Resources: Whitepapers

Resources:

White Papers are an excellent source for information gathering, problem-solving and learning. Below is a list of White Papers written by penetration testing practitioners seeking certification. SANS attempts to ensure the accuracy of information, but papers are published "as is".

Errors or inconsistencies may exist or may be introduced over time. If you suspect a serious error, please contact webmaster@sans.org.

Featured Papers

This featured paper includes some really useful techniques that penetration testers should master. Read it, learn it, and live it, as you extend your skills.

Penetration Testing Whitepapers
Paper Author Certification
0day targeted malware attack Villatte, Nicolas GCIH
0x333hate.c: Samba Remote Root Exploit Embrich, Mark GCIH
WU-FTPD Heap Corruption Vulnerability - HONORS Allen, Jennifer GCIH
A Buffer Overflow Exploit Against the DameWare Remote Control Software Strubinger, Ray GCIH
A Guide to Encrypted Storage Incident Handling Shanks, Wylie GCIH
A Heap o' Trouble: Heap-based flag insertion buffer overflow in CVS Conrad, Eric GCIH
A J0k3r Takes Over Larrieu, Heather GCIH
A Management Guide to Penetration Testing Shinberg, David GCIH
A Picture is Worth 500 Malicious Dwords Hall, Timothy GCIH
A Practical Example of Incident Response to a Network Based Attack Fraser, Gordon GCIH
A Qradar Log Source Extension Walkthrough Stanton, Michael GCIH
A Study of the o_wks.c Exploit for MS03-049 Arnoth, Eric GCIH
A Swipe and a Tap: Does Marketing Easier 2FA Increase Adoption? Ackerman, Preston GCIH
A Two Stage Attack Using One-Way Shellcode Mathezer, Stephen GCIH
A Weak Password And A Windows Rootkit: A Recipe For Trouble Ives, John GCIH
Accessing the inaccessible: Incident investigation in a world of embedded devices Jodoin, Eric GCIH
Agile Security Patching Hoehl, Michael GCIH
AIX for penetration testers Panczel, Zoltan GPEN
All-Seeing Eye or Blind Man? Understanding the Linux Kernel Auditing System Kennel, David GCIH
An Analysis of Meterpreter during Post-Exploitation Wadner, Kiel GCIH
An Analysis of the Remote Code Execution Vulnerability as Described in Microsoft's MS05-002 Security Bulletin Rose, Jerome GCIH
An approach to the ultimate in-depth security event management framework Pachis, Nicolas GCIH
An Attacker On RPC Compromised Remote VPN Host Runs Arbitrary Code on Microsoft Exchange Server 2000 Ho, Wai-Kit GCIH
An Incident Handling Process for Small and Medium Businesses Pokladnik, Mason GCIH
An Overview Of The Casper RFI Bot O'Connor, Dan GCIH
Analysis and Reporting improvements with Notebooks Knowles, Ben GCIH
Animal Farm: Protection From Client-side Attacks by Rendering Content With Python and Squid. OConnor, Terrence GCIH
Anna Kournikova Worm Ashworth, Robert GCIH
Anomaly Detection, Alerting, and Incident Response for Containers Borhani, Roozbeh GCIH
Apache Web Server Chunk Handling Apache-nosejob.c Sarrazyn, Dieter GCIH
Applying Data Analytics on Vulnerability Data Dhinwa, Yogesh GCIH
Are there novel ways to mitigate credential theft attacks in Windows? Foster, James GCIH
Are You Hitting the Mark with DMARC? Mavretich, Robert J. GCIH
Attack and Defend: Linux Privilege Escalation Techniques of 2016 Long II, Michael GCIH
