GIAC - Firebrand's training for GIAC's Penetration Tester | GPEN



Only 5 Days



Classroom / Online / Hybrid

Next date

Next date:

7/2/2022 (Monday)


On this accelerated Firebrand course, you'll learn how to assess target networks and systems to find security vulnerabilities and sit the exam to get GIAC GPEN certified in just five days. New threats arise daily – with the GPEN course you’ll learn to defend your business by developing the skills to locate and mitigate IT security vulnerabilities, before they can be exploited.

Attack is the best form of defence - with GPEN you'll learn how to protect your business and achieve one of the most recognised penetration testing certifications in just five days. You’ll study penetration testing methodologies, legal issues and how to correctly conduct a real penetration test.

Hack your own organisation with GPEN

As well as studying the best practice techniques specific to penetration testing, you’ll also learn:

  • How to perform password attacks
  • Limitations and benefits of command shell access
  • Exploitation fundamentals
  • Web application probing and attacks
  • Target & vulnerability scanning

This Firebrand course prepares you for the GIAC Penetration Tester (GPEN) exam.

This course provides knowledge equivalent to the SANS SEC560: Network Penetration Testing and Ethical Hacking.

Seven reasons why you should sit your course with Firebrand Training

  1. Two options of training. Choose between residential classroom-based, or online GPEN courses
  2. You'll be GPEN certified in just 5 days. With us, you’ll be GPEN trained in record time
  3. Our GPEN course is all-inclusive. A one-off fee covers all course materials, exams, accommodation and meals. No hidden extras
  4. Pass GPEN first time or train again for free. This is our guarantee. We’re confident you’ll pass your course first time. But if not, come back within a year and only pay for accommodation, exams and incidental costs
  5. You’ll learn more. A day with a traditional training provider generally runs from 9am – 5pm, with a nice long break for lunch. With Firebrand Training you’ll get at least 12 hours/day quality learning time, with your instructor
  6. You’ll learn GPEN faster. Chances are, you’ll have a different learning style to those around you. We combine visual, auditory and tactile styles to deliver the material in a way that ensures you will learn faster and more easily
  7. You’ll be studying GPEN with the best. We’ve been named in Training Industry’s “Top 20 IT Training Companies of the Year” every year since 2010. As well as winning many more awards, we’ve trained and certified 111,290 professionals, and we’re partners with all of the big names in the business


Please Note

  • Examination vouchers not included for GIAC, CREST and CISSP CBK Review
  • On site testing not included for GIAC, CREST or ITIL Managers and Revision Certification Courses

Benefits of Training with Firebrand

  • Two options of training - Residential classroom-based, or online courses
  • A purpose-built training centre – get access to dedicated Pearson VUE Select facilities.
  • Certification Guarantee – pass first time or train again free (just pay for accommodation, exams and incidental costs)
  • Everything you need to certify – you’ll sit your exam at the earliest available opportunity after the course - either immediately after your classroom course, or as soon as there are slots available, if you've taken it online
  • No hidden extras – one cost covers everything you need to certify


Advanced Password Attacks

Use additional methods to attack password hashes and authenticate.

Attacking Password Hashes

Obtain and attack password hashes and other password representations.

Command Shell vs. Terminal Access

Learn the benefits, limitations, and distinguishing characteristics of command shell and terminal access.

Enumerating Users

Enumerate users through different methods.

Exploitation Fundamentals

Demonstrate the fundamental concepts associated with the exploitation phase of a pentest.

General Web Application Probing

Use tools and proxies to understand and exploit web application weaknesses.

Initial Target Scanning

Conduct port, operating system and service version scans and analyse the results.


Use and configure the Metasploit Framework at an intermediate level.

Moving Files with Exploits

Use exploits to move files between remote systems.

Password Attacks

Understand types of password attacks, formats, defenses, and the circumstances under which to use each password attack variation. You will be able to conduct password guessing attacks.

Pen-testing Foundations

Demonstrate the fundamental concepts associated with pen-testing.

Pen-testing Process

Utilise a process-oriented approach to pentesting and reporting.

Pen-Testing via the Command Line

Use advanced Windows command line skills during a pen test.


