GPEN

The GIAC Penetration Tester (GPEN) is one of the most recognized penetration testing certifications. Not quite as daunting as the OSCP, but a challenging certification nonetheless.

The GPEN exam covers a comprehensive list of topics, including:

Advanced Password Attacks

  • Attacking Password Hashes
  • Command Shell vs. Terminal Access
  • Enumerating Users
  • Exploitation Fundamentals
  • General Web Application Probing
  • Initial Target Scanning
  • Metasploit
  • Moving Files with Exploits
  • Password Attacks
  • Pen-testing Foundations
  • Pen-testing Process
  • Pen-Testing via the Command Line
  • Reconnaissance
  • Scanning for Targets
  • Vulnerability Scanning
  • Web Application Attacks
  • Wireless Crypto and Client Attacks
  • Wireless Fundamentals

 

Here’s what you need to know about the exam process:

  • Number of questions – 115
  • Time limit – 180 minutes (3 hours)
  • Passing score – 74% or higher
  • Prerequisites – none
  • Cost – $999 (or $579 if you take the accompanying SANS course)
  • Certification must be renewed every four (4) years

 

If you want to prepare for the GPEN exam, check out the following resources:

 

Professional Penetration Testing: Volume 1: Creating and Learning in a Hacking Lab

Professional Penetration Testing: Volume 1: Creating and Learning in a Hacking Lab

 

Penetration Tester's Open Source Toolkit, Third Edition

Penetration Tester’s Open Source Toolkit, Third Edition

 

The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy

The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy

 

Metasploit Penetration Testing Cookbook

Metasploit Penetration Testing Cookbook

 

Penetration Testing and Network Defense

Penetration Testing and Network Defense

 

Click here to visit the GIAC GPEN website.



Leave a Reply