SANS Penetration Testing: Tag - Challenges

SANS Penetration Testing:

2015 SANS Pen Test HackFest Twitter Contest

Hey folks... check this out!

We're delighted to announce a Twitter-based contest here with a fantastic prize. And, participating in this one is really easy.

On November 16th through 23rd, SANS will be running our third annual Pen Test HackFest Summit and Training event in Washington DC. We throw everything we've got into this extra special event, including:

  • Two days of amazing,in-depth talksby leading minds of the industry, who will give you insight into the offensive tools and tactics being used today to discover an organization's vulnerabilities to potential adversaries.

  • Six days of training, with six different classes to choose from.

  • Three nights of NetWars Tournament challenges for hands-on fun and

Traffic Lights and Modbus/TCP A SEC562 CyberCity Hacking Adventure

By Joshua Wright


When the Counter Hack team started building the SEC562: CyberCity Hands-on Kinetic Cyber Range class, I knew I wanted to develop a mission that involved the Industrial Control protocol Modbus/TCP and traffic lights. Because CyberCity is 1:87 scale, I needed to build my own traffic light controller using Modbus/TCP with model-sized traffic lights, and connect them to a Modbus/TCP powered controller.

Traffic light

Part of our goals in writing the SEC562 course is to


SANS Orlando 2015 Brochure Challenge Answers and Winner

By Mark Baggett

Hello Security Pros!

Many of you have noticed that SANS has included a challenge in this year's brochure for the Orlando conference. We had 79 people submit correct answers to the puzzle. From those names, we chose one name as the grand prize winner and that grand prize winner will receive four months of NetWars Continuous!

Without further ado, here are the results...



The winner of the challenge is...Paolo Balzarini. Congratulations Paolo! And congratulations to all who were able to come up with the answers as well as a big thank you to everyone who participated.

Solution write up:

The puzzle is solved in three parts. There are many ways you could solve different portions of ...

SANS 2015 Shmoo Challenge Winners and Official Answer

by Jeff McJunkin

Greetings! Those of you who attended ShmooCon this year may have noticed a challenge from SANS included in your Shmoo bags. If you didn't attend and you want to walk through the challenge yourself for some fun, I'd recommend you look at the challenge description and avoid reading the official write-up at the end of this post until you've looked at the challenge itself.

We're always excited to see the new ways our participants will solve our challenges, and the Shmoo crowd certainly didn't disappoint! We had lots of great entries which were a pleasure to read through.

As written in the original description, the first ten participants who solved the challenge will receive a free SANS NetWars t-shirt. If you see your name below, you will also have an email sent to orchestrate the details of getting your prize to you.

Accordingly, here are those ten winners!

1. Annah


2014 SANS Holiday Hack Winners and Official Answers

[Editor's Note: Every year for eleven seasons now, SANS creates a Holiday Hack challenge for you to build your skills with real-world infosec tools and techniques, all the while having some good holiday-inspired fun, for everyone to participate in, no charge at all. If you haven't checked out our most recent SANS Holiday Hack Challenge, you should definitely read through it. This years' challenge was written by Ed Skoudis and Josh Wright, with support from Tom Hessman and the vocal stylings of James Lyne. We'll keep the challenge itself, the target servers, and the file system image available for as long as possible, so you can continue to work through it, either on your own, or referencing the official answers cited below. Have fun!!! Following immediately below is our official announcement of winners and answers. --Ed.]

Lynn Cratchit emerged from the rather toasty