November 5, 2014 at 3:03 pm #8751
I’m going for 560 with the GPEN exam. Going to take it via Simulcast. Now I know the books will be sufficient but i’m starting to read Penetration Testing: A Hands-on Introduction to Hacking by Georgina Weidman, going to try to burn through as much as I can in the next week in a half through prior to the course.
Hoping for some advice before I start, any tools I need to get some practice with before I start? Any videos that would be of use to view? Anything absent more books to buy. Preferably free stuff :p, I am paying out of pocket once again. Oh, and Don, yes I will accept a vlive course if I win. 8)
I’m also going to read through this old post: viewtopic.php?f=64&t=8800
November 5, 2014 at 7:23 pm #53966hayabusaParticipant
GPEN… TBH, I self-studied that exam (got a free attempt, for completing my CEH and my OSCP)
While I can’t give you specific study info / tips for the class, itself, I can tell you that if you index your materials properly (especially the course books), I’ve heard of nobody who didn’t pass the certification exam.
The exam, itself, when I took it, was mostly book knowledge, not really anything ‘hands on’, so again, my advice would just be gather your reading materials and index well, as you can take an amount of the data into the exam with you, and the index will help you manage time with finding anything specific you can’t remember. (I think I only referenced my index twice, mostly on things like foreign country laws.)
Best of luck, and let us know how you like the course (for those of us who never actually took it).
November 5, 2014 at 10:24 pm #53967
Yeah I expect I’ll pass the exam, more interested in absorbing everything well and getting hands-on. My company is expanding our duties and i’ve asked to hook on to the pentesting team. More than the 4 letters I want to be able to keep up.
I’ll certainly review the course.
November 8, 2014 at 5:05 am #53968KrisTeasonParticipant
I’m going to +1 Hayabusa here regarding indexing your materials. Everything on the GPEN Examination is straight out of the text books. While it’s not incredibly hands-on, be sure to be able to recognize the output of various tools (like how do scans appear while sniffing with TCP Dump, etc). Be comfortable with commands to switches, and be sure to go through the book exercises.
If you have a couple practice exams, be sure to take them and log which ones you miss. When I took the exam, I had a handful of notes with references to which books and page numbers had certain topics.
Regarding tools to study up on, I advise looking into:
tcpdump, wmic, sc, sid2user, user2sid, nmap, netcat, metasploit, amap, owasp zap, aircrack suite, cain and abel, psexec, john the ripper, THC Hydra, nikto, dig, nslookup, nessus
Good news is they’re not looking for you to know the Laws anymore. The exam objectives change every so often and if you take it soon you won’t be tested on the law. With this said, it’s not a topic you want to skip. Good luck with the exam. You will have a blast in the course!
November 8, 2014 at 9:53 pm #53969
Thanks Kris, that is really helpful.
- You must be logged in to reply to this topic.