The OPST certification course participants are trained to be responsible, capable and resourceful security testers.


Why should you attend?

The OPST certification course participants are trained to be responsible, capable and resourceful security testers. Within the training course they acquire the technical skills necessary for security testing and the business skills necessary for providing justification, efficiency (security project management and controlling) and understanding contemporary business and security needs. The OPST training course is based on the Open Source Security Testing Methodology Manual (OSSTMM), the widely used, peer-reviewed, comprehensive security testing methodology. The OSSTMM provides a complete, effective and practicable methodology on performing security testing. The OSSTMM strongly focuses on the business justification of IT Security investments and is designed to be tailored into single modules to suit the corporate business objectives and industry-specific regulations.

Who should attend

  • IT specialists wanting to acquire knowledge in security testing
  • Network administrators
  • System administrators
  • Security Engineers

Learning objectives

  • Information Security Overview
  • What is the OSSTMM?
  • Security Testing Definition
  • Why Security Testing is not just hacking
  • OSSTMM Rules of Engagement, ethical Hacking, security tester Job Profile
  • Definition of system and network security testing types
  • How the OSSTMM works
  • OSSTMM Practical Security Testing
  • Security testing tools setup under Linux and Windows
  • Testing of TCP, UDP, ICMP, IP, ARP and various application level protocols such as DNS, HTTP, HTTPS, SNMP etc.
  • Open Source Security Tools (nmap, nessus, tcpdump, Wireshark etc.)
  • Professional security tester resources, investigating new tools and trends
  • Basic Security Tests from port scanning to vulnerability testing
  • Document Grinding and Information Gathering
  • Privacy
  • Advanced security tests including remote Firewall, router and IDS testing
  • Denial of Service testing, verification testing, application testing, social engineering
  • Analysis and verification of test results according to the OSSTMM
  • How to write test reports
  • OSSTMM Business Security Testing
  • Security testing project management
  • Basics of risk management


Good IT base knowledge, especially of networks and protocols (TCP/IP) and experience in command line under Linux and Windows is a plus.

General Information

  • 5 course’s days

Download the course agenda