better understand how real-world threats operate and where their security posture can be strengthened. Through SANS offensive operations training courses, you can learn the tools, methods, and mindset used by today's top cybersecurity professionals, gaining practical experience that can be applied immediately in real-world environments.

What You’ll Learn From Our Offensive Security Courses

Penetration Testing

Build offensive security training and penetration testing expertise using real-world tactics, tools, and methodologies to identify, exploit, and remediate security vulnerabilities while gaining hands-on experience with the techniques used by today's attackers and security professionals.

Red Teaming

Learn adversary emulation, stealth, and evasion techniques to test and improve an organization's security posture against persistent threats. Through red team certification training and practical offensive security scenarios, develop the skills needed to simulate advanced threat activity, bypass defensive controls, evaluate detection and response capabilities, and help organizations identify and address security gaps before they can be exploited.

Purple Teaming

Bridge the gap between offense and defense, to foster collaboration between red and blue teams and strengthen detection, response, and overall security resilience. Gain a deeper understanding of attacker behavior, improve threat hunting and incident response processes, and help security teams work together more effectively to identify weaknesses, validate defenses, and reduce organizational risk.

Student Insights

In one week, my instructor built a bridge from typical vulnerability scanning to the true art of penetration testing. Thank you, SANS, for making myself and my company much more capable in information security.
Mike DozierSavannah River Nuclear Solutions

Featured Offensive Security Courses

View All Courses
  • Slide 1 of 12

    SEC504: Hacker Tools, Techniques, and Incident Handling

    MAJOR UPDATES
    AI SKILLS
    Essentials
    SEC504Offensive Operations, Artificial Intelligence
    SEC504: Hacker Tools, Techniques, and Incident Handling
    • 6 Days (Instructor-Led)
    • 38 CPEs / 38 Hours (Self-Paced)
    • Labs: 44 Hands-On Labs

    View course detailsRegister
  • Slide 2 of 12

    SEC535: Offensive AI - Attack Tools and Techniques

    NEW
    AI-FOCUSED
    Intermediate
    SEC535Offensive Operations, Artificial Intelligence
    SEC535: Offensive AI - Attack Tools and Techniques
    • 3 Days (Instructor-Led)
    • 18 CPEs / 18 Hours (Self-Paced)
    • Labs: 14 Hands-On Labs

    View course detailsRegister
  • Slide 3 of 12

    SEC560: Enterprise Penetration Testing

    UPDATED
    Intermediate
    SEC560Offensive Operations
    SEC560: Enterprise Penetration Testing
    • 6 Days (Instructor-Led)
    • 36 CPEs / 36 Hours (Self-Paced)
    • Labs: 30 Hands-On Labs

    View course detailsRegister
  • Slide 4 of 12

    SEC542: Web App Penetration Testing and Ethical Hacking

    MAJOR UPDATES
    Intermediate
    SEC542Offensive Operations
    SEC542: Web App Penetration Testing and Ethical Hacking
    • 6 Days (Instructor-Led)
    • 36 CPEs / 36 Hours (Self-Paced)
    • Labs: 35 Hands-On Labs

    View course detailsRegister
  • Slide 5 of 12

    SEC565: Red Team Operations and Adversary Emulation

    UPDATED
    AI SKILLS
    Intermediate
    SEC565Offensive Operations, Artificial Intelligence
    SEC565: Red Team Operations and Adversary Emulation
    • 6 Days (Instructor-Led)
    • 36 CPEs / 36 Hours (Self-Paced)
    • Labs: 28 Hands-On Labs

    View course detailsRegister
  • Slide 6 of 12

    SEC598: AI and Security Automation for Red, Blue, and Purple Teams

    AI-FOCUSED
    Intermediate
    SEC598Offensive Operations, Artificial Intelligence
    SEC598: AI and Security Automation for Red, Blue, and Purple Teams
    • 6 Days (Instructor-Led)
    • 36 CPEs / 36 Hours (Self-Paced)
    • Labs: 25 Hands-On Labs

    View course detailsRegister
  • Slide 7 of 12

    SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking

    Advanced
    SEC660Offensive Operations
    SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking
    • 6 Days (Instructor-Led)
    • 46 CPEs / 46 Hours (Self-Paced)
    • Labs: 30 Hands-On Labs

    View course detailsRegister
  • Slide 8 of 12

    SEC588: Cloud Penetration Testing

    Intermediate
    SEC588Offensive Operations
    SEC588: Cloud Penetration Testing
    • 6 Days (Instructor-Led)
    • 36 CPEs / 36 Hours (Self-Paced)
    • Labs: 24 Hands-On Labs

    View course detailsRegister
  • Slide 9 of 12

    SEC599: Defeating Advanced Adversaries - Purple Team Tactics & Kill Chain Defenses

