Courses

Pathway to Pentesting

A new and flexible way to embark on a career as a pentester, with no upfront costs.

Register your interest

Course dates

  • April.  Please register your intest to receive course updates.

Introduction

Pathway to Pentesting is a brand-new course designed to address the challenges of students and career transitioners looking to embark on a career as a penetration tester.

We’ve turned the traditional training model on its head to offer a course that’s flexible and low risk, with no upfront cost.

This 12-week course is aligned to industry recognised professional qualifications, including CPSA, CRT and CSTM, and on successful completion, North Green will also help and support you in securing your first industry role.

Flexible to fit around you

Sessions will run at weekends and in the evenings, helping you to fit your training around your other commitments (perfect for students and career transitioners).

No upfront cost – and no % salary sacrifice

Payment is only due when you have secured a role or starting six months after the course ends, then it’s spread over 24 months at a fixed cost. 

Optional qualifications

The course is aligned to CPSA, CRT and CSTM – but the choice of whether, which and when to sit exams is totally up to you. But rest assured, you will have the knowledge and support to smash these exams when you do take them.

Help finding your first job

Our support doesn’t stop when you complete the course. Instead, we’ll use our experience and network to help you find your first role in the industry.

Access to your own lab environment

To help you continue your learning journey, you’ll also benefit from lifelong access to your own self-hosted lab environments, that can grow and expand with your skills.

Who is the course for?

Those looking to explore a career in penetration testing, without the upfront cost or risk, including:

  • Career transitioners
  • Students
Register your interest

Course Modules and Outline

Week 1: Foundations in Pentesting and Linux

  • Introduction to pentesting roles, methodology, and lifestyle.
  • Overview of UK pentesting laws and ethical guidelines.
  • Hands-on introduction to Linux, using Kali Linux.

Week 2: Networking Basics

  • Understand network communication: OSI, TCP/IP, DNS, and ports.
  • Configure IP addresses, subnets, and automate DNS lookups.

Weeks 3–4: Infrastructure Testing

  • Host discovery, port scanning, and vulnerability assessment with tools like Nmap and Nessus.
  • Exploitation basics with Metasploit and post-exploitation techniques for Linux and Windows.

Week 5: Privilege Escalation and Desktop Breakout

  • Learn privilege escalation techniques for Linux and Windows systems.
  • Understand the differences in attack approaches between platforms.
  • Learn how to break out of locked down windows desktop environments.

Week 6: Active Directory (AD) Testing

  • Explore AD enumeration, Kerberoasting, and lateral movement techniques.
  • Hands-on practice with tools like Mimikatz and PsExec.

Weeks 7–8: Web Application Testing

  • Delve into OWASP Top 10 vulnerabilities (e.g. SQLi, XSS, IDOR).
  • Exploit web vulnerabilities with Burp Suite and manual testing techniques.
  • Desktop breakout tactics and scripting for lateral movement.

Week 9: Security Testing Processes

  • Advanced testing topics: social engineering, APIs, IoT, and firewalls.
  • Understand client engagements and the importance of soft skills
  • Understand the importance of scoping and reporting within the pentesting process

Weeks 10–11: Capstone Project

  • Conduct a full penetration test. This includes scoping, testing, and reporting.
  • Receive mentorship during your final project, simulating a real-world scenario.

Week 12: Career Guidance

  • Build your CV, ace interviews, and explore pentesting job opportunities.
  • Participate in open discussions to solidify knowledge and network with peers.
  • Review any topics, skills or techniques that you want to develop further.

Key Features

  • Real-world tools: Kali Linux, Metasploit, Burp Suite, Nessus.
  • In-depth coverage of modern threats and testing strategies.
  • Final pentest project with personalised feedback.
  • Career preparation to secure your first pentesting role.

Your questions answered

When and how is the training structured?
Pathway to Pentesting is a 12-week course with remote, instructor led training sessions.  These take place on a Thursday, between 19:00 and 21:00, and on a Saturday, from 09:00 to 17:00.

There is also dedicated Teams channel where students can post questions, discuss course content or topics and gain additional support.

Do I need to commit to any additional study hours, outside of the training sessions?
Whilst the majority of the course will be covered during the structured training sessions, we would suggest you also allow a small amount of time, around two hours per week, for related self study.
What kind of setup or kit do I need?
You will need access to a computer that ideally has 16GB of RAM, so that you can host the lab environment that we will use. You will also need roughly 100GB storage available on your hard drive and have the ability to install software.
Do I need prior knowledge of pentesting or a high level of technical skills?
Pathway to Pentesting is designed to take you through the necessary skills that you will need to embark on a career as a penetration tester. Whilst you will not need to have any previous pentesting experience, there are certain skills and base technical knowledge that will be beneficial.

We have created a pre-training checklist (link to document), as well as a pre-course technical knowledge e-book, complete with assets and resources to bring you up to speed with any technical skills you will need. So, if this is new to you, don’t worry! We will make sure you have everything you need to excel.

What is the cost of the course?
The cost is then payable at fixed fee of £250 per month, spread over 24 months. Making it simple to budget – and unlike a traditional salary sacrifice scheme, there’s no increase on payments when you receive promotions/pay rises
Will I gain any practical experience?
The course will cover both fundamental skills and knowledge as well as their application, through real life scenarios. You will learn how to conduct a security assessment of networks and websites using a range of tools and techniques, in a custom lab experience. The course will culminate with a formal pentest, after which you will also produce and present a ‘client’ report.
Will I be sitting any professional exams?
The syllabus for Pathway to Pentesting is aligned to prepare you for CPSA (CREST Practitioner Security Analyst), CRT (CREST Registered Penetration Tester) and CSTM (Cyber Scheme Team Member)certifications.

However, these certifications are not mandatory or integral to successful completion of the course – instead, you can choose whether or when you wish to undertake any professional examinations or make your choices depending on the preferred qualifications of your future employer.

If you are just starting your pentesting career, rest assured that while qualifications can be helpful and make you stand out, many companies will fund exam attempts, and even additional study, if they require you to hold specific qualifications.

Why Choose this Course
North Green Security is a leading provider of cyber security training and consultancy. Our core courses are designed to support individuals working towards CREST or Cyber Scheme qualifications and are both written and delivered by practicing pentesters, equipped with advanced industry qualifications and experience, we are able to guide professionals at different stages of their careers.

In addition, we develop and deliver bespoke training and courses for both the public and private sector, in the UK and internationally.

We are a CREST Approved Training Provider and in 2024 and were shortlisted as a finalist in the Best Cyber Training Provider category of the Real Cyber Awards.
Please don’t hesitate to contact us if you would like references or testimonials.

Why North Green Security

With over 15 years’ experience in the cyber security industry, the North Green Security training team is able to bring real world scenarios into the classroom. Our training team are highly skilled and have achieved CHECK Team Leader Infrastructure & Application qualifications themselves. By ensuring our trainers are still responsible for delivering security engagements for clients, our training is constantly adapted to reflect the ever-changing landscape of the cyber security industry.

We have a real passion for our subject and genuinely care that candidates understand what they are learning. We provide a community feel that enables candidates to feel at ease and we promote an environment where any questions can be asked and will be answered.

Register your interest

Affiliated with:

cyber essentials plus
cyber essentials plus
cyber essentials plus
cyber essentials plus