Attack of Slammer worm - A practical case study Huang, Dongmei GCIH
Attributes of Malicious Files Yonts, Joel GCIH
Auto-Nuke It from Orbit: A Framework for Critical Security Control Automation Hainly, Jeremiah GCIH
Automated Defense - Using Threat Intelligence to Augment Poputa-Clean, Paul GCIH
Automated Execution of Arbitrary Code Using Forged MIME Headers in Microsoft Internet Explorer Winters, Scott GCIH
Automated Security Testing of Oracle Forms Applications Varga-Perke, Balint GWAPT
Back-Door'ed by the Slammer Hally, John GCIH
Bad ESMTP Verb Usage Equals Bad Times for Exchange Smith, Aaron GCIH
Baselines and Incident Handling Christianson, Chris GCIH
BGP Hijinks and Hijacks - Incident Response When Your Backbone Is Your Enemy Collyer, Tim GCIH
BIND 8.2 NXT Remote Buffer Overflow Exploit Mcmahon, Robert GCIH
BITS Forensics Nardella, Roberto GCIH
Breaking Windows 2000 Passwords via LDAP Password Crackers Hamby, Charles GCIH
BruteSSH2 - 21st Century War Dialer Thompson, Bill GCIH
Buffer overflow in BIND 8.2 via NXT records Talianek, Chris GCIH
Burp Suite(up) with fancy scanning mechanisms Panczel, Zoltan GWAPT
BYOD Security Implementation for Small Organizations Simmons, Raphael GCIH
Bypassing Malware Defenses Christiansen, Morton GPEN
Catch the culprit! Perez, David GCIH
Cisco IOS Type 7 Password Vulnerability Massey, Lee GCIH
Cisco Security Agent and Incident Handling Farnham, Greg GCIH
Cisco.s LEAP vulnerability and the .asleap.exploit Goudie, Mark GCIH
Combating the Nachia Worm in Enterprise Environments Johnson, Brad GCIH
Computer Security Education The Tool for Today Burke, Ian GCIH
Container-Based Networks: Lowering the TCO of the Modern Cyber Range Scarbrough, Bryan GCIH
Content Security Policy in Practice Palathuruthil, Varghese GCIH
Correctly Implementing Forward Secrecy Schum, Chris GCIH
Covering the Tracks on Mac OS X Leopard Scott, Charles GCIH
Covert Channels Over Social Networks Selvi, Jose GCIH
Cracking Active Directory Passwords or "How to Cook AD Crack" Boller, Martin GPEN
Creating a Logging Infrastructure Todd, Brian GCIH
Creating Your Own SIEM and Incident Response Toolkit Using Open Source Tools Sweeny, Jonny GCIH
Cyber Breach Coaching Hoehl, Michael GCIH
Cyber Range – The future of Cyber Security training Perez Gonzalez, Carlos GPEN
Cyber Threat Intelligence Support to Incident Handling Kime, Brian GCIH
Cyber Threats to the Bioengineering Supply Chain Nawrocki, Scott GCIH
Defending with Graphs: Create a Graph Data Map to Visualize Pivot Paths Fahey, Brianne GCIH
Demystifying Malware Traffic Saxena, Sourabh GCIH
Detecting Crypto Currency Mining in Corporate Environments D'Herdt, Jan GCIH
Detecting Incidents Using McAfee Products Andrei, Lucian GCIH
Detecting Security Incidents Using Windows Workstation Event Logs Anthony, Russell GCIH
DICE and MUD Protocols for Securing IoT Devices Ayar, Muhammed GAWN
Differences between HTML5 or AJAX web applications Thomassin, Sven GWAPT
Digital Certificate Revocation Vandeven, Sally GCIH
Discovering a Local SUID Exploit Pike, Jeff GCIH
Discovering Rogue Wireless Access Points Using Kismet and Disposable Hardware Pesce, Larry GAWN
DNS Sinkhole Bruneau, Guy GCIH
