Congrats MaXe!
You'll be impressed with the certificate when it arrives

Gratz MaXe, that's awesome!

Thanks lorddicranius!


It forced me into some nice theory, about topics I hadn't read much about, until I had to prepare for the exam  

Maxe,

Congrats. I am giving some serious thought to taking it. I presume you self-studied? Can you provide info on referenced material/books?

n1p

Thanks j0rDy! If I had trusted my own opinions more, (I was thinking in "GIAC terms" on occasion), I probably would've scored a little bit higher. But it was a nice score that I found acceptable  Nothing new currently, well, besides a few projects, etc. but that is not related to this certification 


Thanks n1p! If you want the easiest way I'd go with a self-study course of SANS SEC560, but the OSCP course with perhaps OSWP, general knowledge, laws in e.g., UK, USA, Japan, Singapore, Germany and perhaps a few other countries will do much good. (Don't forget ethics, terminology, how a report is written, and other topics like these.)

It is possible to pass without any knowledge of laws, but it will probably be right on the edge. If you read The Penetration Testers Open Source Toolkit vol. 2, NIST SP800-42, skim through ISSAF, know about OSSTMM, have a good idea of the ethics and terminology of a penetration test, and have a good base knowledge within Web Application Security, Post-Exploitation, Buffer Overflows, commands in linux and windows (post-exploitation), reconnaissance, information gathering, exploits in general, password attacks, and wireless attacks, then you're good to go.

I wrote a few more things here as well:
http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,7071.msg38351/#msg38351

In short: "Jack of all Trades" (no speciality), or "Know most of the common attacks, defenses and information / technology related to these, this is your baseline for passing GPEN.

Without having studied (at all), I got a score of 77% during a practice test. (enough to pass.)
I failed primarily on laws, because they were not related to neither Denmark nor Sweden at all. Some of the terminology was a bit rusty on my part as well, but all it took was some dedication 



Thanks Agoonie! Oh it can't be compared to OSCE at all! GPEN is a good baseline certificate, but it does not give you the hardcore hands-on experience that OSCE or for that sake even OSCP does.

I haven't taken CEH yet, but I think it may be somewhat related to GPEN. Another certificate I've seen from GIAC was GSEC, it looks similar to CISSP. (I haven't done these either.)

It was nice in many ways, to obtain my second certification though 

Congrats to you also, hayabusa!  Pretty awesome knowing the knowledge level of the user-base here (and willingness to share experience and help out).  I finally have a place to go to search/ask my questions!

Congratz Hayabusa and MaXe!!!

When I passed it last November, they were very quick at sending my emails to become a SANS mentor. But they said you need to own two SANS certification before you can become a mentor. So let me know guys if you receive an email from them...