CREST Penetration Testing Course

Approved by CREST

Course Summary

This course leads to the CREST Registered Tester (CRT) examination, which is recognised by the NCSC and is designed to assess the ability to carry out vulnerability assessments and penetration testing.

The CREST Registered Tester exam is a practical assessment, which tests your ability to implement network infrastructure and web application penetration testing methods and techniques.


Why do I need it?

Our course is designed, as closely as we can, to give you the experience needed to pass the CRT practical exam.

The vulnerabilities, exploit and deployment methods can be paralleled with those of the exam, and with a mix of both internal infrastructure and web application vulnerabilities.

All our trainers have extensive experience delivering cybersecurity courses in top UK universities, as well as performing penetration testing as their core job role in Samurai. The mix of academic teaching and real-world experience with CREST accredited penetration testers gives us the ability to get you through these CREST exams successfully.

Our Approach

Taught by experienced CRT certified penetration testers

Their job role at Samurai is to conduct CRT penetrations tests day in, day out. We regularly work on critical healthcare software that, if insecure, could costs lives. Our trainers are the best in their field.

24/7 Dedicated CREST Testing Environment

We don’t turn off our labs, even after you’ve finished the course. You will have extended access to the environment for over a month after you’ve completed our course.

Designed For The CRT Exam

Our trainers have designed this course from the ground up to give you all the necessary practical knowledge to head into the exam confident that you will pass.

In-depth Tutorials

In addition to our live training course, we have created tutorials that guide you through our testing environment, even after you’ve finished.

Tailored Training

We take a personal approach to our training. We make sure our pace is tailored to the skill level of our trainees.

Perfect For:

  • Aspiring penetration testers
  • Existing penetration testers looking to upskill
  • IT-minded individuals looking to change careers
  • Network infrastructure penetration testers
  • Web application penetration testers
  • Penetration testing trainers
  • University cyber security lecturers


A basic understanding of computer networking and TCP/IP is required, for example how IP addressing and subnet masks work and how network ports and services operate. Moderate experience of the Linux command line is expected also. If you intend to take the CRT exam, you will need to pass CPSA first, however, this is not a prerequisite for this course. Previous penetration testing experience is advised.


Course Structure

Module 1 - Core Technical Skills

  • Domain Name Server (DNS)
  • Interpreting Tool Output
  • OS Fingerprinting
  • Application Fingerprinting and
  • Evaluating Unknown Services
  • File System Permissions

Module 2 - Background Information Gathering & Open Source

  • Domain Name Server (DNS)

Module 3 - Networking Equipment

  • Management Protocols
  • Networking Protocols

Module 4 - Microsoft Windows Security Assessment

  • Domain Reconnaissance
  • User Enumeration
  • Active Directory
  • Windows Vulnerabilities
  • Common Windows Applications

Module 5 - Unix Security Assessment

  • User enumeration
  • Unix vulnerabilities
  • FTP
  • Sendmail / SMTP
  • Network File System (NFS)
  • R* services
  • X11
  • RPC services
  • SSH

Module 6 - Web Technologies

  • Web Server Operation
  • Web Servers & Their Flaws
  • Web Protocols
  • Web Application Servers

Module 7 - Web Testing Techniques

  • Web Site Structure Discovery
  • Cross Site Scripting Attacks
  • SQL Injection
  • Parameter Manipulation

Module 8 - Databases

  • Microsoft SQL Server
  • Oracle RDBMS
  • Web / App / Database Connectivity

Previous training session

This is a video clip from a previous CREST training session which covers a small portion from the following modules:

  • Linux services
  • Infrastructure testing
  • Web application testing

Our aim is to give you an opportunity to ‘look under the hood’ of our training methods before you make any time or monetary-based commitments.

Potential job opportunities for successful candidates

For candidates who pass the CREST CRT exam, we may offer you real-life testing opportunities, depending on your level of skill, testing capabilities and professional acumen.

CV guidance & feedback

We assess your CV under strict criteria providing you detailed feedback on its content, layout and wording. We have a high volume of CV’s sent to us, our insight can help you improve your chances of landing a position.

Mock CRT job interviews

Their job role at Samurai is to conduct CRT penetrations tests day in, day out. We regularly work on critical healthcare software that, if insecure, could costs lives. Our trainers are the best in their field.

Continued support

You will have access to our private Samurai slack channel which will have dedicated rooms for our CRT training, giving you direct communication to our technical team even after the course has finished.

What people say about this course:

Anyone who is looking to upskill and take the CPSA and CRT need to take this course! The course cost point was fantastic. Overall, 5 out of 5 stars

James W.

Cyber Security Analyst

The overall experience of the course was 10/10. My favourite part of the course was Web Application testing and it exceeded my expectations. I found the training pace very manageable and highly informative. The training materials were high quality and the lab environment was very good, easy to access and use.

Pashenka B.

Authorised Trainer - TechVets

A well-designed course that focused on what we needed to know to pass the exam. Especially useful for the CPSA because of the lack of publicly available preparation material for the exam. The instructor was knowledgeable and helpful throughout the course.

Jonathan S.

Enterprise Security Architect

Enroll Now




07884 646684

Get in touch

Let's find a solution

If you want to chat, give us a call: 0121 740 1304

Or, email us: [email protected]