CREST Penetration Testing Course


This course leads to the CREST Registered Tester (CRT) examination, which is recognised by the NCSC and is designed to assess the ability to carry out vulnerability assessments and penetration testing.

The CREST Registered Tester exam is a practical assessment, which tests your ability to implement network infrastructure and web application penetration testing methods and techniques.

Pass first time or train again for free

We are so confident in our training expertise and course delivery, that if you don’t pass the CREST exam the first time after training with us, you will have a spot reserved on one of our future courses, to train again free of charge.

Spread the cost over time

You can spread the cost over 3 monthly instalments interest-free, or with a monthly plan of 6-36 months. At checkout, complete a short application to receive an instant decision with an offer to fit your needs.

Discounted training

Our aim is to help everyone pass CRT, irrespective of circumstance. If you are a current student, recent graduate, put on a job retention scheme, or are currently job seeking, you can train for half price.

Next Course

3/5 Day


Live Online


CPSA - 14th to 16th September 2022
CRT - 19th to 23rd September 2022


What people say about our training

Browse our courses

  • Taught by experienced CRT certified penetration testers
  • 24/7 Dedicated testing environment
  • A course designed for you to pass the CRT exam
  • Potential job opportunities for successful candidates
  • CV Guidance & mock CRT job interviews
  • Continued support after the course
  • Prices exclude VAT

The course

Our course is designed, as closely as we can, to give you the experience needed to pass the CRT practical exam. The vulnerabilities, exploit and deployment methods can be paralleled with those of the exam, and with a mix of both internal infrastructure and web application vulnerabilities.

All our trainers have extensive experience delivering cybersecurity courses in top UK universities, as well as performing penetration testing as their core job role in Samurai. The mix of academic teaching and real-world experience with CREST accredited penetration testers gives us the ability to get you through these CREST exams successfully.

Taught by experienced CRT certified penetration testers

Their job role at Samurai is to conduct CRT penetrations tests day in, day out. We regularly work on critical healthcare software that, if insecure, could costs lives. Our trainers are the best in their field.

24/7 dedicated CREST testing environment

We don’t turn off our labs, even after you’ve finished the course. You will have extended access to the environment for over a month after you’ve completed our course.

Designed for the CRT exam

Our trainers have designed this course from the ground up to give you all the necessary practical knowledge to head into the exam confident that you will pass.

In-depth tutorials

In addition to our live training course, we have created tutorials that guide you through our testing environment, even after you’ve finished.

Tailored training

We take a personal approach to our training. We make sure our pace is tailored to the skill level of our trainees.

Proprietary tools

Alongside a long list of existing hacking tools, we’ve built our own tools to save you time in the exam.

Perfect for

  • Aspiring penetration testers
  • Existing penetration testers looking to upskill
  • IT-minded individuals looking to change careers
  • Network infrastructure penetration testers
  • Web application penetration testers
  • Penetration testing trainers
  • University cyber security lecturers


A basic understanding of computer networking and TCP/IP is required, for example how IP addressing and subnet masks work and how network ports and services operate.  Moderate experience of the Linux command line is expected also.  If you intend to take the CRT exam, you will need to pass CPSA first, however, this is not a prerequisite for this course. Previous penetration testing experience is advised.

Course leaders

Neil Richardson

Technical Director

Neil has worked as an academic teaching web application, mobile and infrastructure penetration testing at several universities around the UK for 7 years before co-founding Samurai. Since, he has spent 4 years leading a talented team of CREST registered penetration testers.

Ali Malik

Senior Cyber Security Consultant

Ali has over 7 years’ experience in CRT penetration testing, secure web application development using C#, Java, JSP, PHP and Python. This gives him a unique understanding of the security of web applications and the different ways of exploitation.


  • Domain Name Server (DNS)
  • Interpreting Tool Output
  • OS Fingerprinting
  • Application Fingerprinting and Evaluating Unknown Services
  • File System Permissions
  • Management Protocols
  • Networking Protocols
  • Domain Reconnaissance
  • User Enumeration
  • Active Directory
  • Windows Vulnerabilities
  • Common Windows Applications
  • User enumeration
  • Unix vulnerabilities
  • FTP
  • Sendmail / SMTP
  • Network File System (NFS)
  • R* services
  • X11
  • RPC services
  • SSH
  • Web Server Operation
  • Web Servers & their Flaws
  • Web Protocols
  • Web Application Servers
  • Web Site Structure Discovery
  • Cross Site Scripting Attacks
  • SQL Injection
  • Parameter Manipulation
  • Microsoft SQL Server
  • Oracle RDBMS
  • Web / App / Database Connectivity

Previous training session

This is a video clip from a previous CREST training session which covers a small portion from the following modules:

  • Linux services
  • Infrastructure testing
  • Web application testing

Our aim is to give you an opportunity to ‘look under the hood’ of our training methods before you make any time or monetary-based commitments.

Potential job opportunities for successful candidates

For candidates who pass the CREST CRT exam, we may offer you real-life testing opportunities, depending on your level of skill, testing capabilities and professional acumen.

CV guidance & feedback

We assess your CV under strict criteria providing you detailed feedback on its content, layout and wording. We have a high volume of CV’s sent to us, our insight can help you improve your chances of landing a position.

Mock CRT job interviews

Their job role at Samurai is to conduct CRT penetrations tests day in, day out. We regularly work on critical healthcare software that, if insecure, could costs lives. Our trainers are the best in their field.

Continued support

You will have access to our private Samurai slack channel which will have dedicated rooms for our CRT training, giving you direct communication to our technical team even after the course has finished.

Tsujigiri - Test your abilities

Defined: Tsujigiri (辻斬り or 辻斬, literally “crossroads killing”) is a Japanese term for practice. When a samurai trains after receiving a new katana or developing a new fighting style.

Due to exam difficulty, we have developed a short qualification test. We recommend you complete this before taking our course.

Should you fail the exam and require re-training, to be eligible, you need to provide proof of a mark over 80% prior to the course, complete our training course in full, spent at least 20 hours in the lab environment, and have taken the CREST exam within 6 months of attendance. If met, you will be slotted onto one of our future courses, no questions asked.

We also recommend you self study Security+ and Network+ by CompTIA.


Completing the form below will allow us to verify your eligibility to receive discounts, we will contact you for verification purposes.

[email protected] / 0114 400 0021