<div style="margin:20px 0 0 200px"> To view the site, enable JavaScript by changing your browser options, then <a href="">Try Again</a>.</div>

Indian School of Ethical Hacking is the only OffSec Authorised Partner in Eastern India.

The OffSec Certified OSCP - OffSec Course (PEN-200) sets the industry standard by immersing learners in the world of ethical hacking. Dive into penetration testing methodologies, tools, and techniques in a hands-on, self-paced environment.

Completing this course and passing the exam will earn you the prestigious OffSec Certified Professional (OSCP) certification. This certification is highly respected, requiring holders to demonstrate their ability to successfully attack and penetrate various live machines in a secure lab environment.

The OSCP is renowned for its technical depth, making it stand out among other ethical hacking certifications. It's one of the select few that demands practical evidence of your penetration testing skills.

Why Do OSCP Certification?

Elevate Your
OSCP Preparedness

Course Syllabus »

Gain exclusive access to recently retired
OSCP exam machines Practice
and refine your penetration testing techniques

Stay Ahead with the
Latest Tools

Learn from the Best and
Develop Your Adversarial Mindset

Jobs »


46 Hours – 2 classes per week



  1. Complete NPT1/ Get NPT1 Certification
  2. Complete WAPT1/ Get WAPT1 Certification
Course Fees

Course Fees

Class Room Training

Inclusive of all taxes and including exam and training fee and one mock OSCP exam

Online Training

Inclusive of all taxes and including exam and training fee and one mock OSCP exam

What You Will Get?

46 Hours
of in-depth training by the best cyber security experts

Industry-Designed Study Materials

Certificate of Completion after examination and alumni status

Course Benefits:

  1. Cost effectiveness
  2. Industry accepted
  3. Global recognition

Course Details

  1. The duration of the course is 46 hours at 2 hours per week
  2. The course fee is Rs. 2,20,000/- for classroom and Rs. 2,50,000/- Rs. 2,20,000/- for online
  3. The curriculum is taught combining theory and practice
Module 1: Penetration Testing with Kali Linux: General Course Introduction Hours - 3 Topics
  • Welcome to PWK (Day 1)
  • How to Approach the Course (Day 1)
  • Summary of PWK Learning Modules (Day 1)
  • The Practice of Cybersecurity (Day 2)
  • Threats and Threat Actors (Day 2)
  • Threats and Threat Actors (Day 2)
  • The CIA Triad (Day 2)
  • Security Principles, Controls, and Strategies (Day 2)
  • Cybersecurity Laws, Regulations, Standards, and Frameworks (Day 2)
  • Career Opportunities in Cybersecurity (Day 2)
  • Learning Theory (Day 3)
  • Unique Challenges to Learning Technical Skills (Day 3)
  • OffSec Methodology (Day 3)
  • Case Study: chmod -x chmod (Day 3)
  • Tactics and Common Methods (Day 3)
  • Tactics and Common Methods (Day 3)
  • Advice and Suggestions on Exams (Day 3)
  • Practical Steps (Day 3)
  • Understanding Note-Taking (Day 4)
  • Understanding Note-Taking (Day 4)
  • Writing Effective Technical Penetration Testing Reports (Day 4)
  • The Penetration Testing Lifecycle (Day 5)
  • The Penetration Testing Lifecycle (Day 5)
  • Passive Information Gathering (Day 5)
  • Active Information Gathering (Day 5)
  • Vulnerability Scanning Theory (Day 6)
  • Vulnerability Scanning with Nessus (Day 6)
  • Vulnerability Scanning with Nessus (Day 6)
  • Vulnerability Scanning with Nmap (Day 6)
  • Web Application Assessment Methodology (Day 7)
  • Web Application Assessment Tools (Day 7)
  • Web Application Enumeration (Day 7)
  • Web Application Enumeration (Day 7)
  • Cross-Site Scripting (XSS) (Day 7)
  • Directory Traversal (Day 8)
  • File Inclusion Vulnerabilities (Day 8)
  • File Upload Vulnerabilities (Day 8)
  • File Upload Vulnerabilities (Day 8)
  • Command Injection (Day 8)
  • SQL Theory and Database Types (Day 9)
  • Manual SQL Exploitation (Day 9)
  • Manual and Automated Code Execution (Day 9)
  • Target Reconnaissance (Day 10)
  • Exploiting Microsoft Office (Day 10)
  • Abusing Windows Library Files (Day 10)
  • Getting Started (Day 11)
  • Online Exploit Resources (Day 11)
  • Offline Exploit Resources (Day 11)
  • Exploiting a Target (Day 11)
  • Fixing Memory Corruption Exploits (Day 12)
  • Fixing Web Exploits (Day 12)
  • Antivirus Evasion Software Key Components and Operations (Day 13)
  • AV Evasion in Practice (Day 13)
  • Attacking Network Services Logins (Day 14)
  • Password Cracking Fundamentals (Day 14)
  • Working with Password Hashes (Day 14)
  • Enumerating Windows (Day 15)
  • Leveraging Windows Services (Day 15)
  • Abusing other Windows Components (Day 15)
  • Enumerating Linux (Day 16)
  • Exposed Confidential Information (Day 16)
  • Insecure File Permissions (Day 16)
  • Insecure System Components (Day 16)
  • Insecure System Components (Day 16)
  • Port Forwarding with *NIX Tools (Day 17)
  • SSH Tunnelling (Day 17)
  • Port Forwarding with Windows Tools (Day 17)
  • Tunnelling Through Deep Packet Inspection (Day 18)
  • Getting Familiar with Metasploit (Day 19)
  • Using Metasploit Payloads (Day 19)
  • Performing Post-Exploitation with Metasploit (Day 19)
  • Automating Metasploit (Day 19)
  • Active Directory Manual Enumeration (Day 20)
  • Manual Enumeration Expanding our Repertoire (Day 20)
  • Active Directory Automated Enumeration (Day 20)
  • Understanding Active Directory Authentication (Day 20)
  • Performing Attacks on Active Directory Authentication (Day 20)
  • Active Directory Lateral Movement Techniques (Day 20)
  • Active Directory Persistence (Day 20)
  • Enumerating the Public Network (Day 20)
  • Attacking webserver (Day 20)
  • Gaining Access to the Internal Network (Day 20)
  • Enumerating the Internal Network (Day 20)
  • Attacking the Web Application on internal server (Day 20)
  • Gaining Access to the Domain Controller (Day 20)

