I recently passed GXPN with great score (96%) and here I write my review about the course and the exam.
SANS/GIAC is the most informative and prestigious training/certification in information security industry. GXPN is the most advanced certification in Penetration Testing offered by SANS/GIAC.
I’ve almost 7 years experience in Penetration Testing and almost 75% hands-on and scattered knowledge of the course syllabus.
SANS 660 Course
SEC 660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking is the course for GXPN. The course is very informative and giving almost everything you want to start writing finding vulnerabilities and writing exploits.
The course has 6 days where:
Day 1: This day talks mainly network level attacks starting with bypassing NAC, MitM attacks, routing protocols attacks, SNMP, network manipulation and others.
Day 2: This day talks about crypto algorithms and attacks then it goes back to network booting attacks, then Powershell for penetration testers and finally attacks on restricted environment like Kios, SRP and AppLocker.
Day 3: Here things are getting more difficult. This day talks about Python, Scapy, Sulley and other fuzzing tools.
Day 4: This day talks about Linux exploitation, but it starts with introduction about memory and CPU especially in Linux.
Day 5: This day talks about Windows exploitation and anti-exploitation techniques.
Day 6: Bootcamp (CTF).
The exam is objective with about 60 questions. There are 7 lab exams where I had access to remote desktop in order to be able to figure out the answer.
The exam is open book and I had prepared two indexes for it. The first is about every tool used in the course, the usage and the page number. The other index, is the term index.
I had two practical tests before the real attempt, for the first practical test I decided to take it to measure my understanding for the course so I set immediately after the course and without the books and without preparing my index. I got 89% score which was very promising for me.
I needed about 10 days to go through the books and build my indexes. Then I set for the second practical exam with the index and the books. I got 87% this time which also gave the confidence that I am well prepared for the exam so I scheduled the exam.
In the exam, I’ve my the following with me:
– The books
– PE File format
– TCP/UDP common ports
– Metasploit Meterpreter commands
I’ve finished the exam after 2 hours and 30 minutes and got 96% score :D.
SANS Advisory Board
In the same day, I got an invitation from SANS to join their advisory board as I got high score in GXPN.