Document Metadata, the Silent Killer... Pesce, Larry GCIH
Don't Knock Bro Nafziger, Brian GCIH
Donald Dick 1.55 with Last Updated GUI Component from Version 1.53 Maglich, Ryan GCIH
DreamFTP - The Nightmare Begins! Sorensen, Robert Peter GCIH
Dsniff and Switched Network Switching Bowers, Brad GCIH
Ebb and Flow: Network Flow Logging as a Staple of Public Cloud Visibility or a Waning Imperative? Taggart, Dennis GPEN
Effectiveness of Antivirus in Detecting Metasploit Payloads Baggett, Mark GCIH
Enterprise Survival Guide for Ransomware Attacks Mehmood, Shafqat GCIH
Eradicating the Masses & Round 1 with Phatbot? Fulton, Lora GCIH
Espionage - Utilizing Web 2.0, SSH Tunneling and a Trusted Insider Abdel-Aziz, Ahmed GCIH
Event Monitoring and Incident Response Boyle, Ryan GCIH
Expanding Response: Deeper Analysis for Incident Handlers McRee, Russ GCIH
Exploit Analysis Jenkinson, John GCIH
Exploiting BlackICE When a Security Product has a Security Flaw Gara-Tarnoczi, Peter GCIH
Exploiting Internet Explorer via IFRAME Becher, Jim GCIH
Exploiting the LSASS Buffer Overflow Wohlberg, Jon GCIH
Exploiting the Microsoft Internet Explorer Malformed IFRAME Vulnerability Tu, Alan GCIH
Exploiting Vulnerabilities in Squirrelmail Bong, Kevin GCIH
Extracting Timely Sign-in Data from Office 365 Logs Lucas, Mark GCIH
False Alarm...Or Was It? Lessons Learned from a Badly Handled Incident Graesser Williams, Dana GCIH
Finding Secrets in Source Code the DevOps Way Marlow, Phillip GCIH
First Response: An incident handling team learns a few lessons the hard way Cragg, David GCIH
Forensic Analysis On Android: A Practical Case Alonso-Parrizas, Angel GMOB
FreeBSD 4.x local root vulnerability -- exec() of shared signal handler Durkee, Ralph GCIH
Freezing Icecast in its Tracks McLaren, Jared GCIH
From Security Perspective, the Quickest Way to Assess Your Web Application Alduhaymi, Mohammed GWAPT
FTP Port 21 "Friend or Foe" Support for the Cyber Defense Initiative Karrick, Stephen GCIH
FTP Security and the WU-FTP File Globbing Heap Corruption Vulnerability Webb, Warwick GCIH
Fun with Batch Files: The Muma Worm Mackey, David GCIH
Getting Started with the Internet Storm Center Webhoneypot Pokladnik, Mason GWAPT
Getting Started with the Internet Storm Center Webhoneypot Pokladnik, Mason GWAPT
GIAC GCIH Assignment - Pass Harrison, Daniel GCIH
H.O.T. | Security Rocha, Luis GCIH
Hacker Techniques, Exploits, and Incident Handling Brooker, Denis GCIH
Hacking Humans: The Evolving Paradigm with Virtual Reality Andrasik, Andrew GPEN
Hardening OpenShift Containers to complement Incident Handling Holland, Kurtis GCIH
High Assurance File Filtering, It's Not Magic Gould, Adam GCIH
Hijacked Server Serves Up Foreign Bootlegged Pornography Meyer, Russell GCIH
Home Field Advantage: Employing Active Detection Techniques Jackson, Benjamin GCIH
How to Gain Control of a Windows 2000 Server Using the In-Process Table Privilege Escalation Exploit Stidham, Jonathan GCIH
How to identify malicious HTTP Requests Sarokaari, Niklas GWAPT
Hunting through Log Data with Excel Lalla, Greg GCIH
IBM AIX invscout Local Command Execution Vulnerability - HONORS Horwath, Jim GCIH
ICQ URL Remote Exploitable Buffer Overflow de Beaupre, Adrien GCIH
