India's leading non-profit foundation advancing national cyber security and professional ethics at workplace

AICTE NEAT 2.0 approved

NSD Certified Penetration Tester (NCPT)


NSD Certified Penetration Tester certification is a recognized empanelment program for information security professionals with hands-on proven experience in vulnerability analysis and penetration testing.

The program is a foundation for many other job roles including Security Information and Event Management (SIEM), Computer Forensics, Web Application Security, ISO 27001 Compliance, PCI-DSS, Internal IT Security Audit etc. The course includes:

01  Video sessions

You get access to pre-recorded video sessions with detailed explanation of tools and methods

02  Live sessions

In addition, you also get trainer led sessions to better understand and cement your learning

03  Virtual Labs

Practice your skills in a safe environment with online virtual labs provided by Cyberange – Over 500+ Hands-on Labs!

04  Reading material

Get access to reading material, also in audio form for ease of learning and understanding

0 +
Hours of Live Sessions
0 +
Online Virtual Labs
0 +
Hours of Reading Material

browse our plans

Select a plan which best suits you and earn your National Security Database Certification

Diverse computer hacking shoot


If you are a beginner and would like to expand your knowledge of penetration testing, this plan is for you

Devastated female hacker after trying to hack a firewall


If you have a sound knowledge of linux based systems and would like to take your skillset to the next level, this plan is for you

Your Benefits


For all students who clear the Falcon level


Connect with the best minds in Infosec domain 

Fast-track Your Career

Certification from NSD means faster job opportunities

Interview Support

Get support for job interviews on successfully clearing the lab exams

Proven Skills

With 30 days of Virtual labs, you will have proven hands-on skills to handle your next big job

CPS Labs

Get training on the Cyber-Physical Systems based Smart City simulator on IoT and SCADA security

Course Content

Understanding the ethics and culture behind the motivation and behaviour of hackers and security researchers is essential to gain the right perspective in not only handling and anticipating security incidents but also respecting the effort of hackers in modernising and securing much of today’s technology. The domain tests a candidate’s knowledge on the current trend of hacker ethics and beliefs.

The candidate is expected to research on various hacker groups, their language, lingo used, broad activities etc. and understand their motivation. Depending on the exam paper, you may be asked to write a short essay of 300 words during the exam on this subject.

Running a business is not easy. With high capital costs, manpower costs and maintenance, most organizations focus on ensuring they are able to market and sell their services and products in a profitable manner. With thin profit margins, Information security and its associated costs is always the last aspect of investment.

Even as organizations do invest in Information security, there are multiple internal challenges of skilled manpower, limitations of resources, time consuming processes and funds. There is always an opportunity to make mistakes that can compromise the organization network and it’s sensitive information by a persistent attacker. The objective of this domain to make the candidate realise that it is always possible to hack any organization, no matter how big or small.

One of the most important skills for a penetration tester, detailed information gathering can often give insight and leads for hard-to-find deployed systems.

This domain, in the context of the examination focuses on candidate’s skill to plan and collect information about a target organization or its assets for effective use in further vulnerability analysis and penetration testing.

The candidate is tested on their knowledge for effectively using search engines such as BING, Google, Shodan etc and documenting their findings for further use.

From making a phone call to an unsuspecting employee for gathering sensitive information to sending a legitimate looking email to hack accounts, Social Engineering is one of the most successful techniques used by the attackers against their targets.

We look at how hackers exploit love, faith, belief, trust, anger, hatred, generosity etc. for their gains and advantage by social engineering.

Some of the questions expected in the lab exam include drafting an email to a target for gaining trust, crafting a phishing mail, approaches for using social media to gain credibility or proving their story to a possible victim etc.

Finding vulnerabilities in systems and compromising them is a key skill for a successful penetration tester. This can be done best by professionals who understand the systems and their workings in detail. The domain focusses on various offensive attacks to bypass systems security.

From the context examination, the candidate will be tested for technical competencies on using various offensive tools and their approach to compromise a system. Information Security professionals must constantly upgrade their knowledge in this domain.

