search
top
Currently Browsing: Featured

Review of SEC545 Cloud Security Architecture and Operations

SEC545: Cloud Security Architecture and Operations

Just recently I went to attend a local SANS Community class in my city. For those that are not aware, SANS Community classes are usually smaller classes with 5-10+ students. It’s a small venue with more of a small class size, but the material would be the same that SANS would teach on vLive, OnDemand, or at a SANS conference.

I can say that the SEC545: Cloud Security Architecture and Operations class is VERY popular. There were many students there that were not hardcore SANS enthusiasts such as myself. Many people were there on the basis that companies are all now starting to move to the cloud. And, many companies are worried about the security implications of moving, and with larger concerns on if the architecture is not setup and configured correctly.

The class was very much AWS focused, which was great for me in terms of learning AWS. However, Read The Full Post

Passing The GWAPT Exam

Passing The GWAPT Exam

So, I finally went for it and attempted the GIAC GWAPT exam and passed it! I’ve been conducting some pen tests prior to taking the SANS SEC 542 course and the GWAPT exam. The course taught me many new things, and gave me a new perspective, and insight when it comes to web application pen testing. This blog post is to share my experience on how to best prepare for taking the GWAPT exam.

Should I take this exam or challenge the GWAPT ?

Many people will ask themselves this very same question. The best answer really depends on what your career goals are for your future. If you plan on being a pen tester, then this is a must at least if you are new or an intermediate to web pen testing. These days the Internet is filled with web applications, and now with more data and applications placed in the cloud. WebApp pen testing is a skill in demand and will be needed to test anything open to the public via the cloud.

Studying

Read The Full Post

Automating NMAP Scans

Automating NMAP Scans

 

Why do I need automation ?

Security analysts just don’t have the time to always run manual tests. Let’s say I wanted to monitor my ports and services open on my external lab IP address. It is not feasible for me to run a scan at 3am every day for the rest of my life. Therefore, if I had a tool that could automatically run a scan, check to see if anything suspicious is found and can alert me if that is the case would be hugely beneficial. In my case, I have created a method to do this and it is a very simple and straight forward method that virtually any one can use!

 

How can I create a NMAP scanning server ?

Servers are pretty easy to put up whether it’s a Virtual Image that’s spun up on a bare box, desktop, or in the cloud. In my case a Linux Ubuntu Server was used. It has a firewall and is assigned an external public IP address. It then has the ability to scan my lab network public IP address to be able to identify any open ports/services. It’s a great way to gain some visibility into knowing if any new ports were opened that shouldn’t have been or were missed.

*WARNING* please be sure that the network you are scanning is your own, or that you have WRITTEN PERMISSION to scan the network you desire. Scanning networks where you have no written permission can lead to legal issues, so please be sure you have permission or ownership of a network before doing so.

Read The Full Post

SANS 542 – Winning the CTF Event – Coinage

SANS 542 – Winning the CTF Event

I just finished taking the SANS 542 vLive class on Web Application Penetration testing. During the last week (week 6) of the course, we have a CTF (Capture The Flag) event, where you team up with other classmates to exploit systems in a special SANS virtualized environment.

In our event, it started off being a bit unfair where the team I was on had 1 other person with me. While, the team on the other end had 4 members, so it was a 4 vs. 2 battle for most of the CTF. SANS has a similar environment as to one you would see at SANS Netwars. There is an area to create a team name, see your team rank and scores, as well as questions that are asked to you.

In the event our team thepentestninjas won the event leading the other team by over 100 points. We compromised all of the servers on the network, and completed the Level 3 mark. We however, got the very last system with 1 minute to spare.

SANS now has started a new program where they give out special SANS coins to winners of these types of events.

What is a SANS Pentest Coin?

(more…)

Passing The GSEC Exam

Passing The GSEC Exam

So, I’ve officially nailed down another Information Security certificate. And, this time a certificate from the SANS Institute with their GIAC- GSEC certificate. I thought I’d make a post for other people that plan to challenge the exam, and share my own personal experience through it all.

Is it Right For Me ?

The big question would be why are you thinking of obtaining this certificate? Does your work require it? Are you new to the information security field and want a better foothold into the industry? Do you wish to gain more knowledge and/or a higher quality of training? If it’s any of those reasons apply to you, then I would definitely point you towards getting your GSEC certificate.

Preparing For The Exam

So some may ask how they can best prepare for the exam? (more…)

« Previous Entries

top