MCSI Certifications are world-class. The content is cutting-edge, uniquely-designed, hands-on and challenging. Our exercises teach in-demand skills that are immediately applicable in the field. MCSI's unique approach helps students around the world advance their careers.
This Certification has no expiry date. It has no renewal fees, no hidden fees, and is accessible with no time limits.
MCSI Certified Penetration Tester:
Understand the vulnerability research and exploitation process in full
Develop custom penetration testing tools
Master the major penetration testing tools and use them when it’s appropriate
Perform code reviews and dynamic fuzzing
Write penetration testing proposals and reports that delight customers
Lab setup - 4 exercises
Information Gathering - 4 exercises
NMAP - 16 exercises
Metasploit - 13 exercises
Mimikatz - 5 exercises
Vulnerability Scanning - 4 exercises
Complementary Tools - 5 exercises
Custom Malware Development - 4 exercises
Web Application Penetration Testing - 26 exercises
Memory Corruption Vulnerabilities - 4 exercises
Documentation and Procedures - 5 exercises
Capability Development - 6 exercises
Patch Analysis - 3 exercises
Secure Code Reviews - 4 exercises
Penetration Testing Challenges - 4 exercises
Operation Mission Impossible - 9 exercises
Below are three (3) exercises from the 100+ exercises available in MPT - Certified Penetration Tester:
Write An Application Vulnerable To Cross-Site Scripting (Novice)
Use John The Ripper To Crack MySQL, MSSQL, And Postgres Credentials (Advanced Beginner)
Ability to comfortably read and understand IT documentation written in English. Ideally, an IELTS score of 6.5 with no band less than 6 (or equivalent).
Note: You can register for this course without having undertaken an English test.
We recommend that you have some experience in software programming prior to registering for this course.
The preferred programming languages for this course include: Python, PHP, SQL, and some basic C.
Knowledge of basic C and Assembly will also prove helpful for the reverse engineering exercises.
Here's a list of things for you to confirm whether you're at the right level:
Write basic web applications in PHP or something equivalent
Have used and configured a database such as MySQL
Have written authentication pages and code to manage user sessions
Be comfortable with command line utilities and tools
Be capable of installing Windows and Linux virtual machines in something like VirtualBox
Have some experience troubleshooting and resolving software errors
Frequently Asked Questions
What is the MCSI Method™?
Are solutions included in certifications and bundles?
No. Our method of teaching cyber security consists of challenging you with real-world problem statements that you're expected to research and solve by doing your own research. This is how you'll be expected to work in the field. When you fail an exercise, we provide you with constructive feedback to improve and try again.
Do the videos provides the answers to exercises?
No. The videos teach concepts, mindset, methodologies, procedures and professional skills such as report writing, interviewing and preparing proposals.
Do bundles, training content, or certificates ever expire? Am I expected to buy again in the future?
Once purchased, bundles and certificates are unlocked forever. They are no recurring or ongoing fees.
Do I need to buy the training and the certification separately?
No. The price provided covers both. You only pay once.
Do you offer any special offers and discounts?
If I can't solve the exercise where do I go for help?
We have an online forum where you can ask questions and our team of professional instructors will help you out.
An `Unofficial Curriculum` contains MCSI's practical exercises aligned to a non-MCSI Industry Certification syllabus.
We offer unofficial curriculums for the OSCP, ISACA CISA, ISACA CISM, ISACA CRISC, CCT ICE, CCSAS, CCT ACE.
Do you provide Continuing Professional Education (CPE) credits?
Yes. Every single exercise offers CPE credits. The number of credits earned depends on the difficulty of the exercise completed. Below are the CPE Credits achieve for an exercise in each difficulty:
Novice exercises = 1 CPE credits
Advanced Beginner exercises = 2 CPE credits
Competent exercises = 5 CPE credits
Proficient exercises= 8 CPE credits
Beyond Proficient exercises = 16 CPE credits
Are MCSI courses/certifications recognized and have value outside of Australia?
Yes. MCSI certifications have value worldwide and are recognized by employers looking for individuals with practical cyber security skills.
MCSI's training is 100% practical with real cybersecurity problems designed to teach immediately applicable skills in the field. To solve our practical exercises, students must do their own research and develop their own solutions.
While completing exercises, students also develop their own comprehensive cybersecurity portfolio of skills. Individuals use this portfolio to demonstrate their cybersecurity competencies to solve real industry problems to future employers or hiring managers.
Do I need to complete an exam to receive MCSI Certification?
No. MCSI Certifications are completed by solving practical cybersecurity exercises.
This certification successfully prepares you for the following
Vulnerability Assessment Analyst
Training Curriculum and Certifications
Students unlock Certificates of Completion for every exercise they complete. Industry Certifications are unlocked upon achieving Skills Proficiency Milestones.
Obtain CPE points by solving exercises
Achieve multiple certifications
Receive help from instructors online
MCSI's MPT certification covers all six levels of the Australian Signals Directorate's Cyber Skills Framework. You will achieve a certificate upon reaching each level. You will earn an industry certification at Level 5. Click here to learn more.
ASD Skills Proficiency Level
Curriculum Completion Requirement
Scenarios Completion Requirement
MCSI Penetration Testing Learner
MCSI Novice Penetration Tester
MCSI Penetration Testing Practitioner
MCSI Senior Penetration Testing Practitioner
MCSI Certified Principal Penetration Testing Practitioner
As an MCSI Certified Penetration Tester you will be fully capable of performing the following:
Identify and exploit the most common web application vulnerabilities. For example:
Arbitrary Command Execution
Identify and exploit the most common infrastructure vulnerabilities. For example:
Missing critical security patches
Dumping and reusing credential
Lateral movement and pivoting
Identify and exploit memory corruption vulnerabilities. For example:
Reverse engineering network protocols
Bypass stack cookies, ASLR, NX/DEP
Return Oriented Programming
Write custom attack tools using scripting languages:
Use all the major penetration testing tools:
John the Ripper / Hashcat
Amazed. I have certifications from other popular penetration testing certifications and wish the MPT was the first and only one I completed. The MPT Certification defines what hands-on practical expertise is. Each exercise is like I am working on a real penetration test.
Penetration Tester, Retail Industry
I enrol all of my Penetration Testers in the MPT because it allows me to assess their current capabilities, and plan a pathway for growth. Using the MPT curriculum as a challenging learning pathway benefits the individual and the team. The MPT is excellent and has provided cost effective, practical training to take someone on my team as a Junior, and know that he/she will have the skills required to be at a senior level.
Penetration Testing Manager, Financial Services
I enrolled in the MPT 6 months ago when I was first hired as a full-time Penetration Tester to develop my technical skill set and grow my career. After six months of completing the technical exercises, my skill set has grown more than I could have imagined. I am consistently using advanced techniques that I have learnt from the MPT in my day-to-day work.
Graduate Penetration Tester, Consulting Services
Why MCSI’s Penetration Testing Certification is World Class
Comprehensive, Effective, Exceeds Standards
Holders of the MPT Certification have completed 100 practical online exercises thus demonstrating that they have the skills and knowledge required to deliver web, mobile and infrastructure penetration tests. Students take an average of 6 months to complete these exercises.
Students who have obtained this Certification have demonstrated that they have a full understanding of the vulnerability research and exploitation process. This Certification focuses on the internals of how vulnerabilities are identified and exploited rather than remembering commands for tools (though it does cover tools as well).
Many of the challenges that students must pass to obtain this certification require students to write software in scripting languages. This guarantees that penetration testers certified by MCSI understand how vulnerabilities are created and what it takes to write custom exploitation tools.