Skip to main content
AI-FocusedNewCyberLive

GIAC Offensive AI Analyst (GOAA)

Practitioner Certification
GIAC Offensive AI Analyst (GOAA)
Register nowRenew
Jump to:

The GIAC Offensive AI Analyst (GOAA) certification validates ability to apply practical, real-world offensive artificial intelligence techniques to modern cybersecurity challenges.

Certified professionals prove their proficiency in applying advanced tactics such as deepfake-enabled phishing, automated vulnerability discovery, and AI-driven attack simulations to emulate sophisticated adversaries.

Areas Covered

  • AI-powered reconnaissance & OSINT automation
  • AI-aided vulnerability discovery, patch diffing, and exploit generation
  • Malware development with AI
  • Bypassing security controls and guardrails
  • Designing and deploying AI-driven phishing
  • Legal, ethical, and OPSEC considerations

Who is GOAA for?

  • SOC & incident response analysts
  • Red team & penetration testers
  • National security & law enforcement analysts
  • Security consultants & risk managers
  • Security Engineers and Architects
  • Security managers
  • AI and machine-learning enthusiasts

CyberLive: Real labs. Real tools. Real skills.

CyberLive is a hands-on exam format that replaces traditional multiple-choice testing with performance-based challenges in realistic lab environments to validate real-world capability.

Virtual Machines:

Full-scale lab systems that behave like physical computers: install, attack, defend, and run services.

Real Security Tools:

Exact tools used by professionals every day including all the quirks and challenges

Authentic Code:

Real code, real exploits, real impacts

Learn more about CyberLive

Instructor Testimonial

Instructor Testimonial

Offensive AI began as an effort to teach security professionals the offensive AI methodologies that adversaries are actively using, from automated exploitation workflows to AI powered malware campaigns. Seeing this work formalized as the GIAC Offensive AI Analyst (GOAA) certification validates the critical need for standardized competencies in this domain. What makes this particularly significant is that it's the first GIAC certification designed around a three-day format, allowing us to maintain the depth and rigor GIAC is known for while delivering focused, actionable expertise that practitioners can immediately apply in their security operations. The gap between AI-enhanced attackers and traditional defenders is widening, and earning this certification proves you've closed it.

Foster NethercottSANS Course Instructor

Exam Format

  • 1 proctored exam
  • 56 questions
  • 2 hours
  • Minimum passing score of 67%

Note: GIAC periodically reviews and may update certification specifications to ensure fairness, validity, and reliability. Using a psychometric standard-setting study, GIAC has set the passing score for the GOAA exam at 67% for all candidates who receive the exam version released on or after January 27, 2026.

To confirm the exam format and passing score that apply to your specific attempt, please refer to the Certification Information section of your GIAC account: https://exams.giac.org/pages/attempts.

Certification Delivery

GIAC certification attempts will be activated in your GIAC account after your application has been approved and according to the terms of your purchase. Details on delivery will be provided along with your registration confirmation upon payment. You will receive an email notification when your certification attempt has been activated in your account. You will have 120 days from the date of activation to complete your certification attempt.

NOTE: All GIAC Certification exams are web-based and required to be proctored. There are two proctoring options: remote proctoring through ProctorU, and onsite proctoring through PearsonVUE. Click here for more information.

Woman Staring at Tablet

Exam Certification Objectives & Outcome Statements

  • Artificial Intelligence FundamentalsCandidates will demonstrate an understanding of core AI concepts—natural-language processing (NLP); generative techniques such as generative adversarial networks (GAN) and retrieval-augmented generation (RAG); vector databases; and custom GPTs/assistants. They will distinguish between adversarial and offensive AI and show familiarity with both commercial and open-source AI platforms.
  • Audio, Image, and Video DeepfakesCandidates will demonstrate an understanding of tools and techniques for creating audio, image, and video deepfakes for social-engineering attacks, including the key components—e.g., speech elements—needed to produce convincing content.
  • Bypassing Defensive ControlsCandidates will explain techniques for evading defensive controls, describe Windows Defender architecture and its exploitable components, and apply AI models to achieve effective defense bypass.
  • Creating Malicious Software with AICandidates will demonstrate understanding of how AI models can be used to generate malware samples for ethical penetration-testing use and craft prompts that bypass large-language-model security guardrails.
  • Creating Phishing Emails with AICandidates will demonstrate an understanding of tools such as GoPhish and the Social Engineering Toolkit (SET) and apply prompt-engineering techniques to craft high-quality phishing emails.
  • Malware FundamentalsCandidates will demonstrate an understanding of malware fundamentals—payloads, exploits, propagation vectors, droppers, and downloaders—and explain common persistence, anti-detection and anti-analysis mechanisms.
  • Network Scanning and Vulnerability DetectionCandidates will demonstrate an understanding of network-enumeration and vulnerability-scanning methodologies and tools, and integrate scan outputs into AI-agent workflows to identify and contextualize vulnerabilities.
  • Social Engineering FundamentalsCandidates will demonstrate an understanding of social-engineering attack surfaces, objectives, and psychology in penetration testing, and articulate the associated legal and ethical considerations.
  • Using AI for OSINTCandidates will demonstrate an understanding of the reconnaissance phase of penetration testing, apply AI safely and ethically during OSINT activities, and identify common OSINT data-gathering tools.
  • Using AI for Web ExploitationCandidates will demonstrate an understanding of how AI-powered tools can be leveraged to streamline workflow and execute precise web-application attacks, including SQL-injection and command-injection techniques.

Practice Tests

  • Practice exams are a simulation of the real exam, allowing you to become familiar with the test engine and style of questions
  • Practice exams can serve as a gauge to determine if your preparation methods are sufficient
  • The bank of practice questions is limited, so you may encounter the same question on multiple practice tests
  • Practice exams never include actual exam questions
  • Purchase a GOAA practice test here

How To Prepare

Other Resources

  • Training is available  in a variety of modalities including live training and OnDemand
  • Practical work experience can help ensure that you have mastered the skills necessary for certification
  • College level courses or self-paced study through other programs or materials may meet the needs for mastery
  • Understand the procedure to contest exam results

Find Affiliate Training

Explore affiliate training options to prepare for your GIAC certification exam.

Find Training Now

Subscribe to GIAC’s Monthly Newsletter

Receive expert insights, priority access to certifications, essential updates on regulatory changes and industry developments.