SANS Penetration Testing

Pen-Test-A-Go-Go: Integrating Mobile and Network Attacks for In-Depth Pwnage

Josh Wright and I presented a webcast a few months back that is chock full of useful pen testing techniques from the mobile and network arenas. Based on the new SANS course, SEC561: Intense Hands-on Skill Development for Pen Testers, this webcast covers numerous useful techniques, such as:

  • Exploiting and automating data harvesting from iOS devices
  • Extracting stored secrets from iTunes backups
  • Effective Anti Virus evasion with Veil
  • Windows host compromise and privilege escalation, along with UAC bypass

The slides below cover all the tools and techniques for doing all that great stuff, and more.

The SANS SEC 561 course is 80% hands-on skill development, showing how security personnel such as penetration testers, vulnerability assessment personnel, and auditors can leverage in-depth techniques to get powerful results in every one of their projects. This innovative course uses the SANS NetWars system to help hammer home lessons in a fun and interactive way to foster in-depth knowledge and capability development.

Take a look at the webcast slides by clicking on the title slide below. Or, if you'd like to hear the sonorous voice of Mr. Josh Wright himself (along with me), click here for the full webcast:

Have fun!

-Ed Skoudis

p.s.: If you want to build your skills to get ready for SEC561, you should definitely check out my SANS SEC560 course on Network Pen Testing. I'm really looking forward to teaching 560 in March in Baltimore, April in Orlando, and May/June online via vLive. For the follow-on course, SEC561, SANS will offer it next in Orlando in April. You should check 'em both out.


Posted February 13, 2014 at 4:39 PM | Permalink | Reply


I missed the webcast and wanted to watch it, but when I when to the SANs webcast archive and registered it says "There is currently no recording available for this webcast".

Posted February 13, 2014 at 6:44 PM | Permalink | Reply

Ed Skoudis

The slides are still available, and are helpful. Unfortunately, SANS no longer makes the recording available.

Post a Comment


* Indicates a required field.