Hacking Tutorials

Read All Tutorials »
Building a career in Digital Forensics - How promising is the future? A thorough career guide
Building a career in Digital Forensics - How promising is the future? A thorough career guide
Read Details »

Hacking Videos

Explore All Videos »
How to Hiding Your Secret File using Steganography?
View On Youtube »

Related Course

Enroll Now »

Enroll Now

Fields marked with * are mandatory.

Know Your Faculty
Sandeep Sengupta
Sandeep Sengupta
CISA, Certified Ethical Hacker, ISO 27001:2013 Lead Auditor, Lead Privacy auditor, GDPR Implementer

21 years of experience working in India, New Zealand & Singapore; in Information Security domain as Ethical Hacker, ISO 27001 Lead Auditor / Tutor, BS 10012 Privacy Lead Auditor, Mr. Sandeep Sengupta has conducted security audit in companies like ONGC, KPMG, PWC, Airtel, Vodafone, Accenture, Capgemini, Vedanta, PayU, Bandhan Bank, ABP, etc.

He has been invited as a speaker at FICCI, VIT (Vellore), Nasscom, CII, BCCI, ICAI, ISACA, FICCI, CeBIT, US High Commission (Kolkata), etc. He has taken part in several Television shows on ABP, ETV, NDTV, AajTak, Times Now, etc. In 2005, Sandeep founded the online community "Hackers Library"; which had 80,000+ members, making it the largest Indian online forum for cyber-security professionals at its time. Mr. Sengupta is the committee member at Nasscom (East) & CII ICT-East.

Gulab Mondal
Gulab Mondal
OSCE | CISSP | OSCP | CEH | OT/SCADA Security | IOT Security | VCISO | Consultant | Master's Digital Forensics

Starting as a Self-taught pentester, Gulab holds Certified Information Systems Security Professional(CISSP), Offensive Security Certified Expert(OSCE), Offensive Security Certified Professional(OSCP) & Certified Ethical Hacker(CEH) Certifications.

As a startup Director, Gulab has worked towards building a stable and reliable cybersecurity firm with remarkable growth.

Under Gulab's leadership, ISOAH has successfully increased the delivering value to the customer, resulting in 200% growth in the business compared to the last many years.

Gulab also acts as technical team lead for any Cyber Security project at ISOAH. ISOAH successfully delivered cyber Security projects for companies like TATA STEEL, BANDHAN BANK, VEDANTA, AMRI HOSPITALS, AMBUJA NEOTIA, ELECTRO STEEL, DIAMOND BEVERAGE, CESC, SRMB, OnProcess, RIVET HAMMER, GLOBSYN, BALCO, TATA Medical Center & many more.