Identifying and Handling a PHP Exploit Edelson, Eve GCIH
Identifying Vulnerable Network Protocols with PowerShell Fletcher, David GCIH
Identity Theft Made Easy Huber, Eric GCIH
IIS 5 In-Process Table Privilege Escalation Vulnerability Fatnani, Kishin GCIH
Illustration of VS.SST@mm Virus Incident Smith, Kevin GCIH
Incident Analysis in a Mid-Sized Company Garvin, Pete GCIH
Incident Handler Case File: A New Twist to Social Engineering Hawkins, Ray GCIH
Incident Handling Annual Testing and Training Holland, Kurtis GCIH
Incident Handling in the Healthcare Cloud: Liquid Data and the Need for Adaptive Patient Consent Management Filkins, Barbara GCIH
Incident Handling Preparation: Learning Normal with the Kansa PowerShell Incident Response Framework Simsay, Jason GCIH
Incident Handling Without Guidelines McKellar, Neil GCIH
Incident Illustration - Corporate Compromise Hall, Russell GCIH
Incident Illustration - Firewall Attack Reed, Bill GCIH
Incident Illustration - HTTP Services Vulnerabilities Modelo Howard, Gaspar GCIH
Incident Illustration - Missing Files White, Scott GCIH
Incident Illustration - Mstream Gallo, Kenneth GCIH
Incident Illustration: Unauthorized LAN Access Szczepankiewicz, Peter GCIH
Incident Report for a Rootkit attack on a Fedora workstation Norman, Bonita GCIH
InfiniBand Fabric and Userland Attacks Warren, Aron GCIH
Inside-Out Vulnerabilities, Reverse Shells Hammer, Richard GCIH
Introduction to the OWASP Mutillidae II Web Pen-Test Training Environment Druin, Jeremy GWAPT
Investigative Tree Models Caudle, Rodney GCIH
IOScat - a Port of Netcat's TCP functions to Cisco IOS Vandenbrink, Robert GCIH
IOSTrojan: Who really owns your router? Santander Pelaez, Manuel Humberto GCIH
IP Masquerading Vulnerability for Linux 2.2.x - CVE-2000-0289 Baccam, Tanya GCIH
iPhone Backup Files. A Penetration Tester's Treasure Manners, Darren GPEN
iPwn Apps: Pentesting iOS Applications Kliarsky, Adam GPEN
Jolt2 or "IP Fragment Re-assembly Beciragic, Jasmir GCIH
KaZaA Media Desktop Virus: W32/kwbot Will, Rita GCIH
Knitting SOCs Imbert, Courtney GCIH
Learning CBC Bit-flipping Through Gamification Druin, Jeremy GXPN
Learning Cryptography by Doing It Wrong: Cryptanalysis of the Vigenere Cipher Druin, Jeremy GCIH
Let's face it, you are probably compromised. What next? Thyer, Jonathan GPEN
Linux NTPD Buffer Overflow Stadler, Philipp GCIH
Local Exploit: dtprintinfo for Solaris 2.6 and 7 Sipes, Steven GCIH
Local Privilege Escalation in Solaris 8 and Solaris 9 via Buffer Overflow in passwd(1) McAdams, Shaun GCIH
Lotus Notes Penetration Rademacher, Karl GCIH
M@STER@GENTS: Masters of "SPAM" Ashland, Joanne GCIH
Malicious Android Applications: Risks and Exploitation Boutet, Joany GPEN
Microsoft RPC-DCOM Buffer Overflow Attack using Dcom.c Farrington, Dean GCIH
Mobile A/V: Is it worth it? Dorris, Nicholas GCIH
MS IIS CGI Filename Decode Error Vulnerability Shenk, Jerry GCIH
Multi-Tool DVD Sets: An important addition to the Incident Handler/ Pen Tester's toolkit Bandukwala, Jamal GCIH
Mutated Code Kopczynski, Tyson GCIH
My First Incident Handling Experience Kohli, Karmendra GCIH
Neptune.c the Birth of SYN Flood Attacks Cardinal, Steven GCIH
Netscape Enterprise Server Denial of Service Exploit Smith, Tony GCIH