Understand the fundamental concepts of reconnaissance and will understand how to obtain basic, high level information about the target organisation and network, often considered information leakage, including but not limited to technical and non technical public contacts, IP address ranges, document formats, and supported systems.

Scanning for Targets

Use the appropriate technique to scan a network for potential targets.

Vulnerability Scanning

Conduct vulnerability scans and analyse the results.

Web Application Attacks

Utilise common web application attacks.

Wireless Crypto and Client Attacks

Utilise wireless cryptographic and client attacks including but not limited to hijacking and key attacks.

Wireless Fundamentals

Understand the fundamental concepts associated with wireless networks.

Exam Track

This course will prepare you for the following exam. The exam fee is not included in the course price. If you wish to take the exam, we’ll provide instructions on how to register with GIAC.

  • GIAC Penetration Tester (GPEN)
    • 115 questions
    • 3 hour time limit
    • 74% minimum passing score

You will be required to renew your GPEN certification every four years through Continuing Professional Experience (CPE) credits.

What's Included


  • Official Firebrand courseware

Your accelerated course includes:

  • Accommodation *
  • Meals, unlimited snacks, beverages, tea and coffee *
  • On-site exams **
  • Exam vouchers **
  • Practice tests **
  • Certification Guarantee ***
  • Courseware
  • Up-to 12 hours of instructor-led training each day
  • 24-hour lab access
  • Digital courseware **
  • * For residential training only. Doesn't apply for online courses
  • ** Some exceptions apply. Please refer to the Exam Track or speak with our experts
  • *** Pass first time or train again free (just pay for accommodation, exams and incidental costs)


In order to be successful on this course, it is recommended you have:

  • basic computer networking and security principles
  • previous experience in setting up virtual machines
  • A basic understanding of Python and Powershell
  • basic Linux knowledge including:
    • directory transversal
    • file manipulation using utilities
    • how to find details of processes
    • how to find and change network settings
  • basic SQL knowledge
  • a working knowledge of how to set up and run Wireshark on a network

Unsure whether you meet the prerequisites? Don’t worry. Your training consultant will discuss your background with you to understand if this course is right for you.


Here's the Firebrand Training review section. Since 2001 we've trained exactly 111,290 students and asked them all to review our Accelerated Learning. Currently, 96.66% have said Firebrand exceeded their expectations.

Read reviews from recent accelerated courses below or visit Firebrand Stories for written and video interviews from our alumni.

"Firebrand are well organised and their facilities, accommodation and training rooms are more than fit for purpose. The all-inclusive course represents good value and I would not hesitate to recommend to a friend or colleague, and have already done so!"
P.J., EDF Energy. (26/4/2021 (Monday) to 30/4/2021 (Friday))

"I find courses can be stressful. - Find the place, get there and home each day, Firebrand have one requirement - find their facility. From that point on they will handle all your needs completely. Taking that extra work away from you allows you to learn more freely than in other settings. They have high-quality management staff and instructors. They cover a wide range of valuable course. I've used them at least 6 times now and always look at their website first if an opportunity for training comes up through my employer."
Wayne Thompson, United Utilities. (26/4/2021 (Monday) to 30/4/2021 (Friday))

"Highly recommended. I completed the GICSP training, which Im confident has put me in a good place to take the exam. The instructor was very knowledgeable and delivered the training in a straightforward manner that was easy to digest. The environment was open and supported my many questions. I found Firebrand pleasant to work with, quick to respond, and wouldnt hesitate to use again."
M.W.. (25/1/2021 (Monday) to 29/1/2021 (Friday))

"Excellent delivery and great facility."
David Chisholm, Rolls Royce. (21/10/2019 (Monday) to 25/10/2019 (Friday))

"Very informative. Lecturer was very knowledgeable on a wide variety of subjects. A pleasure being bombarded with so much information."
Japie Van Der Merwe, SBM. (8/7/2019 (Monday) to 12/7/2019 (Friday))

Course Dates





Book now

23/8/2021 (Monday)

27/8/2021 (Friday)

Finished - Leave feedback




7/2/2022 (Monday)

11/2/2022 (Friday)

Limited availability



21/3/2022 (Monday)

25/3/2022 (Friday)




2/5/2022 (Monday)

6/5/2022 (Friday)




13/6/2022 (Monday)

17/6/2022 (Friday)




Latest Reviews from our students