SANS Penetration Testing

EXTRA EXTRA! The New SANS Pen Test Poster

Extra! Extra! Read all about it! This week, many of you will be receiving our brand-spankin' new SANS Pen Test Poster in the mail. Please be on the lookout, because it's got some really cool stuff on attack surfaces, tools, and techniques. It's included in the mailing with the SANS Security West brochure.


The poster is chock full of some really nifty pen test advice from some of the best pen testers I know, including:

Tim Medin
Seth Misenar
Larry Pesce
Justin Searle
Steve Sims
John Strand
Josh Wright

The poster includes several sections. On one side, we've got a description of the SANS Pen Test Coins (collect all eleven!), an overview of the SANS Pen Test Curriculum, and a super updated version of the Pen Test Practice Lab Mind Map created by Aman Hardikar .M, with pointers to all kinds of great exploitable distributions and "hack-this-site" targets for you to practice and build your skills. Aman's mind maps are simply fantastic.

2015 Poster Side 1

The reverse side includes a view of different attack surfaces in a given example target enterprise, and all the different methods, tools, and techniques pen testers can apply against such target infrastructures. We've got a couple of views of network pen testing, an approach to wireless pen testing, some web app pen testing details, and a really cool view of mobile device and infrastructure pen testing. Each one provides a step-by-step approach to penetrating the target organization, with a list of each tool used along the way.

2015 Poster Side 2

So, you might be wondering... how can I get a poster? Well, like I mentioned above, we've dropped them in the mail to many people along with the SANS Security West (San Diego) brochure. If you don't get one in the mail, we'll have some on-hand at upcoming SANS events, and we'd be delighted to hand you one there. Alternatively, if you can't make it and just want to download a high-res copy, please click here.

If you want a printed version but didn't receive one in the mail, please reach out to me in the comment section below, and I'll be in touch.

I really do hope you enjoy the posters, and I'm really grateful for all the hard work of the SANS Pen Test Instructor team who provided such great input on this one.

Have fun pen testing all the things!!!

Thank you-


Upcoming SANS Special Event - 2018 Holiday Hack Challenge


SANS Holiday Hack Challenge - KringleCon 2018

  • Free SANS Online Capture-the-Flag Challenge
  • Our annual gift to the entire Information Security Industry
  • Designed for novice to advanced InfoSec professionals
  • Fun for the whole family!!
  • Build and hone your skills in a fun and festive roleplaying like video game, by the makers of SANS NetWars
  • Learn more:
  • Play previous versions from free 24/7/365:

Player Feedback!

  • "On to level 4 of the #holidayhackchallenge. Thanks again @edskoudis / @SANSPenTest team." - @mikehodges
  • "#SANSHolidayHack Confession — I have never used python or scapy before. I got started with both today because of this game! Yay!" - @tww2b
  • "Happiness is watching my 12 yo meet @edskoudis at the end of #SANSHolidayHack quest. Now the gnomes #ProudHackerPapa" - @dnlongen


Posted May 5, 2016 at 12:22 PM | Permalink | Reply


Thanks for this poster! I recently attended CyberCity at CyberShield 2016 and picked up this poster. Awesome info''"thanks! And thanks to the SANS crew that ran the event''"top notch.

Posted May 30, 2016 at 1:33 PM | Permalink | Reply

Patrick Diebold

I'd really like to get a copy of your Pentesting Poster!
Best Regards,

Posted February 6, 2017 at 2:39 AM | Permalink | Reply

John Shields

Thanks Ed and Crew! The posters that have been coming with the catalogs the past few months have been great reference tools! Keep up the great work.

Posted February 6, 2017 at 3:07 PM | Permalink | Reply

Ed Skoudis

Thanks so much! A ton of people work so hard on the posters. I'm so thankful to work with them on this stuff, and am delighted to hear that it helps you, John!

Post a Comment


* Indicates a required field.