Sagar Neogi
Sagar Neogi

Have an experience of 5 years in handling various VAPT projects including Web Applications, Android, IOS, Cloud, Source Code Reviews, Enterprise Network and Active Directory environments. Have also performed various security testing for AMAZON AWS.

Area of interest/expertise: Active Directory Penetration Testing and Hardening of Enterprise Network Security, OT/SCADA Penetration Testing and IOT/Hardware based hacking and penetration testing.

Kirit Sankar Gupta
Kirit Sankar Gupta
B. Tech (IT), OSCP, CEH 10.0, CHFI 9.0, ISO Certified Lead Security Incident Manager (ISO/IEC 27035), ISO Certified Lead Forensic Examiner (CLFE), CCNA, CCNP

A Penetration Tester with 6 years of experience, Kirit has the expertise in Mobile Application Pentesting Network, IoT Penetration Testing, Source-code review, Fuzzing, Red teaming, Social Engineering, Digital Forensics and Incident Response, Dev(Sec)Ops, Malware Analysis as well as SOC analysis. He has been acknowledged for reporting critical vulnerabilities to Uber, Apple, Flipkart, and MIT. Mr. Kirit Sankar Gupta is the member of Data Security Council of India (Kolkata).

Saumitra Biswas
Saumitra Biswas
M Tech - Computer Science, MSc (Statistics), GATE qualified

Mr. Saumitra Biswas is M.Tech in computer science from Netaji Subhash Engineering College, GATE qualified in computer science and a MSC in statistics from Kalyani University. He has 20 years of experience. His technical interests include Machine Learning, Neural Networks, Genetic Algorithms and Object Oriented Programming. He is skilled in C, C++, C#, Dotnet, Java, Python, Matlab, Unix, MS Windows XP, Windows 7, My SQL, Oracle, MS Access, HTML, XML, CSS and PHP. He take classes on AI & ML in ISOAH, as well as act as mentors to interns & project trainees.

Amrita Acharya
Amrita Acharya
M Tech in CSE, ISO 27001 Lead Auditor (IRCA/BSI)

After completion of her Master degree, she has worked with ISOAH as an intern for few years before joining full time as secuity analyst. She has been involved in internal audit, policy design, ISMS consultancy for more than 2 years. She is well versed in Kali Linux, Nmap, Metasploit, ITGC, ISO 27001 & COBIT framework. ISOAH clients she has provided active consultancy are CESC, Diadem, Lexplosion, Diamond Beverages, etc. As part of her hobby, she has been a professional model in her free time.


Job Prospects & Job Sources

Profiles that count for OSCP Certified Individuals include:

  • Penetration Testers: Break into computer systems, networks, or applications to find and fix vulnerabilities.
  • Ethical Hackers: Use hacking skills for good to identify and fix security vulnerabilities.
  • Information Security Consultant: Provide expert advice on security measures and solutions.
  • Security Testers: Evaluate the security of systems to identify vulnerabilities.
  • Security Analysts: Monitor computer networks for security threats or unauthorized users.
  • Security Engineers: Design and build secure systems and networks.
  • Network Server Administrators: Manage and maintain network servers and related systems.
  • Firewall Administrators: Manage and configure firewalls to protect networks from unauthorized access.
  • System Administrators: Manage and maintain computer systems and networks.
  • Risk Assessment Professionals: Identify and assess risks to an organization's information and assets.

The average salary of an OSCP-certified IT employee in India is Rs 18 lakhs annually.


What competencies will you gain?
  • Learn to Identify Targets: Use information-gathering techniques to identify and enumerate targets running various operating systems and services.
  • Scripting Skills: Develop basic scripts and tools to aid in the penetration testing process.
  • Exploit Code Analysis: Analyze, correct, modify, cross-compile, and port public exploit code.
  • Attack Techniques: Conduct remote, local privilege escalation, and client-side attacks.
  • Web Application Security: Identify and exploit XSS, SQL injection, and file inclusion vulnerabilities in web applications.
  • Network Pivoting: Leverage tunnelling techniques to pivot between networks.
  • Problem-Solving Skills: Develop creative problem-solving and lateral thinking skills.
Is there any doubt clearing session?

7 days doubt clearing session.

Can I appear for a mock exam?

Yes, you can appear for a mock OSCP exam.

Member of:

Data Security Council of India