Cатсн²² (in)sесuяitу / ChrisJohnRiley

Because we're damned if we do, and we're damned if we don't!

Tag Archives: GPEN

New Advanced Penetration Testing Class from SANS

Back in 2008, SANS released their Network Penetration Testing and Ethical Hacking class (SEC560). At the time it was listed as “SANS Security 560 is one of the most technically rigorous courses offered by the SANS Institute”. I had the pleasure of taking the class with John Strand back in 2008 and it was a great class, with a lot of great pointers for a penetration tester getting into the business. It was certainly head and shoulders above the other classes on offer.

Since then, the industry has been all about certification. New certs and classes have popped up all over the place. Just over 2 years later, and SANS have just released their new Advanced Penetration Testing, Exploits, and Ethical Hacking class (SEC660). Incorporating new techniques that build on the previous class. The new class will be given boot camp style (with evening sessions), to maximize the content.

SANS will be running the SEC660 class with Stephen Sims at the December SANS London event… Make sure to book early, if the SEC560 class is anything to go by, then this ones going to be popular!

Links :

GIAC GPEN Certified

So I never did have a chance to update my blog after my GPEN exam. As you can see by the title I passed the exam, so all is good with the world. I’m talking to SANS at the moment about working as part of their Mentor team and doing some training (or Mentoring) in Vienna at some point. I’ll hopefully flesh out the details on this at some point in December as I’m in London at the SANS London ’08 training sessions helping out with the Sec:540 VOIP and Sec:542 Web-Application Penetration testing courses.

If you’re headed to London for the SANS classes let me know….

SANS: Last prep exam, done and done

So, I finally got a chance to sit down for a few hours and finish the last of my 2 free prep exams from GIAC/SANS. Overall I’m happy with the results, but a little annoyed at a couple of the questions I missed. It’s always the easy ones that I tend to get wrong. I usually catch them as I run through the answers before clicking the dreaded APPLY or COMMIT buttons. SANS however doesn’t allow this and as soon as you answer, you’ve answered. Still, just means I need to spend a few more seconds re-reading each question and answer to make sure I’m not being a moron again.

Hopefully I’ll be taking the full test this week sometime and I’ll let you know what the results are. I’m aiming for over 90% so I can have the chance to work as a SANS Mentor in the future…. but I’ll settle for more if IO can get it.

Always aim for 100%.. at least that’s what I do 😉 Wish me luck….

SEC:560 preparations

Well I finally set aside some time to complete my first allocated practice test for the SANS SEC:560 course that I took a few months back. I’m not that happy with the final result. Then again I’m aiming for over 90% so that I can look at working in the SANS mentor program in the future. So have to set the sights high and hope for luck on the day.

The final result on the practice test was 87.33% so with a little more thinking before I start with the clicking and all should be fine. To be honest it’s not as hard as I thought it would be. Then again, I’ve studied hard for this, so maybe it’s just in my head. Good course overall, and definitely better then anything the EC-Council guys have to offer. The books alone are a masterpiece.

Next steps: A week reviewing my failures and what I missed in the exam. Then back to the second and last practice test…. repeat, recycle and go for the real thing at last. I need the exam out of the way so I can concentrate on my German classes a little more.