Extra! Extra! Read all about it! This week, many of you will be receiving our brand-spankin' new SANS Pen Test Poster in the mail. Please be on the lookout, because it's got some really cool stuff on attack surfaces, tools, and techniques. It's included in the mailing with the SANS Security West brochure.
The poster is chock full of some really nifty pen test advice from some of the best pen testers I know, including:
The poster includes several sections. On one side, we've got a description of the SANS Pen Test Coins (collect all eleven!), an overview of the SANS Pen Test Curriculum, and a super updated version of the Pen Test Practice Lab Mind Map created by Aman Hardikar .M, with pointers to all kinds of great exploitable distributions and "hack-this-site" targets for you to practice and build your skills. Aman's mind maps are simply fantastic.
The reverse side includes a view of different attack surfaces in a given example target enterprise, and all the different methods, tools, and techniques pen testers can apply against such target infrastructures. We've got a couple of views of network pen testing, an approach to wireless pen testing, some web app pen testing details, and a really cool view of mobile device and infrastructure pen testing. Each one provides a step-by-step approach to penetrating the target organization, with a list of each tool used along the way.
So, you might be wondering... how can I get a poster? Well, like I mentioned above, we've dropped them in the mail to many people along with the SANS Security West (San Diego) brochure. If you don't get one in the mail, we'll have some on-hand at upcoming SANS events, and we'd be delighted to hand you one there. Alternatively, if you can't make it and just want to download a high-res copy, please click here.
If you want a printed version but didn't receive one in the mail, please reach out to me in the comment section below, and I'll be in touch.
I really do hope you enjoy the posters, and I'm really grateful for all the hard work of the SANS Pen Test Instructor team who provided such great input on this one.
Have fun pen testing all the things!!!