SANS GXPN Review

  • This topic has 30 replies, 12 voices, and was last updated 7 years ago by UNIX.
Viewing 30 reply threads
  • Author
    Posts
    • #7973
      cd1zz
      Participant
    • #50595
      azmatt
      Participant

      Congrats!!!!

      I took my first GCIH practice test yesterday and take the real one in two weeks so I’m in a SANS mood ๐Ÿ™‚

    • #50596
      MaXe
      Participant

      Gratsย  ;D I look forward to read the reviewย  ๐Ÿ™‚

    • #50597
      UNIX
      Participant

      Nice review – congrats, cd1zz!

      What’s next?

    • #50598
      dynamik
      Participant

      @UNIX wrote:

      Nice review – congrats, cd1zz!

      Yes, congrats and thanks. As someone who was on the fence as to whether I should pay for this myself, your feedback was definitely appreciated.

      @UNIX wrote:

      What’s next?

      Corelan 8)

    • #50599
      SephStorm
      Participant

      What I really appreciated was this article: http://www.pwnag3.com/2011/12/my-road-to-pen-testing.html

      Thank you.

    • #50600
      cd1zz
      Participant

      @UNIX ajohnson is right. We’re in the process of getting Peter from Corelan to come to the office for a brain melting two day training session.ย  I’ve got my eyes set on the OSWE and OSEE, if they don’t kill me first.

    • #50601
      UNIX
      Participant

      Oh, that’s great. Please be sure to write a review about his course too, as I’d be interested to read about how it is compared to CTP, AWE, and other similar courses. I’d also be interested to read about how much additional material is covered, which is not already present in his tutorials (like the module on Windows 8 ). He covers quite a few topics in a rather short amount of time, but so far all reviews I’ve read about his course were very positive.

    • #50602
      cd1zz
      Participant

      Yeah it’s literally going to be crammed into two days, over a weekend. That’s in December, I’ll let you know…

    • #50603
      Darktaurus
      Participant

      Congrats! Nice review! Always hard at work. When you get the OSEE/OSWE, I would love to know your thoughts on the courses.ย 

    • #50604
      Dark_Knight
      Participant

      Congratz…check pm

      Couple questions:

      Building a Metasploit Module:
      The candidate will demonstrate a high-level understanding of how to create a Metasploit module

      Q:How does this differ from the msf module in the OSCP?

      Python and Scapy For Pen Testers
      The candidate will demonstrate an understanding of the ability to read and modify Python scripts and packet crafting using Scapy to enhance functionality as required during a penetration test

      Q: How deep do you into using scapy?

      Advanced Stack Smashing The candidate will demonstrate an understanding of how to write advanced stack overflow exploits against canary-protected programs and ASLR
      Q:Is this partial overwrite technique?

      In terms of value for money which would you say would better suite a pentester the OSCE or GXPN?

    • #50605
      cd1zz
      Participant

      Q:How does this differ from the msf module in the OSCP?

      I took OSCP v3.0 and I don’t recall any msf sections outside of basic usage. This the SANS module is only 15 pages but its more about porting an existing PoC to a msf module

      Q: How deep do you into using scapy?

      Pretty basic, but it will get you comfortable which is enough to probably do anything you want.

      Q:Is this partial overwrite technique?

      This is specific to *nix exploitation and walks through defeating Linux SSP. It’s pretty cool stuff.

      In terms of value for money which would you say would better suite a pentester the OSCE or GXPN?

      Good question. I think if your goal is to become a better pen tester, definitely go with GXPN. There are a lot of practical techniques you can immediately walk away with and use. If your goal is to become a better exploit developer, go with both courses…

    • #50606
      dynamik
      Participant

      Also, if you’re looking for more advanced MitM attacks (and haven’t seen it already), check out Ryan Linn’s DerbyCon talk where they embedded Lua in Ettercap. I haven’t had a chance to play around with it personally, but it looks pretty cool.

    • #50607
      Triban
      Participant

      Nice review man!ย  SANS courses are pretty decent (they better be for the cost).ย  That is really the only negative I have on them and the GIAC certs.

    • #50608
      alucian
      Participant

      woot!

      Congrats! This one is no 2 or 3 on my SANS list.

      Nice review!

