SANS Penetration Testing: Category - Presentations

So You Wanna Be a Pen Tester? 3 Paths To Consider (Updated)

Tips for Entering the Penetration Testing Field By Ed Skoudis It's an exciting time to be a professional penetration tester. As malicious computer attackers amp up the number and magnitude of their breaches, the information security industry needs an enormous amount of help in proactively finding and resolving vulnerabilities. Penetration testers who are able to … Continue reading So You Wanna Be a Pen Tester? 3 Paths To Consider (Updated)


Pen Test Hackfest Talks - Some GREAT Reads

A couple weeks ago, we held our annual SANS Pen Test Hackfest, a really wonderful event where we run 3 nights of NetWars challenges, 1 night of CyberCity missions, Coin-a-palooza (where attendees can earn SANS Pen Test Coins for classes they've taken before), and much more. This year, we even went on a field trip … Continue reading Pen Test Hackfest Talks - Some GREAT Reads


How Not to Fail at a Pen Test: Slides and Stream

Earlier this week, John Strand presented a fantastic webcast that was chock full of pen test tips. This post contains the slides as well as a link to the streaming slides and webcast audio. Here's the description of the talk: In this presentation, John and Ed will cover some key components that many penetration tests … Continue reading How Not to Fail at a Pen Test: Slides and Stream


Demanding MOAR From Your Vulnerability Assessments and Pen Tests - Slides and Link

A few weeks ago, I did a presentation on Demanding MOAR from Your Vulnerability Assessments & Pen Tests. I'd like to share the slides with you now. The presentation is full of tips, some easy and others more complex, for providing extra value in vuln assessment and pen test work. Here's the official description of … Continue reading Demanding MOAR From Your Vulnerability Assessments and Pen Tests - Slides and Link


Pen-Test-A-Go-Go: Integrating Mobile and Network Attacks for In-Depth Pwnage

Josh Wright and I presented a webcast a few months back that is chock full of useful pen testing techniques from the mobile and network arenas. Based on the new SANS course, SEC561: Intense Hands-on Skill Development for Pen Testers, this webcast covers numerous useful techniques, such as: Exploiting and automating data harvesting from iOS … Continue reading Pen-Test-A-Go-Go: Integrating Mobile and Network Attacks for In-Depth Pwnage