Nov 4, 2018
Posted in blog, Information Security, Reviews
SEC 542 SANS Course Review
So I wanted to post a blog post on my experience related to the SEC 542 course. This way I can share my experience out there with others, and hopefully give others insight to see if the course is a right fit for them too.
Now because I took the vLive course, my course was not a 4-6 day course. This course was actually completed over 6+ weeks with 2 class sessions per a week. This was an excellent course, very well designed and presented out to students. There were things I already knew and had experienced. But, there were a lot of tools that were introduced in the course, which I had not used or heard of before. And, these tools definitely help save some time especially when it comes down to recon.
I’ll briefly list some of the things you learn during each week, but for the full list you’ll have to take the course for yourself. Trust me, it’s an awesome course! Read The Full Post
Aug 26, 2018
Posted in blog, Featured, Information Security, pen testing, Reviews
Passing The GWAPT Exam
So, I finally went for it and attempted the GIAC GWAPT exam and passed it! I’ve been conducting some pen tests prior to taking the SANS SEC 542 course and the GWAPT exam. The course taught me many new things, and gave me a new perspective, and insight when it comes to web application pen testing. This blog post is to share my experience on how to best prepare for taking the GWAPT exam.
Should I take this exam or challenge the GWAPT ?
Many people will ask themselves this very same question. The best answer really depends on what your career goals are for your future. If you plan on being a pen tester, then this is a must at least if you are new or an intermediate to web pen testing. These days the Internet is filled with web applications, and now with more data and applications placed in the cloud. WebApp pen testing is a skill in demand and will be needed to test anything open to the public via the cloud.
Studying
Read The Full Post
Apr 25, 2018
Posted in blog, Featured, Information Security, pen testing
SANS 542 – Winning the CTF Event
I just finished taking the SANS 542 vLive class on Web Application Penetration testing. During the last week (week 6) of the course, we have a CTF (Capture The Flag) event, where you team up with other classmates to exploit systems in a special SANS virtualized environment.
In our event, it started off being a bit unfair where the team I was on had 1 other person with me. While, the team on the other end had 4 members, so it was a 4 vs. 2 battle for most of the CTF. SANS has a similar environment as to one you would see at SANS Netwars. There is an area to create a team name, see your team rank and scores, as well as questions that are asked to you.
In the event our team thepentestninjas won the event leading the other team by over 100 points. We compromised all of the servers on the network, and completed the Level 3 mark. We however, got the very last system with 1 minute to spare.
SANS now has started a new program where they give out special SANS coins to winners of these types of events.
What is a SANS Pentest Coin?
(more…)
My name is Harry Taheem
I am a Cyber Security Engineer.
My aim is to post things I learn or find interesting and allow others to hopefully gain some more insight. I also plan on posting general IT related issues, as Iād like 
