SANS Penetration Testing: Monthly Archives: Jun 2013

Getting the Most Out of DEF CON: Some Tips for First Timers

by Ed Skoudis Are ya going to DEF CON? Thousands of hackers, infosec pros, security researchers, curious newbies, reporters, and countless others will. I've had the honor of attending the world's biggest hacker conference for 13 of the past 14 years (I missed in 2011 because my wife needed big-time surgery'' she's doing great now, … Continue reading Getting the Most Out of DEF CON: Some Tips for First Timers


Announcing: the ULTIMATE SANS Pen Test Poster!

by Ed Skoudis I am super excited to announce the release of our brand-new SANS Ultimate Pen Test Poster! Three months in the making, this poster is chock full of tips, tricks, ideas, tools, resources, references, practice environments, and much much more, all focused on helping penetration testers and related security professionals excel in their … Continue reading Announcing: the ULTIMATE SANS Pen Test Poster!


Announcement: The Network Scanning Watch List

[Editor's Note: A recurring concern among penetration testers is that a scan may have an unexpected and seriously undesirable impact on some target devices. We've all heard stories about a simple TCP SYN scan killing this or that network device or SCADA system. Wouldn't it be cool if someone built and maintained a list of … Continue reading Announcement: The Network Scanning Watch List


Part 3: Quick and Useful Tricks for Analyzing Binaries for Pen Testers

[Editor's Note: In part 3 of this series on techniques penetration testers can use to analyze executable files, Yori Kvitchko takes a look at reverse compiling code, with specific tips for Python and Java. They are often chock full of useful stuff in pen testing, and Yori provides a bunch of helpful tips in teasing … Continue reading Part 3: Quick and Useful Tricks for Analyzing Binaries for Pen Testers


Call for Speakers: SANS Pen Test Hackfest Training Event and Summit

SANS Pen Test Hackfest Training Event and Summit Call For Speakers - NOW OPEN! Dates: Summit: November 7-8, 2013 Post-Summit Courses: November 9-14, 2013 Venue: The Dupont Circle Hotel 1500 New Hampshire Avenue NW Washington, D.C. 20036, USA (202) 483-6000 The SANS Pen Test Hackfest Training Event and Summit is an ideal way to take … Continue reading Call for Speakers: SANS Pen Test Hackfest Training Event and Summit


Invasion of the Network Snatchers: Part 2

[Editor's Note: In this follow-up article, Tim Medin continues the discussion of pen testing network devices via the Simple Network Management Protocol (SNMP). He provides really helpful hints and tidbits throughout! Please check it out. -Ed.] By Tim Medin In our last episode, we attacked network gear via SNMP. We scanned for SNMP-accessible devices. … Continue reading Invasion of the Network Snatchers: Part 2