There are two schools of thought when it comes to advanced penetration testing: 1) becoming an expert of tools and methods and 2) becoming an expert of the vulnerabilities and exploit code. Both are valid pursuits intellectually and professionally, and they are not necessarily mutually exclusive. But diving into exploit code clearly requires knowledge of programming.
Since the question stated that you are more interested in knowledge than a certificate/certification, one course popped into my head immediately. I would recommend the InfoSec Institute's Advanced Ethical Hacking Course taught by Jack Koziol. In the course he not only covers the tools and methods such as SQL Injection, sniffing SSL encrypted sessions and Metasploit, but he also covers the code end of the equation with reverse engineering and writing your own exploit code. In addition, there is an option to sit for the Certified Expert Penetration Tester (CEPT) exam (not to be confused with the more well known cert from Mile2 CPTE), but the CEPT barely registers a blip on the security credential scene, so this is completely optional. If knowledge is your reward, Jack is your man.
This was first published in November 2006