Blog: SANS Penetration Testing

Blog: SANS Penetration Testing

Winner and Official Answer to 2014 SANS Network Security Brochure Challenge

By Jeff McJunkin

Ladies. Gentlemen. Tim Medin. May I have your attention please? I'm excited to say that the time to select our SANS Brochure Challenge winners has come! If you'll remember, we started this challenge back in late July and we did something very new - we made the challenge start from within the pages of the actual SANS brochures!

We had some FABULOUS write-ups submitted, and we'd like to thank everyone who took part in the challenge. I was happily surprised to see participants using so many ways to approach the pieces of the challenge. Many folk found even easier ways than what was intended!

So, without delaying any further, I'd like to introduce our categories and winners...

For the best technical write-up, after long consideration between the Counter Hack judges, we'd like to award Dave Lassalle with

...

Stuck on the #SANSBrochureChallenge? It's Ending Soon! Read inside for hints!

By Jeff McJunkin

(Haven't heard about the SANS Brochure Challenge? Catch up by reading here.)

As fun as it's been, the SANS Brochure Challenge will be ending next week, on October 27th. Once it ends, an esteemed panel of judges (including Ed Skoudis, Tim Medin, Tom Hessman, and Jeff McJunkin) and their dart-throwing monkeys will pore through all the submitted challenge write-ups and select our winners!

If you've already submitted your write-up, remember that you can update it at any point before the deadline passes! Just send another email to the same address, with the same subject line.

What can I win?


There are three ways to win this contest -- submit the *first* report, submit the best technical write-up, or win the random draw. Until the challenge closes on October 27th (any time zone, before midnight), the ...

Bypassing iOS Lock Screens: A Comprehensive Arsenal of Vulns

[Editor's Note: With last week's release of iOS 8, we enter a new era of security fixes and issues for Apple's flagship mobile operating system. But, even this latest version faces an issue that comes up regularly with iOS and other mobile operating systems: Lock Screen Bypass. In fact, there are dozens of different ways to bypass the Lock Screen on a device, each applicable to different versions and subversions of iOS. Thankfully, Raul Siles has inventoried a whole bunch of them in this article, providing a useful reference for penetration testers who need to show the risks associated with a given iOS feature or version number. Raul also offers tips for hardening iPhones and iPads against these kinds of attacks. Nifty stuff! --Ed.]

By Raul Siles

The iOS mobile platform has been subject to numerous lock screen bypass vulnerabilities across multiple versions. Although Apple strives to fix these vulnerabilities in various updates to iOS (

...

How Not to Fail at a Pen Test: Slides and Stream

Earlier this week, John Strand presented a fantastic webcast that was chock full of pen test tips. This post contains the slides as well as a link to the streaming slides and webcast audio.

Here's the description of the talk:

In this presentation, John and Ed will cover some key components that many penetration tests lack, including why it is important to get caught, why it is important to learn from real attackers, and how to gain access to organizations without sending a single exploit.

One of my favorite slides in the presentation is John's concluding Code of Ethics. Click on the image below to download all of John's slides.

Demanding MOAR From Your Vulnerability Assessments and Pen Tests - Slides and Link

A few weeks ago, I did a presentation on Demanding MOAR from Your Vulnerability Assessments & Pen Tests. I'd like to share the slides with you now. The presentation is full of tips, some easy and others more complex, for providing extra value in vuln assessment and pen test work.

Here's the official description of the talk:

You pay good money for your vulnerability assessments and penetration tests, right? But are you getting real business value from these projects? Do you ever get the sense that your assessors and pen testers are just phoning it in, checking off boxes, and not really properly helping you improve your security stance? In this lively presentation, Ed Skoudis will provide hugely valuable tips for getting the maximum business value out of your vulnerability assessments and pen tests. With specific recommendations for people procuring such projects as well as for testers themselves, this webcast is chock full of insights for effective scoping,

...