SANS Penetration Testing

SANS HackFest Twitter Contest!

We're delighted to announce a new Twitter-based contest here with a fantastic prize. And, participating in this one is really easy. Check it out! SANS Pen Test HackFest Summit & Training is coming back for another year of exciting hands-on learning opportunities in Crystal City, VA, November 2-9! We throw everything we've got into … Continue reading SANS HackFest Twitter Contest!


Azure 0day Cross-Site Scripting with Sandbox Escape

[Editor's Note: Chris Dale is an amazing gentleman. He finds Cross-Site Scripting (XSS) flaws in the most interesting and wonderful places. In this article, Chrisshares some insights into his methods and how he applied them in finding a zero-day XSS flaw associated with Microsoft Asure. Good reading! -Ed.] By Chris Dale Earlier in 2016, I … Continue reading Azure 0day Cross-Site Scripting with Sandbox Escape


iOS 10 is Apple's Gift to Android Users

How the latest update to iOS 10 will dramatically improve Android security At the Apple WWDC conference in June, Ivan Krstic, Apple Head of Security Engineering & Architecture, made a bold declaration: "At the end of 2016, Apple will make ATS mandatory for all developers who hope to submit their apps to the App Store." … Continue reading iOS 10 is Apple's Gift to Android Users


Python Cheat Sheet - pyWars (SEC573)

by: Mark Baggett Python skills are incredibly useful for all kinds of information security personnel, from pen testers to cyber defenders to forensics pros. With so many tools written in Python and so many Python libraries to work magic in just a few lines of code, I wrote a course (SANS SEC573) on how to … Continue reading Python Cheat Sheet - pyWars (SEC573)


SANS PowerShell Cheat Sheet from SEC560 Course

by Ed Skoudis PowerShell really is amazing, and comes in handy for all kinds of infosec tasks, from defense to analysis to offense. In my SANS Security 560 course, we cover PowerShell as a post-exploitation language, with all kinds of nifty tips and tricks for using it. When I teach the class, though, I notice … Continue reading SANS PowerShell Cheat Sheet from SEC560 Course