GIAC GPEN Training Material
ibcritn
Member Posts: 340
Any suggestions from those who have passed the GPEN exam, or are currently preparing for it?
I have seen talk about putting together training material from several sources based on the exam objectives, but I was wondering if anyone had any specific recommendations.
So far I plan to grab:
Professional Penetration Testing: Creating and Operating a Formal Hacking lab by Thomas Wilhelm
Looking for any suggestions besides taking the SANS course....which I really want to try to avoid due to cost.
I have seen talk about putting together training material from several sources based on the exam objectives, but I was wondering if anyone had any specific recommendations.
So far I plan to grab:
Professional Penetration Testing: Creating and Operating a Formal Hacking lab by Thomas Wilhelm
Looking for any suggestions besides taking the SANS course....which I really want to try to avoid due to cost.
CISSP | GCIH | CEH | CNDA | LPT | ECSA | CCENT | MCTS | A+ | Net+ | Sec+
Next Up: Linux+/RHCSA, GCIA
Next Up: Linux+/RHCSA, GCIA
Comments
-
slinuxuzer Member Posts: 665 ■■■■□□□□□□I don't have GPEN and am not currently studying for it, I have recently been updating some of my security / pentesting skills in hopes that I can get my compentency level up high enough to be able to take a shot at the OSCP course.
I might start out by suggesting the following for your GPEN stuides.
1. Download the live cd's created by Thomas Wilhelm to practice various things against, they should be easy enough to find at heorot.net or through googling his name, he has a couple of sites.
2. I assume you already have backtrack4 downloaded and working wich has the metasploit3 framework, you should be able to find "Metasploitable" through bit torrent, it is also a linux live cd designed to be exploitable via metasploit.
3. Securitytube.net and youtube.com are your friends when it comes to trying to learn a new hack or procedure, this is one of the great advancements of our age and if your not taking advantage your hurting yourself.
4. www.safaribooksonline.com has a membership plan for around 10$ a month that allows you access to literally thousands of books, the book you mentioned I believe is on there not to mention tons of other security books (the latest hacking exposed wireless book is on there, which leads me to believe they will start carrying all hacking exposed from this point on)
5. The hacking exposed books are really good references, if you have never looked at them they basically go down all the phases of what you would do during a pentest and explain different techniques, most popular tools, and there is usually enough technical information about each attack to understand / get the jist of it, this is immediatly followed up with possible countermeasures to each attack. -
Bl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□Have you looked at the ethical hacker network? There seem to be some good post there on the subject:
The Ethical Hacker Network - SANS GPEN Self-Study alternative ?
The Ethical Hacker Network - How I passed GPEN!!! -
ibcritn Member Posts: 340Thanks slinuxuzer and Bl8ckr0uter....Great advice!
I will take a look at those suggestions and add them to my study plan for the exam.CISSP | GCIH | CEH | CNDA | LPT | ECSA | CCENT | MCTS | A+ | Net+ | Sec+
Next Up: Linux+/RHCSA, GCIA