    Intermediate
    SEC599Offensive Operations
    SEC599: Defeating Advanced Adversaries - Purple Team Tactics & Kill Chain Defenses
    • 6 Days (Instructor-Led)
    • 36 CPEs / 36 Hours (Self-Paced)
    • Labs: 25 Hands-On Labs

    View course detailsRegister
  • Slide 10 of 12

    SEC617: Wireless Penetration Testing and Ethical Hacking

    Advanced
    SEC617Offensive Operations
    SEC617: Wireless Penetration Testing and Ethical Hacking
    • 6 Days (Instructor-Led)
    • 36 CPEs / 36 Hours (Self-Paced)
    • Labs: 20 Hands-On Labs

    View course detailsRegister
  • Slide 11 of 12

    SEC575: iOS and Android Application Security Analysis and Penetration Testing

    Intermediate
    SEC575Offensive Operations
    SEC575: iOS and Android Application Security Analysis and Penetration Testing
    • 6 Days (Instructor-Led)
    • 36 CPEs / 36 Hours (Self-Paced)
    • Labs: 20 Hands-On Labs

    View course detailsRegister
  • Slide 12 of 12

    SEC670: Red Teaming Tools - Developing Windows Implants, Shellcode, Command and Control

    Advanced
    SEC670Offensive Operations
    SEC670: Red Teaming Tools - Developing Windows Implants, Shellcode, Command and Control
    • 6 Days (Instructor-Led)
    • 46 CPEs / 46 Hours (Self-Paced)
    • Labs: 27 Hands-On Labs

    View course detailsRegister
View All Courses

Meet Your Experts

Erik Van Buggenhout

Erik Van Buggenhout

Co-Founder and Partner at NVISO

Train with Erik Van Buggenhout, SANS instructor and NVISO co-founder, and develop hands-on skills in purple teaming, adversary emulation, and detection engineering to continuously improve detection, response, and real-world cyber defense.

Learn more
Chris Elgee

Chris Elgee

Builder and Breaker at Counter Hack; Cyber Warfare Officer in the Army National Guard

Chris Elgee, SANS instructor and GSE, brings real-world cyber operations into the classroom through immersive NetWars challenges and hands-on labs that teach students to think like attackers and defend with confidence.

Learn more
Moses Frost

Moses Frost

Solutions Consultant at Palo Alto Networks

Red team expert Moses Frost combines decades of offensive security experience with hands-on SANS training, helping students master cloud penetration testing and adversary simulation through real-world labs.

Learn more
Jean-François Maes

Jean-François Maes

CEO at Offensive Guardian

Jean-François is based in Portugal, where he is the CEO of Offensive Guardian, a boutique red and purple teaming shop providing freelance services to various organizations. He has worked for other noteworthy firms, including, but not limited to: Neuvik, TrustedSec, Fortra's Cobalt-Strike team, and NVISO.

Learn more
Jeff McJunkin

Jeff McJunkin

CEO at Rogue Valley Information Security

Jeff McJunkin brings decades of systems, network, and offensive security experience to SANS. Founder of Rogue Valley Information Security, he has led enterprise penetration tests, built Core NetWars experiences, and authored SEC580 while co-authoring SEC560.

Learn more
Larry Pesce

Larry Pesce

Vice President of Services at Finite State

Larry has revolutionized embedded device security with decades of hands-on offensive research, co-authoring SANS's flagship wireless and IoT penetration testing courses, and pioneering SBOM exploitation techniques for supply chain defense strategies.

Learn more

Explore Careers Within Offensive Operations

Red Teamer

Offensive OperationsExplore learning path

Purple Teamer

Offensive OperationsExplore learning path

Application Pen Tester

Offensive OperationsExplore learning path

Vulnerability Researcher & Exploit Developer

Offensive OperationsExplore learning path

The Offensive Operations Coins Backstory

SANS coins aren’t just given…they are earned. Discover the story behind these iconic Offensive Ops challenge coins, where Capture the Flag victories, custom artwork, and hidden puzzles come together in a collectible worth chasing.

Read More
Challenge Coins

Upcoming Events

Offensive Posters and Cheat Sheets

Jonathan ReiterGreg BaileyJoshua Wright

An Introduction to C for Windows

This poster is aimed at newer C developers coming from other operating systems and switching to Windows.

Poster and cheat sheet
Created ByJonathan Reiter
Jonathan Reiter
An Introduction to C for Windows
More Posters

Offensively Stealthy Coins

Offensive Operations coins are awarded to top performers in Capture the Flag challenges at the end of some courses. Each coin features unique artwork tied to its course and hides a cipher. When you collect 8 coins and decipher them all, you win the one coin… the One Coin to Rule Them All!

Learn More
Offensive Operations: SANS Penetration Testing

Frequently Asked Questions