Courses

CREST Certification Preparation

Structured, hands-on preparation for CREST penetration testing and security assessment certifications—focusing on the skills, mindset and exam-style scenarios you actually face in real assessments.

Talk to us / Enroll View detailed curriculum →
CREST Certification Preparation

Overview

CREST certifications are designed around real-world penetration testing and security assessment work: strong fundamentals, disciplined methodology and the ability to execute under time pressure.

This course focuses on those skills. Rather than memorising random tools, you’ll practice how to approach engagements, collect evidence, exploit vulnerabilities and document everything in a way that matches CREST-style expectations and real client projects.

Who this is for

  • Penetration testers targeting CREST exams (CPT, CRT, etc.).
  • Security professionals who want “consultant-grade” methodology.
  • Blue team / SOC engineers who want to understand offensive work.
  • Teams building internal pentest capability and standards.

What you’ll be able to do

  • Plan and execute structured infrastructure and web assessments.
  • Use common tools with purpose, not guesswork.
  • Link findings to risk and business impact clearly.
  • Walk into a CREST-style exam or client engagement with confidence.

Exam-aware, not exam-obsessed

The content is aligned with CREST-style expectations—methodology, depth and professionalism—but the primary goal is to make you a stronger tester in real-life projects. If your skills are solid, exams become the natural next step.

Curriculum

The curriculum follows the life cycle of a professional penetration test: from scoping and planning through to exploitation, evidence collection and reporting—mapped to CREST-style expectations.

Module 1

CREST Mindset & Assessment Lifecycle

Understanding CREST as a standard, typical assessment phases, professional conduct, legal & ethical boundaries, and what exam assessors and clients actually look for in your work.

Module 2

Scoping, Rules of Engagement & Planning

Turning vague requirements into clear scopes, understanding constraints, defining testing windows, communication plans, and planning your approach for limited-time assessments and exams.

Module 3

Information Gathering & Reconnaissance

Open-source intelligence (OSINT), DNS and infrastructure discovery, subdomain enumeration, technology fingerprinting and identifying likely attack paths before touching the target environment.

Module 4

Network Scanning & Service Enumeration

Nmap and supporting tools in depth: host discovery, port scanning, version detection, script usage, and service-specific enumeration for web, databases, remote access, mail, file services and more.

Module 5

Web Application Testing Essentials

Systematic web testing: authentication & session management, access control, injection flaws, input validation, file upload issues, misconfigurations and business logic bugs. Burp Suite workflows for CREST-style exams and client work.

Module 6

Infrastructure & Host Exploitation

Exploiting common infrastructure weaknesses: outdated services, misconfigurations, weak protocols, default credentials and poor network segmentation. Using Metasploit and manual techniques responsibly and efficiently under time limits.

Module 7

Privilege Escalation & Lateral Movement Basics

Local enumeration checklists for Linux/Windows, identifying and exploiting misconfigurations, insecure services, credential reuse and basic lateral movement in internal networks and exam-style labs.

Module 8

Password Attacks, Credential Handling & Safety

Responsible password spraying, offline cracking approaches, hybrid and dictionary attacks, and how to operate safely within exam or client limits without causing account lockouts or service outages.

Module 9

Evidence Collection & Note-taking

Building a strong evidence base: screenshots, logs, proof-of-concept steps and payloads. Efficient note-taking structures for long tests and CREST exam time windows.

Module 10

Reporting for CREST & Real Clients

Writing clear, structured reports: executive summary, methodology, finding details, risk rating, and remediation guidance. Presenting complex technical issues in a way that supports defensive improvement.

Module 11

CREST Exam Strategy & Time Management

Planning your exam attempt: host priority, timeboxing, decision-making when stuck, and how to maximise marks by balancing depth vs breadth. Dealing with stress, fatigue and unexpected technical issues.

Labs & Practice

The emphasis is on applied work: you’ll repeatedly practice CREST-like tasks in lab environments, not just hear about them in theory.

Infra & web mini-assessments

Timed lab tasks combining recon, scanning, exploitation and basic reporting to simulate the flow of CREST-style assessments.

Checklists & methodology drills

Repeated practice using structured checklists so that your approach stays consistent, even when the target or exam scenario changes.

Reporting and review practice

Short reporting exercises where you summarise a mini-assessment and receive feedback on clarity, structure and technical depth.

Prerequisites

Recommended background

  • Comfortable with Linux and Windows basics.
  • Good understanding of TCP/IP and common network protocols.
  • Some prior exposure to web or infrastructure testing is ideal.
  • eJPT/OSCP-level knowledge is helpful but not mandatory.

What you need technically

  • PC / laptop capable of running VMs or VPN-based labs.
  • Stable internet connection.
  • Virtualization software (VirtualBox / VMware) as required.

If you’re unsure about your current level, get in touch and we’ll help you decide if CREST prep is the right step or if you should start with a foundational course first.

Outcomes

By the end of this program, you should feel comfortable taking on CREST-style assessments and using that same quality of work in your day-to-day projects.

Stronger methodology

Clear, repeatable assessment process that you can apply across technologies and target environments.

Exam & interview readiness

Experience with the kind of tasks, time pressure and documentation expected in CREST exams and senior pentest roles.

Client-grade reporting

Ability to produce reports that clients and internal stakeholders can actually use to make security decisions.

Schedule & Delivery

We offer flexible formats to fit working professionals, students and teams, while maintaining enough practice time between sessions.

Mode Duration Details
Weekend cohort 4–6 weeks Longer weekend sessions with deep-dive labs, reviews and exam-style tasks.
Weekday evenings 5–7 weeks Shorter theory + demo blocks with guided self-practice between sessions.
Custom / team / academic Flexible Tailored programs for organizations or colleges, aligned to your exam or internal assessment objectives.

Pricing / Engagement Options

Fees depend on whether you join as an individual, part of a bundled track, or as a team / institution, and on lab platform choices used in the course.

Individual learners

Ideal if you’re preparing for CREST exams or upgrading from general pentesting experience to a more standardized methodology.

Ask for current fee →

Career track bundles

Combine CREST prep with other SmartFind courses (e.g., eJPT, OSCP-style, CPENT-level, DFIR, Red vs Blue simulations) to build a complete security career path.

Get bundle options →

Teams & institutions

For security teams and academic partners who want to align internal training with CREST-style standards and assessment quality.

Talk to us →

FAQs

Is this an official CREST course from the certification body?

This program is focused on skill-building and methodology aligned with CREST-style expectations. It is not about selling exam vouchers or making guarantees; the emphasis is on your capability and confidence.

Which CREST exams does this help with?

The course focuses on pen-test style fundamentals that are relevant across multiple CREST assessments (e.g., CPT/CRT style). For exact exam paths, we discuss options with you during counselling.

Will I get recordings and lab access details before enrolling?

Yes. For each batch we clearly communicate whether sessions are recorded, how long recordings are available, and how long you retain access to labs or platforms used.

I’m not sure if I’m at the right level yet. What should I do?

Reach out via the contact form. We can review your background and suggest whether you should start here or begin with a more foundational course like Linux, eJPT-level or web app security basics.

Ready to prepare for CREST with SmartFind?

Tell us your current level and target exam. We’ll help you plan a clear path with batches, labs and complementary courses that fit your goals.

Talk to us