Passwords are the basic form of protection used by network devices and systems for allowing access to resources. Each system or technology may employ a different approach for using and managing passwords for access control and hence a strong knowledge of various password hacking techniques is crucial for security professional conducting an assessment.

Some of the areas covered in this domain include use of steganography, rainbow tables, decrypting password hashes, using brute force techniques etc. The candidate may be assessed for their skills in using the right approach to gain passwords for a system in a limited time.

Malwares are the most prized weapons of attackers as they provide extraordinary capabilities in accessing infected systems and networks. With over a million new malware variants released every six months on the internet and a few dozen anti-virus companies to defend against them, the battle among the enterprise and the attackers is constantly increasing in complexity.

A good understanding of various malwares such as viruses, Trojans, worms, rootkits, botnets etc is essential to allow a professional in handling a compromised system. While use of malwares in a penetration testing assignment is unconventional, it should not be prohibited as it is the only way to test the effectiveness of deployed anti-measures.

The examination involves testing a candidate’s skill and knowledge of handling a malware and using them for effectively compromising systems.

Denial of service attack is the most common form of network attack used by attackers to voice their protest or take down an organization. As a penetration tester, it is important to test how vulnerable an asset or a network is from this attack. From the context of examination, a candidate may be tested for their knowledge of such attacks and countermeasures commonly used.

This domain also covers Web application security and the candidate is expected to be well versed with OWASP Top 10 attacks with hands-on experience. The examination includes detailed testing of skills in web application hacking and security.

This is the most advanced and important domain in examination. From using a remote exploit to a local exploit, the skill mostly allows the attacker to gain administrative access to the targeted system.

The examination includes testing of pivoting skills, using metasploit, compiling and running exploits, using zero days etc. The approach of the candidate in their choice of exploit and use is also ranked.

In this module, we focus on various methods of reporting and how to present the findings professionally to the senior management.

Recognized by NEAT 2.0, Ministry of Education

With over 20,00,000 jobs available in India alone, it is increasingly becoming difficult for companies to find good cybersecurity professionals. Organizations no longer want to trust professionals who become “ethical hackers” by simply passing an online objective-based exam, as they seldom have the real-world perspective and confidence to execute the job once given. Professionals with incomplete knowledge are not only putting their organization at risk, but also their Nation, as they handle sensitive projects impacting the economy of the country.

The National Security Database is the only not-for-profit program, well recognized and respected by various Corporate and Government organizations for its stringent process and hands-on lab exams for assessing the credibility of a professional.


Fully online hands-on Labs

Virtual Labs Demo

30-days access included!
Play Video

Instantly get pre-configured vulnerable systems in a network along with kali Linux in a private cloud for hands-on practical of topics.

Special offer for students

If you are a college/university student, fill out the form by clicking on the 'get started' button, upload your student id and avail discounts.



  • FOR AICTE College students Only
    INR 17,700
    (INR 15,000 + GST)

    For OTHERS
    INR 29,500
    (INR 25000 + GST)
  • Includes 2 Theory Exam Attempts
  • All features under Standard Plan


INR 53,100
  • (INR 45,000 + GST)
  • Includes 2 Lab Exam Attempts
  • All other features under Expert Plan

Need Help?


Find answers to all your questions about the course here

The online videos for both Standard and Expert plan are self-paced while the live sessions are conducted every month or alternate months

Standard program is meant for beginners with a basic knowledge of Linux while Expert is for people with sound knowledge of Kali Linux tools and theory

Yes, we have EMI options available for both Standard and Expert program. For more details, please write to

Training Dates



12:00 to 02:30 PM

  • 8th January
  • 9th January
  • 15th January
  • 16th January
  • 22nd January
  • 23rd January
  • 29th January
  • 30th January
EXAM – 30th January 2022



12:00 to 02:30 PM

  • 5th February
  • 6th February
  • 12th February
  • 13th February
  • 19th February
  • 20th February
  • 26th February
  • 27th February
EXAM – 27th February 2022




12:00 to 02:30 PM

  • 5th March
  • 6th March
  • 12th March
  • 13th March
  • 19th March
  • 20th March
  • 26th March
  • 27th March
EXAM – 27th March 2022

Exam dates for Falcon (Expert) level will be announced from time to time.