Tag: Penetration Testing

GIAC, GIAC GXPN, GXPN Exam, Writing exploits

Passed GIAC GXPN Exam

Hey guys, I challenged and passed certification exam for SANS 660 – GIAC Exploit Developer and Advanced Penetration Tester (GXPN) recently.

As with most of my previous GIAC exams, I did a self-study for GXPN as well. SANS / GIAC categorizes this exam / course as ‘Advanced’ so keep that in mind when preparing.

Exam objective break up list is available on GIAC GXPN site and must be the first place to prioritize study plan. As I see it, there are 2 sections to plan for.

GIAC, GIAC GWAPT, GWAPT Exam

Passed GIAC GWAPT Exam

First update of this year.

I sat for & passed the SANS GIAC Web Application Penetration Testing – GWAPT – exam on January 14, 2012. I found the exam was pretty tough as compared to the previous GIAC exams I had attempted – GPEN, GCIH, and GREM.

Analysis

[Metasploit Pro] Client-side exploitation

This write-up shows how you can get up & running with client-side / phishing assessment using Metasploit Pro 4.0.

Let’s start by creating a new project. …