Special Notices

In light of the most recent Government advice on the global Coronavirus (COVID-19) outbreak, which includes avoiding contact and travel, CREST has taken the decision to temporarily close its Examination Centre in the UK from Wednesday 18th March 2020.

We will be continuously reviewing the situation and will keep candidates updated on when we will be able to reopen the centre. We will be working with Candidates to minimise the impact that the temporary closure of the centre has on them, and will be in contact with anyone who is personally affected. The health and wellbeing of all concerned had to be paramount when taking this decision.

If anyone has any questions about the closure please contact sally.fitzmaurice@crest-approved.org or exambookings@crest-approved.org

Please click here for detailed information regarding the new CREST and EC Council - Certification Equivalency Recognition Programmes


The CRT course leads to the CREST Registered Tester (CRT) examination, which is recognised by the NCSC as providing the minimum standard for CHECK Team Member status and is designed to assess a candidate’s ability to carry out basic vulnerability assessment and penetration testing tasks.

The CREST Registered Tester exam is a practical assessment, where the candidate will be expected to find known vulnerabilities across common network, application and database technologies aimed at assessing the candidate’s technical knowledge of penetration testing methodology and skills against reference networks, hosts and applications.

As part of your course, you will receive an exam voucher for the CREST Registered Tester exam, subject to pre-requisite eligibility.

Target Audience

  • Aspiring information security personnel who wish to be part of a Penetration Testing team
  • Anyone meeting the prerequisites who is considering a career in Penetration Testing
  • System administrators who are responding to attacks
  • Incident handlers who wish to expand their knowledge into Penetration Testing and Digital Forensics
  • Government departments who wish to raise and baseline skills across all security teams
  • Law enforcement officers or detectives who want to expand their investigative skills
  • Information security managers who would like to brush up on the latest techniques and processes in order to understand information security implications


A pass at CPSA level is a prerequisite for the Registered Tester examination and success at both CPSA and CRT will confer the CREST Registered status to the individual. An individual passing the CPSA but failing the practical element, which is this CRT exam, will still retain the CPSA Practitioner certificate and may apply to re-take the CRT practical exam at a later date, when they feel that they are ready to do so. Individuals who pass the CRT exam can request that their information be provided to the NCSC to be considered for CHECK Team Member Status. CPSA is available as a separate course.


This 3-day hands-on course consists of nine modules:

  • Module 1 – Essential Tools & Skills
  • Module 2 – Reconnaissance
  • Module 3 – Enumeration
  • Module 4 – Assessing Remote Information Services
  • Module 5 – Assessing Remote Access Services
  • Module 6 – Assessing Web Technologies
  • Module 7 – Assessing Windows Services
  • Module 8 – Assessing Passwords
  • Module 9 - Assessing Databases

Course Outline

MODULE 1 - Essential Tools & Skills

  • Note Taking
  • Introduction to Scanning Tools
  • Introduction to Exploitation Frameworks
  • Introduction to Vulnerability Scanners
  • Practical scenario based labs

MODULE 2 - Reconnaissance

  • ARP Scanning
  • Ping Sweeping
  • Port Scanning
  • Practical scenario based labs

MODULE 3 - Enumeration

  • Extracting Important Information
  • Practical scenario based labs

MODULE 4 - Remote Information Services

  • DNS
  • NTP
  • SNMP
  • RPC
  • Practical scenario based labs

MODULE 5 - Assessing Remote Access Services

  • FTP
  • SSH
  • Telnet
  • R-Services
  • VNC
  • X11
  • SMTP
  • Practical scenario based labs

MODULE 6 - Assessing Web Technologies

  • Web Server Fingerprinting
  • Enumerating Web Applications
  • Types of Web Application Vulnerabilities (SQLi, XSS, LFI, Directory Traversal)
  • Testing for Web Application Vulnerabilities
  • Web Application Exploitation
  • Practical scenario based labs

MODULE 7 - Assessing Windows Services

  • RPC
  • NetBIOS
  • SMB
  • RDP
  • LDAP
  • Practical scenario based labs

MODULE 8 - Assessing Passwords

  • What is a Password Attack?
  • Linux Password cracking
  • Windows Password Cracking
  • Practical scenario based labs

MODULE 9 - Assessing Databases

  • Practical scenario based labs