ITIL® 4 Managing Professional Transition Module (MPT) Retires June 2022 | 30% OFF RRP On All Virtual Classroom Dates Learn more

Certified In The Art Of Hacking Training Course

Learn A Wealth Of Techniques To Compromise The Security Of Various Systems, Devices & Applications


Securing customer data is often crucial when deploying and managing web applications and network infrastructure. As such, IT Administrators and Web Developers require security knowledge and awareness in order to secure their environment. Due to this requirement, operational staff often require hands-on training and experience to identify, control and prevent organisational threats.

The five-day Certified In The Art Of Hacking training course brings together Infrastructure Security and Web Application Security and will teach you the fundamentals of hacking. This hands-on training course was written to address the market need around the world for a real hands-on, practical and hacking experience that focuses on what is really needed when conducting a penetration test.

The Certified In The Art Of Hacking training course will teach you a wealth of techniques to compromise the security of various operating systems, networking devices and web application components.

The Certified In The Art Of Hacking training course combines a formal hacking methodology with a variety of tools to teach the core principles of ethical hacking.

  • Approaches attackers take when targeting organisations
  • Conducting penetration testing engagements step by step and leveraging open source and publicly available tools to gain access to vulnerable systems
  • Understanding how to exploit your own network before attackers do

Please Note

You can book this course and hold it in credit until you have decided on a specific course date. Alternatively, please view our other course dates.
Exam Included
5 Days
£3475Excl. VAT

Course Outline

What Is Covered In The Certified In The Art Of Hacking Training Course?

Day 1

  • TCP/IP Basics
  • The Art of Port Scanning
  • Target Enumeration
    • Exercise - ARP Scan (Enumeration)
    • Exercise - Port Scanning (Service Enumeration)
  • Brute-Forcing
    • Exercise - SNMP (Brute Force Attack)
    • Exercise - SSH
    • Exercise - Postgres
  • Metasploit Basics
    • Exercise - Metasploit Basics

Day 2

  • Password Cracking
    • Exercise - Password Cracking
  • Hacking Unix systems
    • Exercise - Heartbleed
  • Hacking Application Servers on Unix
    • Exercise - Hacking Application Servers (Tomcat)
    • Exercise - Hacking Application Servers (Jenkins)
  • Hacking Third Party CMS Software
    • Exercise - PHP Serialization Exploit
    • Exercise - Wordpress Exploit

Day 3

  • Windows Enumeration
    • Exercise - Windows Host Enumeration
  • Client-Side Attacks
    • Exercise - Hacking Third Party Software
  • Hacking Application Servers on Windows
    • Exercise - Hacking Application Servers on Windows
  • Post Exploitation
    • Exercise - Windows Hacking - Password Extraction
  • Hacking Windows Domains
    • Exercise - Hacking Windows Domains

Day 4

  • Understanding the HTTP protocol
    • Exercise - Burp Demo
    • Exercise - Manipulating Headers
  • Information gathering
    • Exercise - Information Gathering
  • Username Enumeration & Faulty Password Reset
    • Exercise - Username Enumeration
    • Exercise - Password Brute-force Attack
    • Exercise - Forgotten Password Functionality
  • SSL/TLS related vulnerabilities
    • Exercise - TLS
  • Authorisation Bypasses
    • Exercise - Authorization Bypass via Parameter Manipulation
    • Exercise - Authorization Bypass
    • Exercise - Arbitrary File Download

Day 5

  • Cross Site Scripting (XSS)
    • Exercise - XSS (reflective)
    • Exercise - XSS Session Hijacking
    • Exercise - Stored XSS
  • Cross Site Request Forgery (CSRF)
    • Exercise - CSRF (Demo)
  • SQL Injection
    • Exercise - SQLite (Manual and slap based exploitation)
  • XML External Entity (XXE) Attacks
    • Exercise - XXE
  • Insecure File Uploads
    • Exercise - Insecure File Upload


Learning Outcomes

  • You will be able to discover and fingerprint systems and services available within their infrastructure
  • You will be able to discover and exploit Windows and Linux operating systems through a variety of well-known vulnerabilities
  • You will be able to conduct password brute force attacks to compromise services and gain access to a host
  • You will discover the techniques for hacking application servers and content management systems to gain access to customer data
  • You will be able to conduct client-side attacks and execute code on a victim’s machine
  • You will be able to identify common web application vulnerabilities and introduce security within their software development lifecycle in a practical manner

About the Course

  • The Art of Hacking (QATAOH) training course written and updated for 2019 and benefits from the latest vulnerabilities in current and future platforms /systems. E.g. we do not talk about hacking windows XP and 2003 servers (unlike CEH) but talk about circumventing controls in Modern OS such as Windows 2012 / 16 servers. High impact vulnerabilities such and or mass compromise vulnerabilities are taught in the class.
  • Unlike CEH, where the focus is to run a tool to achieve an objective that helps you to pass the exam, we focus on the underlying principles on which tools work and provide you with an understanding on what is the root cause of the vulnerability and how does the tool work to exploit it. We also talk about how the vulnerability should be mitigated.
  • In terms of reputation, this Certified In The Art Of Hacking training course remains one of the most popular class's at BlackHat and other major events. The course is written and taught by pen testers and the training is based on real-life pen testing experience. The Infrastructure component of the class is featuring this year at BlackHat Las Vegas.

