SANS GXPN Review

This topic contains 30 replies, has 12 voices, and was last updated by  UNIX 6 years, 10 months ago.

  • Author
    Posts
  • #7973
     cd1zz 
    Participant
  • #50595
     azmatt 
    Participant

    Congrats!!!!

    I took my first GCIH practice test yesterday and take the real one in two weeks so I’m in a SANS mood πŸ™‚

  • #50596
     MaXe 
    Participant

    GratsΒ  ;D I look forward to read the reviewΒ  πŸ™‚

  • #50597
     UNIX 
    Participant

    Nice review – congrats, cd1zz!

    What’s next?

  • #50598
     dynamik 
    Participant

    @unix wrote:

    Nice review – congrats, cd1zz!

    Yes, congrats and thanks. As someone who was on the fence as to whether I should pay for this myself, your feedback was definitely appreciated.

    @unix wrote:

    What’s next?

    Corelan 8)

  • #50599
     SephStorm 
    Participant

    What I really appreciated was this article: http://www.pwnag3.com/2011/12/my-road-to-pen-testing.html

    Thank you.

  • #50600
     cd1zz 
    Participant

    @unix ajohnson is right. We’re in the process of getting Peter from Corelan to come to the office for a brain melting two day training session.Β  I’ve got my eyes set on the OSWE and OSEE, if they don’t kill me first.

  • #50601
     UNIX 
    Participant

    Oh, that’s great. Please be sure to write a review about his course too, as I’d be interested to read about how it is compared to CTP, AWE, and other similar courses. I’d also be interested to read about how much additional material is covered, which is not already present in his tutorials (like the module on Windows 8 ). He covers quite a few topics in a rather short amount of time, but so far all reviews I’ve read about his course were very positive.

  • #50602
     cd1zz 
    Participant

    Yeah it’s literally going to be crammed into two days, over a weekend. That’s in December, I’ll let you know…

  • #50603
     Darktaurus 
    Participant

    Congrats! Nice review! Always hard at work. When you get the OSEE/OSWE, I would love to know your thoughts on the courses.Β 

  • #50604
     Dark_Knight 
    Participant

    Congratz…check pm

    Couple questions:

    Building a Metasploit Module:
    The candidate will demonstrate a high-level understanding of how to create a Metasploit module

    Q:How does this differ from the msf module in the OSCP?

    Python and Scapy For Pen Testers
    The candidate will demonstrate an understanding of the ability to read and modify Python scripts and packet crafting using Scapy to enhance functionality as required during a penetration test

    Q: How deep do you into using scapy?

    Advanced Stack Smashing The candidate will demonstrate an understanding of how to write advanced stack overflow exploits against canary-protected programs and ASLR
    Q:Is this partial overwrite technique?

    In terms of value for money which would you say would better suite a pentester the OSCE or GXPN?

  • #50605
     cd1zz 
    Participant

    Q:How does this differ from the msf module in the OSCP?

    I took OSCP v3.0 and I don’t recall any msf sections outside of basic usage. This the SANS module is only 15 pages but its more about porting an existing PoC to a msf module

    Q: How deep do you into using scapy?

    Pretty basic, but it will get you comfortable which is enough to probably do anything you want.

    Q:Is this partial overwrite technique?

    This is specific to *nix exploitation and walks through defeating Linux SSP. It’s pretty cool stuff.

    In terms of value for money which would you say would better suite a pentester the OSCE or GXPN?

    Good question. I think if your goal is to become a better pen tester, definitely go with GXPN. There are a lot of practical techniques you can immediately walk away with and use. If your goal is to become a better exploit developer, go with both courses…

  • #50606
     dynamik 
    Participant

    Also, if you’re looking for more advanced MitM attacks (and haven’t seen it already), check out Ryan Linn’s DerbyCon talk where they embedded Lua in Ettercap. I haven’t had a chance to play around with it personally, but it looks pretty cool.

  • #50607
     Triban 
    Participant

    Nice review man!Β  SANS courses are pretty decent (they better be for the cost).Β  That is really the only negative I have on them and the GIAC certs.

  • #50608
     alucian 
    Participant

    woot!

    Congrats! This one is no 2 or 3 on my SANS list.

    Nice review!

