5-Day Instructor-Led Programme
he XEHP Certification Programme is the practitioner standard for ethical hackers who demonstrate real offensive capability across network, web, cloud, and active directory environments. Assessed on Day 10 by a senior practitioner through a supervised simulated engagement — no MCQs, no exam anxiety, no question bank.
Duration
5 Days
Price
$7,495
Modern organisations face adversaries who do not follow a textbook. The penetration tester who can only replicate study guide content is not the practitioner organisations need. XEHP is built for professionals who want to demonstrate genuine offensive capability — methodically, ethically, and professionally — across the full attack surface of a modern enterprise.
Across ten instructor-led days, participants build competency across the complete penetration testing lifecycle: from OSINT and reconnaissance through network infrastructure exploitation, active directory attacks, web and API testing, cloud penetration, container security, advanced evasion, and professional engagement reporting. CEH v13 covers 20 modules across 5 days then sends candidates alone to an MCQ exam. XEHP puts a senior practitioner in the room for all 10 days and evaluates actual work on Day 10.
On Day 10, participants conduct a scoped simulated engagement against a realistic enterprise target. The senior practitioner observes methodology, tooling decisions, and report quality. A Practitioner Assessment Report is issued alongside the XEHP certificate. Aligned with PTES, MITRE ATT&CK v14, OWASP Top 10 2025, NCSC CHECK methodology, NIST SP 800-115, and DoD 8140.
Live lab engagements every day: network scanning, active directory exploitation, web application and API hacking, cloud misconfiguration testing, container escapes, and evasion against defensive tooling.
Mentor-led sessions mapping real adversary tradecraft to MITRE ATT&CK v14, covering professional engagement report writing, CVSS risk rating, and executive communication of findings.
Demonstrate practitioner-level offensive security capability across network, web, cloud, and AD environments — evidenced by a signed Practitioner Assessment Report.
Design and execute structured penetration testing engagements using PTES and NIST SP 800-115 from scoping through reporting
Exploit network infrastructure, active directory environments, web applications, and APIs using current offensive tooling
Implement AD attack techniques including Kerberoasting, Pass-the-Hash, DCSync, and lateral movement in authorised environments
Assess cloud platform misconfigurations across AWS, Azure, and GCP using cloud-native offensive tools
Produce professional penetration testing reports with executive summaries, CVSS-rated findings, and remediation recommendations
Communicate engagement findings clearly to both technical teams and non-technical leadership
Minimum 12 months in an IT or security role with hands-on technical exposure to networks and systems
Working knowledge of TCP/IP networking, Windows and Linux operating systems
Basic familiarity with at least one scripting language: Python, Bash, or PowerShell
Organized by professional domains with comprehensive coverage
Master these in-demand skills through hands-on practice
A clear view of the roles this programme supports, what typically comes next, and where learners progress over time
Typical next step: XART (Advanced Red Team Practitioner) for adversary simulation depth, or XAIHP for AI offensive capability.
Choose the learning format that works best for you and your team
Instructor-Led Training
Join live instructor-led sessions from anywhere. Interactive, engaging, and flexible.
Price per person
Group enrolments and early planning options available.
Custom quotes for teams and organisations
We come to you. Training delivered at your workplace for teams of 6 or more.
Custom pricing based on:
No obligation. Response within 1 business day.
Classroom training at a professional venue. Ideal for focused, immersive learning.
Custom pricing based on:
No obligation. Response within 1 business day.
Combine online and in-person learning for maximum flexibility and impact.
Timeline tailored to learner availability
Custom pricing based on:
No obligation. Response within 1 business day.
All prices are exclusive of VAT where applicable. Group enrolments and custom packages available on request.
Not everyone learns best in a group. If you want focused guidance, faster clarity, and confidence you can use on the job, our 1-to-1 Fast-Track Training gives you private, mentor-led support tailored to your experience and goals.
"Many learners choose 1-to-1 when they want understanding, not memorisation."
Credential
On successful completion of XEHP — Xcademia Ethical Hacker Practitioner , learners receive an Xcademia Certificate of Completion. This standalone certificate is issued directly by Xcademia and recognised by employers across the UK defence and security sector.
Everything you need to know about the certification exams
You will receive an Xcademia certificate of completion based on participation and successful completion of labs and scenario simulations.
Everything you need to know about this course
CEH v13 is 5 days training followed by 125 multiple choice questions. XEHP is 10 instructor-led days ending in a supervised real engagement on Day 10. The practitioner observes your methodology and produces a signed assessment report. Employers see what you demonstrated , not a percentage score. CEH costs over $2,800 with renewal fees every 3 years. XEHP is one price, all in, permanently yours.
Take the next step in your professional development