Network Covert Channels: Subversive Secrecy Sbrusch, Raymond GCIH
Network Printers: Whose friend are they? Hutcheson, Lorna GCIH
Nimda - Surviving the Hydra Schmelzel, Paul GCIH
NOC/SOC Integration: Opportunities for Increased Efficiency in Incident Response within Cyber-Security Hernandez, Nelson GCIH
Node Router Sensors: What just happened? Cary, Kim GCIH
Offensive Intrusion Analysis: Uncovering Insiders with Threat Hunting and Active Defense Hosburgh, Matthew GCIH
Once Bitten Twice Sly - Common Exploits Fueled by Common Mishap Melvin, John GCIH
One Admin's Documentation is their Hacker's Pentest Vandenbrink, Robert GPEN
Open Shares Vulnerability Hill, Siegfried GCIH
Pass - Questions Schultz, Tim GCIH
Pass-the-hash attacks: Tools and Mitigation Ewaida, Bashar GCIH
Pass-the-Hash in Windows 10 Cyra, Lukasz GCIH
PCI DSS and Incident Handling: What is required before, during and after an incident Moldes, Christian GCIH
PDF Metadata Extraction with Python Plaisance, Christopher GPYC
PDF Obfuscation - A Primer Robertson, Chad GPEN
Penetration Testing in the Financial Services Industry Olson, Christopher GPEN
Penetration Testing of a Secure Network Pakala, Sangita GCIH
Penetration Testing: Alternative to Password Cracking Catanoi, Maxim GPEN
Phising Attack in Organizations: Incident Handlers Perspective Ong, Leonard GCIH
Phone Phreaking and Social Engineering Tuey, Richard GCIH
PHP-Nuke: From SQL Injection to System Compromise Paynter, Eric GCIH
phpMyAdmin 2.5.7 - Input Validation Vulnerability Thurston, Tracy GCIH
Polymorphic, multi-lingual websites: A theoretical approach for improved website security Risto, Jonathan GWAPT
Port 1433 Vulnerability: Unchecked Buffer in Password Encryption Procedure Bryner, Jeff GCIH
Port 443 and Openssl-too-open Lee, Chia-Ling GCIH
Post Exploitation using Metasploit pivot & port forward Dodd, David GPEN
Practical El Jefe Vedaa, Charles GCIH
Preventing Incidents with a Hardened Web Browser Crowley, Chris GCIH
Preventing Living off the Land Attacks Brown, David GPEN
Pros and Cons of using Linux and Windows Live CDs in Incident Handling and Forensics Smith, Ricky GCIH
Psychology and the hacker - Psychological Incident Handling Atkinson, Sean GCIH
Ramen Worm Ives, Millie GCIH
Real Network's Remote Server Remote Root Exploit Lastor, Michael GCIH
Real World ARP Spoofing Siles, Raul GCIH
Relative Shell Path Vulnerability Evans, Earl GCIH
Remote Access Point/IDS Kee, Jared GCIH
Remote Exploitation of Icecast 2.0.1 Server Pittner, Jakub GCIH
Responding to Zero Day Threats Kliarsky, Adam GCIH
Reverse Engineering Srvcp.exe Zeltser, Lenny GCIH
Revisiting the Code Red Worm White, Ravila GCIH
rLogin Buffer Overflow Vulnerability - Solaris Corredor, Juan GCIH
Runtime Application Self-Protection (RASP), Investigation of the Effectiveness of a RASP Solution in Protecting Known Vulnerable Target Applications Fry, Alexander GWAPT
Secure Design with Exploit Infusion Yew, Wen Chinn GCIH
Securely deploying Android devices Alonso-Parrizas, Angel GCIH
Securing Aviation Avionics Panet-Raymond, Marc GCIH
Securing the Supply Chain - A Hybrid Approach to Effective SCRM Policies and Procedures Carbonaro, Daniel GCIH