Who Should Attend

The Certified In The Art Of Hacking training course is suitable for:

  • System Administrators who are interested in learning how to exploit Windows and Linux systems
  • Web Developers who want to find and exploit common web application vulnerabilities
  • Network Engineers who want to secure and defend their network infrastructure from malicious attacks
  • Security Enthusiasts new to the information security field who wants to learn the art of ethical hacking
  • Security Consultants looking to relearn and refresh their foundational knowledge

Materials Provided

The class benefits from a hands-on lab that is hosted in the NotSoSecure cloud. You will get your own dedicated Virtual Machines upon which you can practice each and every vulnerability in detail.

Organisational Benefits

It Can Protect Your Business From Data Breach Fines – The biggest advantage is that you can provide comprehensive protection from data breach fines being imposed on your business.

Protect Personal Info – One of the most valuable commodities in the digital age is personal information. If a cyber criminal is able to obtain personal information regarding your employees or customers, they are quite capable of selling that information on, or even using it to steal their money.

Allows Employees to Work Safely – Without the best cyber security systems for your business, you and your employees are constantly at risk from a potential cyber-attack. If your system, or even individual computers, become infected than that can really hamper their productivity and even force you to replace computers.

Inspire Confidence in Your Customers – If you can prove that your business is effectively protected against all kinds of cyber threats, then you can inspire trust in your customers and clients. They will then feel more confident when purchasing your products or making the most of your services.

Individual Benefits

Thinking Like A Hacker – The Certified In The Art Of Hacking course gives IT professionals a glimpse into the mindset of a typical hacker. The focus of an IT professional is always on keeping bad guys out and maintaining secure systems. Over time, many IT pros develop a reactionary mindset. Battling with the bad guys will always involve reacting to threats and events as they occur, but it’s far more valuable and powerful to understand how the bad guys think and to be able to anticipate their moves. By learning the hacker mindset, you’ll be able to take a more proactive approach and see beyond current security tools and policies to know where and how an attacker might try to gain access to your network.

Learning How Exploits Evolve – Besides demonstrating the hacker mindset, the Certified In The Art Of Hacking course also provides valuable insight into the entire life cycle of an exploit. For many security professionals, the way exploits evolve to take advantage of vulnerabilities is a mystery. While security pros are trained to prevent and respond to known vulnerabilities, little attention is paid to the life cycle of the exploit itself, from its conception to its destructive use in the real world. The level of insight gained by becoming Certified In The Art Of Hacking allows you to look at exploits and vulnerabilities objectively and to spot potential attack vectors and weaknesses before the hackers do.

Learning About Tools Of The Trade – Another overlooked benefit of the Certified In The Art Of Hacking certification is the amount of knowledge you can get regarding the tools of the hacker trade. Learning how malicious attackers use various tools allows you to better secure your networks, applications, and other assets.


The above requirements are not mandatory but are recommended due to the pace of the training course:

  • Basic familiarity with Windows and Linux systems e.g. how to view a system’s IP address, installing software, file management
  • Basic understanding of Network fundamentals e.g. IP addressing, knowledge of protocols such as ICMP, HTTP and DNS
  • Basic understanding of HTTP fundamentals e.g. Structure of an HTTP request, HTTP method verbs, HTTP response codes


There is no formal prereading for the Certified In The Art Of Hacking training course.

Exam Overview

The online proctored exam is taken in class on the final day of the training course.

  • Duration: 70 Minutes
  • Questions: 50 Multiple-Choice (4 Multiple Choice Answers - Only 1 Of Which Is Correct)
  • Pass Mark: 50%
  • Results: You Will Recieve Individual Emails To Access Your APMG Candidate Portal, Typically Available Two Weeks Post Exam

Exam Type

Proctored Exam

Professional Development Units - PDUs

There are no Professional Qualification Credits associated with the Certified In The Art Of Hacking course.


The Art Of Hacking Certificate

Next Steps

Our Certified Information Systems certificates have emerged as key qualifications for Security Professionals. More and more organisations are demanding experienced Information Security Professionals with the qualifications to prove that you can protect their valuable information and assets. It is the ideal time to achieve and maintain up to date qualifications. Purple Griffon currently offer the following Certified Information Systems classroom-based training courses:


The Certified In The Art Of Hacking training course starts from the very basic and builds up to the level where you can not only use the tools and techniques to hack various components involved in infrastructure and web hacking, but also gain solid understanding of the concepts on which these tools are based.

Certified In The Art Of Hacking Course Dates

Course Filter

DD/MM/YYY - e.g. 31/12/2015
Showing 1 to 4 of 4 Total Course Dates.
Course Date

Certified In The Art Of Hacking

Virtual Classroom
Course Date

Certified In The Art Of Hacking

Virtual Classroom
Course Date

Certified In The Art Of Hacking

Virtual Classroom
Course Date

Certified In The Art Of Hacking

Virtual Classroom
Scroll Table to View Content