sans.org/sec560 • Watch a preview of this course • Discover how to take this course: Online, In-Person SEC560: Enterprise Penetration Testing As a cybersecurity professional, you have a unique responsibility to identify and understand your organization s vulnerabilities and work diligently to mitigate them before the bad actors pounce. Are you ready? SEC560, the flagship SANS course for penetration testing, fully equips you to take this task head-on. In SEC560, you will learn how to plan, prepare, and execute a penetration test in a modern enterprise. Using the latest penetration testing tools, you will undertake extensive hands-on lab exercises to learn the methodology of experienced attackers and practice your skills. You’ll then be able to take what you’ve learned in this course back to your office and apply it immediately. This course is designed to strengthen penetration testers and further add to their skillset. The course is also designed to train system administrators, defenders, and others in security to understand the mindset and methodology of a modern attacker. Every organization needs skilled information security personnel who can find vulnerabilities and mitigate their effects, and this entire course is specially designed to get you ready for that role. Both the offensive teams and defenders have the same goal: keep the real bad guys out. SEC560 is designed to get you ready to conduct a full-scale, high-value penetration test, and at the end of the course you’ll do just that. After building your skills in comprehensive and challenging labs, the course culminates with a final real-world penetration test scenario. You’ll conduct an end-to-end pen test, applying knowledge, tools, and principles from throughout the course as you discover and exploit vulnerabilities in a realistic sample target organization. Author Statement “All security professionals need to understand modern attack tactics and principles. As a defender, incident responder, or forensic analyst, it is important to understand the latest attacks and the mindset of the attacker. In this course, penetration testers, red teamers, and other offensive security professionals will learn tools and techniques to increase the impact and effectiveness of their work. As the lead author for this course, I’m proud to bring my years of security experience (both offensive and defensive) as well as network/system administration experience to the course. We aim to provide a valuable, high-impact penetration testing course designed to teach experienced pen testers new tips, help prepare new penetration testers, and provide background to anyone dealing with penetration testers, Red Teams, or even malicious attackers. I personally enjoy teaching this course and sharing my experience and real-life examples with you.” —Tim Medin You Will Be Able To • Properly plan and prepare for an enterprise penetration test • Perform detailed reconnaissance to aid in social engineering, phishing, and making well-informed attack decisions • Scan target networks using best-of-breed tools to identify systems and targets that other tools and techniques may have missed • Perform safe and effective password guessing to gain initial access to the target environment, or to move deeper into the network • Exploit target systems in multiple ways to gain access and measure real business risk • Execute extensive post-exploitation to move further into the network • Use Privilege Escalation techniques to elevate access on Windows or Linux systems, or even the Microsoft Windows Domain • Perform internal reconnaissance and situational awareness tasks to identify additional targets and attack paths • Execute lateral movement and pivoting to further extend access to the organization and identify risks missed by surface scans • Crack passwords using modern tools and techniques to extend or escalate access • Use multiple Command and Control (C2, C&C) frameworks to manage and pillage compromised hosts • Attack the Microsoft Windows domain used by most organizations • Execute multiple Kerberos attacks, including Kerberoasting, Golden Ticket, and Silver Ticket attacks • Conduct Azure reconnaissance • Azure AD password spraying attacks • Execute commands in Azure using compromised credentials • Develop and deliver high-quality reports 6 Day Program 36 CPEs Laptop Required GPEN Penetration Tester giac.org/gpen “ I think if you genuinely want to learn how exploitation techniques work and how to properly think like a hacker, it would be silly not to attend SEC560.” —Marc Hamilton, McAfee GIAC Penetration Tester The GIAC Penetration Tester certification validates a practitioner’s ability to properly conduct a penetration test, using best practice techniques and methodologies. GPEN certification holders have the knowledge and skills to conduct exploits and engage in detailed reconnaissance, as well as utilize a process-oriented approach to penetration testing projects. • Comprehensive Pen Test Planning, Scoping, and Recon • In-Depth Scanning and Exploitation, Post-Exploitation, and Pivoting • In-Depth Password Attacks and Web App Pen Testing GPEN Penetration Tester giac.org/gpen