Security Incident Handling in High Availability Environments Kibirkstis, Algis GCIH
Security Monitoring of Windows Containers Di Giorgio, Peter GCIH
Session stealing with WebMin Murdoch, Don GCIH
Shedding Light on Security Incidents Using Network Flows Gennuso, Kevin GCIH
Simple Network Management Protocol: Now More than a "Default" Vulnerability Fluharty, Daniel GCIH
Small devices needs a large Firewall Mastad, Paul GCIH
SMBdie'em All - Kill That Server Kirby, Craig GCIH
SMS, iMessage and FaceTime security Khalil, George GCIH
SMTP - Always a victim of a good time Lock, James GCIH
SMTP Loop Moderate Denial of Service: InterScan VirusWall NT & Lotus Domino Environment Roberts, Brian GCIH
Solaris in.lpd Remote Command Execution Vulnerability Seah, Meng Kuang GCIH
Solution Architecture for Cyber Deterrence Mowbray, Thomas GPEN
SQL Snake and Other Port 1433 Threats In Support of the Cyber Defense Initiative Short, Christopher GCIH
SQL Server Resolution Service Exploit in Action Hoover, James GCIH
SQL Slammer and Other UDP Port 1434 Threats In support of the Cyber Defense Initiative Ray, Edward GCIH
SQL Slammer Worm Hayden, Chris GCIH
Stack Based Overflows: Detect & Exploit Christiansen, Morton GCIH
Stay Alert While Browsing the Internet LaValley, Jim GCIH
Sub Seven: A Risk to Your Internet Security Ostrowski, Paul GCIH
Success Rates for Client Side Vulnerabilities Risto, Jonathan GCIH
Sun snmpXdmi Overflow Miller, Kevin GCIH
Support for the Cyber Defense Initiative Fresen, Lars GCIH
System infiltration through Mercur Mail Server 4.2 Ben Alluch Ben Amar, Jamil GCIH
Tackling DoD Cyber Red Team Deficiencies Through Systems Engineering Schab, John GPEN
Talking Out Both Sides of Your Mouth: Streamlining Communication via Metaphor More, Josh GCIH
Template Injection Attacks - Bypassing Security Controls by Living off the Land Wiltse, Brian GCIH
Testing stateful web application workflows Veres-Szentkiralyi, Andras GWAPT
Testing Web Applications for Malicious Input Attack Vulnerabilities Grill, Robert GCIH
The Cisco IPv4 Blocked Interface Exploit Johnson, Cortez GCIH
The Conductor Role in Security Automation and Orchestration Cakir, Murat GCIH
The December Storm of WMF: Preparation, Identification, and Containment of Exploits Voorhees, James GCIH
The enemy within: Handling the Insider Threat posed by Shatter Attacks Layton, Meg GCIH
The fascinating tale of a lame hacker, a Linux Box, and how I received permission to deploy my IDS Markham, George GCIH
The Information We Seek Ramos, Jose GCIH
The Integration of Information Security to FDA and GAMP 5 Validation Processes Young, Jason GCIH
The Microsoft IIS 5.0 Internet Printing ISAPI Extension Buffer Overflow Clemenson, Christopher GCIH
The Not-So Vicious Attacker Mossholder, Matt GCIH
The Search for "Kozirog" Weaver, Greg GCIH
The SirEG Toolkit Begin, Francois GCIH
The t0rn Rootkit Craveiro, Paulo GCIH
The Tactical Use of Rainbow Crack to Exploit Windows Authentication in a Hybrid Physical-Electronic Attack Mahurin, Mike GCIH
The Value of Contemporaneous Notes and Why They Are a Requirement for Security Professionals Enoka, Seth GCIH
Times Change and Your Training Data Should Too: The Effect of Training Data Recency on Twitter Classifiers O'Grady, Ryan GCIH
