CREST Penetration Testing Course


This course leads to the CREST Registered Tester (CRT) examination, which is recognised by the NCSC and is designed to assess the ability to carry out vulnerability assessments and penetration testing.

The CREST Registered Tester exam is a practical assessment, which tests your ability to implement network infrastructure and web application penetration testing methods and techniques.

Pass first time or train again for free

We are so confident in our training expertise and course delivery, that if you don’t pass the CREST exam the first time after training with us, you will have a spot reserved on one of our future courses, to train again free of charge.

Spread the cost over time

You can spread the cost over 3 monthly instalments interest-free, or with a monthly plan of 6-36 months. At checkout, complete a short application to receive an instant decision with an offer to fit your needs.

Discounted training

Our aim is to help everyone pass CRT, irrespective of circumstance. If you are a current student, recent graduate, put on a job retention scheme, or are currently job seeking, you can train for half price.

At a glance

5 Day


Live online


8th February


The Course

Our course is designed, as closely as we can, to give you the experience needed to pass the CRT practical exam. The vulnerabilities, exploit and deployment methods can be paralleled with those of the exam, and with a mix of both internal infrastructure and web application vulnerabilities.

All our trainers have extensive experience delivering cybersecurity courses in top UK universities, as well as performing penetration testing as their core job role in Samurai. The mix of academic teaching and real-world experience with CREST accredited penetration testers gives us the ability to get you through these CREST exams successfully.

Taught by experienced CRT certified penetration testers

Their job role at Samurai is to conduct CRT penetrations tests day in, day out. We regularly work on critical healthcare software that, if insecure, could costs lives. Our trainers are the best in their field.

24/7 dedicated CREST testing environment

We don’t turn off our labs, even after you’ve finished the course. You will have extended access to the environment for over a month after you’ve completed our course.

Designed for the CRT exam

Our trainers have designed this course from the ground up to give you all the necessary practical knowledge to head into the exam confident that you will pass.

In-depth tutorials

In addition to our live training course, we have created tutorials that guide you through our testing environment, even after you’ve finished.

Tailored training

We take a personal approach to our training. We make sure our pace is tailored to the skill level of our trainees.

Proprietary tools

Alongside a long list of existing hacking tools, we’ve built our own tools to save you time in the exam.

What people say about our training

Perfect for

  • Aspiring penetration testers
  • Existing penetration testers looking to upskill
  • IT-minded individuals looking to change careers
  • Network infrastructure penetration testers
  • Web application penetration testers
  • Penetration testing trainers
  • University cyber security lecturers


A basic understanding of computer networking and TCP/IP is required, for example how IP addressing and subnet masks work and how network ports and services operate.  Moderate experience of the Linux command line is expected also.  If you intend to take the CRT exam, you will need to pass CPSA first, however, this is not a prerequisite for this course.

Course leaders

Neil Richardson

Technical Director

Neil has worked as an academic teaching web application, mobile and infrastructure penetration testing at several universities around the UK for 7 years before co-founding Samurai. Since, he has spent 4 years leading a talented team of CREST registered penetration testers.

Ali Malik

Senior Cyber Security Consultant

Ali has over 7 years’ experience in CRT penetration testing, secure web application development using C#, Java, JSP, PHP and Python. This gives him a unique understanding of the security of web applications and the different ways of exploitation.


  • Domain Name Server (DNS)
  • Interpreting Tool Output
  • OS Fingerprinting
  • Application Fingerprinting and Evaluating Unknown Services
  • File System Permissions
  • Management Protocols
  • Networking Protocols
  • Domain Reconnaissance
  • User Enumeration
  • Active Directory
  • Windows Vulnerabilities
  • Common Windows Applications
  • User enumeration
  • Unix vulnerabilities
  • FTP
  • Sendmail / SMTP
  • Network File System (NFS)
  • R* services
  • X11
  • RPC services
  • SSH
  • Web Server Operation
  • Web Servers & their Flaws
  • Web Protocols
  • Web Application Servers
  • Web Site Structure Discovery
  • Cross Site Scripting Attacks
  • SQL Injection
  • Parameter Manipulation
  • Microsoft SQL Server
  • Oracle RDBMS
  • Web / App / Database Connectivity

Previous training session

This is a video clip from a previous CREST training session which covers a small portion from the following modules:

  • Linux services
  • Infrastructure testing
  • Web application testing

Our aim is to give you an opportunity to ‘look under the hood’ of our training methods before you make any time or monetary-based commitments.

Potential job opportunities for successful candidates

For candidates who pass the CREST CRT exam, we may offer you real-life testing opportunities, depending on your level of skill, testing capabilities and professional acumen.

CV guidance & feedback

We assess your CV under strict criteria providing you detailed feedback on its content, layout and wording. We have a high volume of CV’s sent to us, our insight can help you improve your chances of landing a position.

Mock CRT job interviews

Their job role at Samurai is to conduct CRT penetrations tests day in, day out. We regularly work on critical healthcare software that, if insecure, could costs lives. Our trainers are the best in their field.

Continued support

You will have access to our private Samurai slack channel which will have dedicated rooms for our CRT training, giving you direct communication to our technical team even after the course has finished.

Take our test

Due to the difficult nature of the CRT exam, we have developed a short qualification test, that we strongly recommend you complete before taking our course.

In order to be eligible for retraining, you will need to achieve a mark over 70% on our test, complete our training course and have taken the CREST exam within 6 months of attendance. If you do unfortunately fail, you will be slotted into one of our future courses, subject to its availability.  

If you fall 70%, we recommend you self study Security+ and Network+ by CompTIA.

How do I register my interest?

Completing the form below will allow us to verify your eligibility to receive discounts, we will be in touch shortly for verification purposes.

[email protected] / 0114 400 0021

Join our next course

Duration: 5 Days

Method: Live Online (Zoom)

Dates: 8th February 2021

  • Pass first time or train again for free
  • Taught by experienced CRT certified penetration testers
  • 24/7 Dedicated testing environment
  • A course designed for you to pass the CRT exam
  • Potential job opportunities for successful candidates
  • CV Guidance & mock CRT job interviews
  • Continued support after the course