As a certified SAC-I you have proven the following competencies:


  • Development of own methodology
  • Preparation of structured and detailed documentation
  • Strong analytical and creative thinking skills
  • Linux & Windows Administration
  • Manual & automatic vulnerability identification and analysis
  • Manual and automatic exploitation
  • Open Source Intelligence (OSINT)
  • Information analysis
  • Profiling
  • Phishing
  • Password Attacks
  • Project management
  • Professional Documentation & Presentation
  • Compilation
  • Linux (Ubuntu, Kali, Debian)
  • Windows (XP up to Windows Server 2019)
  • Web server (Apache, Python, IIS)
  • Databases (MySQL, PostgreSQL, MSSQL)
  • Domain Name Systems (DNS)
  • Mail Services (POP3, IMAP, SMTP)
  • Manipulation of Network Traffic
  • OSI Model & TCP/IP in-depth
  • Penetration Testing Execution Standard (PTES)
  • Open Source Security Testing Methodology Manual (OSSTMM)
  • OWASP Top 10 (2017)
  • GNU Debugger (GDB)
  • Bash
  • Python
  • Perl
  • Ruby
  • PowerShell
  • C/C++
  • PHP
  • JavaScript
  • Java
  • Assembler

Certification Process

The certification process is divided into 4 phases. In each of these phases, you have a maximum number of points you can collect.

A maximum of 100 points can be collected. To pass the exam, you have to collect at least 80 points.


Phase 1 – Course material


The first phase deals with the course material.


During the study, the student has to complete exercises that earn them points.

To achieve the full score of 30 points in this phase, the student must complete

at least 60 exercises.

These tasks require creativity for problem-solving and a strong

personal commitment.

Phase 2 – Lab Environment


In this phase, the student can collect a maximum of 40 points.

The next step for the student is to build their local network environment

on which they perform a full penetration test.

The student gets 5 points for only one access with the privileges of a user and

another 5 points for only one access with privileges of an administrator

for each system.



Phase 3 – Live Presentation


Once the Lab Environment has been set up, and the reports have been written,

the student must demonstrate the full penetration test live in a

60-minute presentation via the screen-sharing session.

During the presentation, the points will be awarded according to three criteria:

  1. Content and complexity
  2. Logical and clear methodology
  3. Presentation method

A maximum of 10 points can be achieved for each criterion.

In total, the student can reach a maximum of 30 points in this phase.


Phase 4 – Rank (Bonus)

This phase is about the bonus points that the student can collect.

When the students reach the rank “Script Kiddie” on the HackTheBox Platform, they will receive an additional 5 points

Also, if they have reached the rank “Hacker”, they will receive another 5 points.


A maximum of 10 points can be earned at this phase.





SAC-I Certification