Tips and Scripts for Reconnaissance and Scanning Panczel, Zoltan GWAPT
Tracking the Back Orifice Trojan on a University Network Knudsen, Kent GCIH
Traveling Through the OpenSSL Door Murphy, Keven GCIH
Tunneling, Pivoting, and Web Application Penetration Testing Fraser, Gordon GWAPT
Uninitialized Memory Disclosures in Web Applications Varga-Perke, Balint GWAPT
Unix-style approach to web application testing Veres-Szentkiralyi, Andras GWAPT
Using DomainKeys Identified Mail (DKIM) to Protect your Email Reputation Murphy, Christopher GCIH
Using GUPI to Create A Null Box Comella, Robert GCIH
Using Open Source Reconnaissance Tools for Business Partner Vulnerability Assessment Young, Sue GCIH
Using OSSEC with NETinVM Allen, Jon Mark GCIH
Using Software Defined Radio to attack "Smart Home" systems Eichelberger, Florian GCIH
Using Sulley to Protocol Fuzz for Linux Software Vulnerabilities Warren, Aron GXPN
Using windows crash dumps for remote incident identification Chua, Zong Fu GCIH
Utilizing "AutoRuns" To Catch Malware McMillan, Jim GCIH
Valentine's Surprise Firedragging in Action de Nie, Paula GCIH
Virtual Rapid Response Systems Mohan, Chris GCIH
Visualizing the Hosting Patterns of Modern Cybercriminals Hunt, Drew GCIH
War Pi Christie, Scott GCIH
Web Application File Upload Vulnerabilities Koch, Matthew GWAPT
Web Application Injection Vulnerabilities: A Web App's Security Nemesis? Couture, Erik GWAPT
Web Application Penetration Testing for PCI Hoehl, Michael GWAPT
Web Log Analysis and Defense with Mod_Rewrite Wanner, Rick GCIH
Website Security for Mobile Ho, Alan GWAPT
What to do when you break WEP Wireless Security and the LAN Poer, Geoffrey GCIH
Widespread SNMP Vulnerabilities Brooks, Greg GCIH
Windows Shell Document Viewer shdocvw.dll Feature or Trojan Horse? Fenwick, Wynn GCIH
Windows Internet Naming Service - An Exploit Waiting to Happen Berger, Jeremy GCIH
Windows Media Services NSIISLOG.DLL Remote Buffer Overflow Smith, Steve GCIH
Winquisitor: Windows Information Gathering Tool Cardosa, Michael GCIH
Wireless LAN Honeypots to Catch IEEE 802.11 Intrusions Mitchell, Gordon GCIH
Wireless Networks and the Windows Registry - Just where has your computer been? Risto, Jonathan GAWN
Top
Latest Blog Posts

The SANS Blog is an active, ever-updating wealth of information including Penetration Testing and Ethical Hacking.

Learn More

Latest Tweets @SANSPenTest

The day has arrived! The Best Special Offers of the Year for [...]
July 9, 2020 - 9:20 PM

Back by popular demand! @MarkBaggett 's #SANSLiveOnline Tech [...]
July 9, 2020 - 7:20 PM

New to CTFs? Make sure to check out @jameslyne's brief intro [...]
July 9, 2020 - 4:45 PM

Latest Papers

Ebb and Flow: Network Flow Logging as a Staple of Public Cloud Visibility or a Waning Imperative?
By Dennis Taggart

Cyber Range – The future of Cyber Security training
By Carlos Perez Gonzalez

Preventing Living off the Land Attacks
By David Brown

"This is the best hands-on course available anywhere."
- Whitney Janes, FedEx

"Ed Skoudis is the best teacher I've ever had. He is 100% competent and professional."
- Petra Klein, FRA

"This was by far the best course I have ever taken."
- Peter Lombars, Intrucom Inc.