HackLab: Hands-on Hacking

How hackers work

Computer hacking is the practice of influencing computer hardware and software to accomplish a goal outside of their original purpose. A computer hacker is a person who identifies weaknesses and exploits them. Hacking is considered a complex activity. This course will explore the world of hacking and shed a light on how hackers work.

3 - 7 February 2020 | The Hague

Course objectives

This practical five-day course equips participants with hands-on black box, white box and grey box vulnerability testing. We will address testing of web applications, mobile applications, mobile devices, wireless security, host based and network based infrastructure.

The course takes the participants through the different stages of our proven methodology of information gathering, target selection and vulnerability identification and exploitation. Besides the methodology we will also discuss the different leading practices, such as OWASP and go into the different tools for vulnerability testing.  

  • Practical five-day course
  • Proven methodology of information gathering, target selection and vulnerability identification and exploitation
  • Discuss the different leading practices and go into the different tools for vulnerability testing


Course outline

Day 1
  • Introduction & Security Trends
  • Penetration testing methodology & External Infrastructure penetration test
  • Firewall security / Prevention systems
  • Physical security assessments and social engineering

Day 2

  • Recap & Infrastructure security tests
  • Infrastructure security tests continued
  • Host-based security test & Wireless security test
  • Wireless security test continued

Day 3

  • Recap & Security Architecture
  • Code review
  • OWASP top 10
  • Executing of a web application vulnerability assessment

Day 4

  • Recap & Mobile Applications and security
  • Security Operating Centres
  • Malware analysis / Incident response
  • Hacking game

Day 5

  • Recap & Interview the client
  • Vulnerability assessment execution
  • Reporting and presentation of the results
  • Evaluation and closing



The costs are € 2,500 ex VAT. Catering (lunch) and course materials are included in the price.


'Experienced and knowledgeable people, clear and deep explanation of all topics'

'The examples and challenges were good points, because they give a more explicit image of the theory that was thought' 

'The platform was great - Helpfull and friendly course instructors'

Date & location

This five-day course will be held on:

3 - 7 February 2020
The Hague

25 - 29 May 2020
The Hague

31 August - 4 September 2020
The Hague

26 - 30 October 2020
The Hague

This course starts at 9.00 a.m. and ends at 5.00 p.m.

Target group

  • Security managers
  • Application developers
  • IT professionals
  • IT auditors who have an interest in ‘Vulnerability Assessment’ and ’hacking’.

Participants of the course are expected to have a basic understanding of network, TCP/IP and Operating Systems (Windows and Linux).


The course will be given in English or Dutch, depending on the participants preferred language. The course material is in English.

Education Journey

When you followed HackLab: Hands-on Hacking, the next course that you can follow is the Red Team Operations. Also the HackLab: Malware Analysis.

HackLab: Red Team Operations.
Hacking is not exclusive to cyberspace, but can also be done in the physical world. How are these attacks performed? From gaining physical access to digitally exploiting systems without being noticed once you are in.

HackLab: Malware Analysis.
Malware stands for malicious software, scripts or code meant to aid an attacker to hack a system, keep control, steal information or to cause damage. Malware poses a large risk to an organization and having theoretical knowledge on this matter is not enough anymore. Hands-on experience is required on how to discover, analyse and fight malware and is a difficult task without the right knowledge and experience. During this hands-on course experience, participants will gain experience in the analysis of malware, from the initial approach of dissecting to the analysing of advanced malware. 

Permanent Education

Deloitte Academy is accredited by the NBA PE institution and has the NRTO label. This course qualifies for 30 PE hours. You can also register your PE-hours at the NOB or VRC.

For more information about our accreditation, we refer you to our Permanent Education page.


Until four weeks before the start of the course you may cancel your participation by email free of charge, or you may propose to attend on another date. Should you cancel within four weeks before the start of the course you will have to pay the full course fee.

In the event of insufficient participants we reserve the right to cancel the course at any time or move the date of the event. If so, you will be informed in due time.


Peter Rozier

Peter Rozier


Peter Rozier is a Manager in Deloitte’s Cyber Risk Advisory practice. He has over 10 years of experience in IT Security in various positions at Financial Institutions before rejoining Deloitte.   To t... More

Anneloes Geerts

Anneloes Geerts

Junior Manager

Anneloes Geerts is a Junior Manager in Deloitte’s Cyber Risk Advisory practice. She has over 4 years of experience in penetration testing, hacking and red teaming. These includes: infrastructure testi... More

Konstantinos Dimkas

Konstantinos Dimkas


Konstantinos is a penetration tester within the cyber team of Deloitte. His main focus is infrastructure and web/mobile application pentesting. Konstantinos also has experience in cyber crime as he ha... More