Course Description

The ECSA program offers a seamless learning progress continuing where the CEH program left off.

The new ECSAv10 includes updated curricula and an industry recognized comprehensive step-bystep penetration testing methodology. This allows a learner to elevate their ability in applying new skills learned through intensive practical labs and challenges.

Unlike most other pen testing programs that only follow a generic kill chain methodology; the ECSA presents a set of distinguishable comprehensive methodologies that are able to cover different pentesting requirements across different verticals.

It is a highly interactive, comprehensive, standards based, intensive 5-days training program that teaches information security professionals how professional real-life penetration testing are conducted.


This course is a part of the VAPT Track of EC-Council. This is a “Professional” level course, with the Certified Ethical Hacker being the “Core” and the Licensed Penetration Tester being the “Master” level certification.

In the new ECSAv10 course, students that passes the knowledge exam are given an option to pursue a fully practical exam that provides an avenue for them to test their skills, earning them the ECSA (Practical) credential. This new credential allows employers to validate easily the skills of the student.


Ethical Hackers, Penetration Testers, Security Analysts, Security Engineers, Network Server Administrators, Firewall Administrators, Security Testers, System Administrators, and Risk Assessment Professionals.

5 days (9am – 5pm)
Minimum 40 hours

The ECSA exam aims to test a candidate’s knowledge and application of critical penetration testing methodologies. Candidates that successfully pass the multiple-choice exam will be awarded the ECSA credential. As a powerful addition to the ECSA exam, the new ECSA (Practical) exam is now available adding even more value to the ECSA certification.

Attend offical training via an EC-Council accedited training channel, or

• Possess a minimum of 2 years of working experience in a related InfoSec domain

Course outline

  • Introduction to Penetration Testing and Methodologies
  • Penetration Testing Scoping and Engagement Methodology
  • Open Source Intelligence (OSINT) Methodology
  • Social Engineering Penetration Testing Methodology
  • Network Penetration Testing Methodology - External
  • Network Penetration Testing Methodology - Internal
  • Network Penetration Testing Methodology - Perimeter Devices
  • Web Application Penetration Testing Methodology
  • Database Penetration Testing Methodology
  • Wireless Penetration Testing Methodology
  • Cloud Penetration Testing Methodology
  • Report Writing and Post Testing Actions

Information about the course and the exam

What is ECSA?

The ECSA pen-testing program takes the

tools & techniques you learned in the

Certified Ethical Hacker course &

teaches exploitation skills by applying the

skills learned in C|EH & utilizing EC-Council’s

published penetration testing methodology

Course Content

Students will receive their study kit

consisting of physcial & digital courseware,

iLabs code. iLabs will be used to complete

classroom training sessions. Students will

work with the instructor to review the tools

& learn how to apply them to the iLabs

Cyber Range.

Who’s It For?

What’s New in ECSA V10?

Course mapping

Exam Information

    EC-Council Certified Securit Analyst
    4 Hours
    ECC Exam Centre
    Multiple Choice

Contact us!