    • #50609
      cd1zz
      Participant

      As promised, my review of the Corelan course:
      http://www.pwnag3.com/2012/12/corelan-exploit-development-live.html

    • #50610
      Dark_Knight
      Participant

      OSCE vs GXPN vs Corelan…go

      ๐Ÿ™‚ ๐Ÿ™‚ ๐Ÿ™‚

    • #50611
      hayabusa
      Participant

      @Dark_Knight wrote:

      OSCE vs GXPN vs Corelan…go

      ๐Ÿ™‚ ๐Ÿ™‚ ๐Ÿ™‚

      ^^ ++1ย  ๐Ÿ˜‰

    • #50612
      tturner
      Participant
    • #50613
      dynamik
      Participant

      The Corelan course was the best training I’ve ever done, hands-down.

      I’ll try to throw up a review by the end of the year as well (slammed with work, prepping for fast-approaching OSCE), but rest assured, it’s awesome.

      Given how few opportunities there are to do it, jump at it if you ever get the chance. I’m obviously glad I did.

    • #50614
      cd1zz
      Participant

      Because they’re all different, I’ll organize this by two goals: 1) get better at exploit dev, 2) get better at pen testing

      Goal – Ninjasize your Exploit Dev Skills
      Order of complexity from lowest to highest: GXPN, OSCE, Corelan.

      Keep in mind, the GXPN covers more than exploit dev. OSCE is 90% exploit dev and Corelan is 100%

      Corelan covers more advanced exploit dev topics than OSCE and GXPN. For example, he literally went through how the Vupen guys won Pwn2Own, step by step. Blew my mind.

      OSCE and Corelan are 100% windows, GXPN does both nix and windows.

      Goal – Ninjasize your Pen Test Skills
      Corelan isnt going to help. OSCE might help a little, but GXPN is going to win in this category. A better track for this goal is probably GPEN -> GXPN -> OSCP, or some variation of the G courses, but keeping OSCP in there ๐Ÿ™‚

      They all have some overlap and if you can take them all, they really compliment each other. Hope that helps.

    • #50615
      cd1zz
      Participant

      @tturner I’ve heard the Immunity Master Course kicks ass. That’s hopefully next year.
      http://www.infiltratecon.com/training.html#MasterClass

    • #50616
      Dark_Knight
      Participant

      So my next question is, when if EVER do you use your exploit-dev skills on a pentest? Most environments can be pwned without needing the heavy artillery not so?

      Your response maybe that I said most, but how often do you get to go up against an environment that requires OSCE etc skillz?

    • #50617
      cd1zz
      Participant

      Valid question. Yes, in my experience on internal network pen tests it’s not that difficult to get domain admin. I haven’t had to use these skills on regular pen tests that often. I might have to modify a PoC or a busted metasploit module, but other than that, nothing too complex.

      However, in my role at work, I’m doing more than network pen tests slammed into short time windows. We’re looking at hardware, custom apps, etc that the client wants in depth testing on, over long periods of time. Writing an exploit for custom software is exactly what they’re paying for. I wish these were every week, but they’re not that often.

    • #50618
      dynamik
      Participant

      @cd1zz wrote:

      @tturner I’ve heard the Immunity Master Course kicks ass. That’s hopefully next year.
      http://www.infiltratecon.com/training.html#MasterClass

      Yea, that looks amazing. I’ll need to wait until I find an employer that’ll foot that bill though.

      I assume they offer the NOP exam there. That’d be a fun one to try.

    • #50619
      UNIX
      Participant

      Nice review, cd1zz. So were there many topics covered which are not already covered in his public tutorials?

    • #50620
      cd1zz
      Participant

      Not a lot, in fact he refers to them for more information. However, the value in having him there is picking up on how he thinks about things or all his little tricks.

    • #50621
      azmatt
      Participant

      That was a really good review man.

    • #50622
      UNIX
      Participant

      I was told that GPEN is required in order to sit for the GXPN exam, however, I couldn’t find such statement on the official website. Can anyone confirm whether GPEN is required for GXPN or not? I might give it a try this year, so I’m wondering.

    • #50623
      cd1zz
      Participant

      Nope, not a requirement. Might be a suggestion, but not a req.

    • #50624
      UNIX
      Participant

      Thanks for the fast clarification, cd1zz!

Viewing 30 reply threads
  • You must be logged in to reply to this topic.

Copyright ยฉ2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?