  • #50609
     cd1zz 
    Participant

    As promised, my review of the Corelan course:
    http://www.pwnag3.com/2012/12/corelan-exploit-development-live.html

  • #50610
     Dark_Knight 
    Participant

    OSCE vs GXPN vs Corelan…go

    πŸ™‚ πŸ™‚ πŸ™‚

  • #50611
     hayabusa 
    Participant

    @dark_knight wrote:

    OSCE vs GXPN vs Corelan…go

    πŸ™‚ πŸ™‚ πŸ™‚

    ^^ ++1Β  πŸ˜‰

  • #50612
     tturner 
    Participant
  • #50613
     dynamik 
    Participant

    The Corelan course was the best training I’ve ever done, hands-down.

    I’ll try to throw up a review by the end of the year as well (slammed with work, prepping for fast-approaching OSCE), but rest assured, it’s awesome.

    Given how few opportunities there are to do it, jump at it if you ever get the chance. I’m obviously glad I did.

  • #50614
     cd1zz 
    Participant

    Because they’re all different, I’ll organize this by two goals: 1) get better at exploit dev, 2) get better at pen testing

    Goal – Ninjasize your Exploit Dev Skills
    Order of complexity from lowest to highest: GXPN, OSCE, Corelan.

    Keep in mind, the GXPN covers more than exploit dev. OSCE is 90% exploit dev and Corelan is 100%

    Corelan covers more advanced exploit dev topics than OSCE and GXPN. For example, he literally went through how the Vupen guys won Pwn2Own, step by step. Blew my mind.

    OSCE and Corelan are 100% windows, GXPN does both nix and windows.

    Goal – Ninjasize your Pen Test Skills
    Corelan isnt going to help. OSCE might help a little, but GXPN is going to win in this category. A better track for this goal is probably GPEN -> GXPN -> OSCP, or some variation of the G courses, but keeping OSCP in there πŸ™‚

    They all have some overlap and if you can take them all, they really compliment each other. Hope that helps.

  • #50615
     cd1zz 
    Participant

    @tturner I’ve heard the Immunity Master Course kicks ass. That’s hopefully next year.
    http://www.infiltratecon.com/training.html#MasterClass

  • #50616
     Dark_Knight 
    Participant

    So my next question is, when if EVER do you use your exploit-dev skills on a pentest? Most environments can be pwned without needing the heavy artillery not so?

    Your response maybe that I said most, but how often do you get to go up against an environment that requires OSCE etc skillz?

  • #50617
     cd1zz 
    Participant

    Valid question. Yes, in my experience on internal network pen tests it’s not that difficult to get domain admin. I haven’t had to use these skills on regular pen tests that often. I might have to modify a PoC or a busted metasploit module, but other than that, nothing too complex.

    However, in my role at work, I’m doing more than network pen tests slammed into short time windows. We’re looking at hardware, custom apps, etc that the client wants in depth testing on, over long periods of time. Writing an exploit for custom software is exactly what they’re paying for. I wish these were every week, but they’re not that often.

  • #50618
     dynamik 
    Participant

    @cd1zz wrote:

    @tturner I’ve heard the Immunity Master Course kicks ass. That’s hopefully next year.
    http://www.infiltratecon.com/training.html#MasterClass

    Yea, that looks amazing. I’ll need to wait until I find an employer that’ll foot that bill though.

    I assume they offer the NOP exam there. That’d be a fun one to try.

  • #50619
     UNIX 
    Participant

    Nice review, cd1zz. So were there many topics covered which are not already covered in his public tutorials?

  • #50620
     cd1zz 
    Participant

    Not a lot, in fact he refers to them for more information. However, the value in having him there is picking up on how he thinks about things or all his little tricks.

  • #50621
     azmatt 
    Participant

    That was a really good review man.

  • #50622
     UNIX 
    Participant

    I was told that GPEN is required in order to sit for the GXPN exam, however, I couldn’t find such statement on the official website. Can anyone confirm whether GPEN is required for GXPN or not? I might give it a try this year, so I’m wondering.

  • #50623
     cd1zz 
    Participant

    Nope, not a requirement. Might be a suggestion, but not a req.

  • #50624
     UNIX 
    Participant

    Thanks for the fast clarification, cd1zz!

You must be logged in to reply to this topic.

Copyright Β©2019 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?