| Title |
Speaker |
Date |
Sponsor |
| Finding the Hidden Visitor - Persistence Mechanisms to Look Out For |
|
Aug 3, 2021 |
| Would Your Organization Fail the Active Directory Security Assessment? |
|
Jun 22, 2021 |
| Shining a Light on BEC Risk and Fraud: How Active Defense Closes the BEC Intelligence Gap |
|
Jun 17, 2021 |
| Evolution of APT Activity |
|
Jun 8, 2021 |
| It Is Always DNS, SUNBURST Confirms |
|
May 25, 2021 |
| How to Spot C2 Traffic on Your Network |
|
May 25, 2021 |
| Advanced Web Application Penetration Testing: JWT Security Issues |
|
May 21, 2021 |
| Debunking Top Cloud Misconfiguration Myths |
|
May 21, 2021 |
| Tiered disaster recovery: Protecting data from ransomware and other accidents |
|
May 12, 2021 |
| Fireside Chat: Modern Cyber Threats require Modern Security Practices |
|
May 11, 2021 |
| SaaS Security: Balancing Security Risk Management and Business Enablement |
|
May 5, 2021 |
| Gaining Critical Data-Driven Insight to Effectively Measure and Manage Human Risk |
|
May 3, 2021 |
| The Shift to Cloud - Why SASE Changes Security Considerations |
|
Apr 30, 2021 |
| 2021 Network Security Report – Three Key Security Trends You Need to Know |
|
Apr 27, 2021 |
| Threat-Informed Defense and Purple Team Operations: Lessons from the Pentagon and U.S. Cyber Command |
|
Apr 16, 2021 |
| Network detection & response with open source tools |
John Gamble |
Apr 13, 2021 |
| iOS Third Party Apps Analysis: how to use the new reference guide poster |
|
Apr 6, 2021 |
| The Power of Open-Source Zeek (formerly Bro) |
|
Apr 1, 2021 |
| XSOAR HANDS-ON WORKSHOP: Take Your SOC To The Next Level! |
Brad Green |
Mar 30, 2021 |
| What if security vendors told the truth? |
|
Mar 17, 2021 |
| ExtraHop Reveal(x) Presents Hands-On Network Detection & Response |
|
Mar 16, 2021 |
| Think Red, Act Blue - Hacking Proprietary Protocols |
Ismael Valezuela, Douglas McKee |
Feb 23, 2021 |
| Hunting Logic Attacks - A Peak at SEC552: Bug Bounties & Responsible Disclosure |
Hassan El Hadary |
Jan 19, 2021 |
| SEC554: Blockchain and Smart Contract Security - How to lose $280 million with a single line of code |
Steven Walbroehl |
Nov 5, 2020 |
| Analyzing the OWASP API Security Top 10 for Pen Testers |
Davin Jackson |
Aug 31, 2020 |
| Hunting Logic Attacks - A Peak at SEC552: Bug Bounties & Responsible Disclosure |
Hassan El Hadary |
Aug 27, 2020 |
| SANS@MIC - Pen Testing ICS and Other Highly Restricted Environments |
Don C. Weber |
Aug 24, 2020 |
| SANS @MIC Talk - No SQL Injection in MongoDB applications |
Adrien de Beaupre |
Jul 27, 2020 |
| Cyber Security 101 for Human Resource Professionals |
Kelli Tarala |
Jul 22, 2020 |
| SANS@MIC - smbtimeline - An automated timeline for SMB Traffic |
Olaf Schwarz |
Jul 20, 2020 |
| Measuring and Improving Cyber Defense Using the MITRE ATT&CK® Framework |
Michael Zuckerman |
Jul 20, 2020 |
| Consulting: What Makes a Good Consultant, from the “Hiring One” and “Being One” perspectives |
Ted Demopoulos |
Jul 7, 2020 |
| Managing & Showing Value during Red Team Engagements & Purple Team Exercises |
Jorge Orchilles, Phil Wainwright |
Jul 2, 2020 |
| Extending Your Home Lab to include Cloud |
Ismael Valezuela, Justin Henderson |
Jul 1, 2020 |
| Overt Operations | When the Red Team gets in your Face! |
Matthew Toussain |
Jun 26, 2020 |
| Post Modern Web Attacks: Kubernetes Attack Matrix |
Moses Frost |
Jun 19, 2020 |
| Domain Name & DNS Hijacking: Learn Best Practices to Mitigate Risk and View Latest Domain Security Findings |
Mark Calandra and Jake Williams |
Jun 19, 2020 |
| SANS@MIC - Maldocs: a bit of blue, a bit of red |
Didier Stevens |
Jun 17, 2020 |
| SANS@MIC - Catch and release: phishing techniques for the good guys |
Jan Kopriva |
Jun 17, 2020 |
| Modern Web Application Penetration Testing Part 3, NoSQL injection with MongoDB |
Adrien de Beaupre |
Jun 5, 2020 |
| Enterprise and Cloud | Threat & Vulnerability Assessment |
Matthew Toussain |
Jun 4, 2020 |
| SANS@MIC - Waiting for a cyber range exercise is not enough |
Olaf Schwarz |
Jun 3, 2020 |
| Winning in the Dark - Defending Serverless Infrastructure in the Cloud |
Eric Johnson |
Jun 3, 2020 |
| Introduction to Writing Nmap NSE Scripts |
Jon Gorenflo |
Jun 2, 2020 |
| 7 Ways to Find Encrypted Network Threats Without Decryption |
Vince Stoffer, John Gamble |
May 28, 2020 |
| Post Modern Web Attacks: Cloud Edition |
Moses Frost, Molly Stewart |
May 22, 2020 |
| How to Better Understand HR to Accomplish our Cybersecurity Goals |
Jim Michaud |
May 21, 2020 |
| SANS @MIC Talk - Modern Domain Deception - The risk, issues and potentiality |
Agostino Panico |
May 17, 2020 |
| Building an Enterprise Grade Home Lab |
Ismael Valezuela, Justin Henderson |
May 13, 2020 |
| Act Like You’ve Been Hacked |
Ward Cobleigh |
May 12, 2020 |
| SANS @MIC Talk - Coalfire penetration testers charged with criminal trespass |
Ben Wright |
May 11, 2020 |
| Develop Technical Recall Skills: Spaced Repetition with Anki |
Joshua Wright |
May 8, 2020 |
| Mobile Assessments : Attack Surface and Frameworks |
Chris Crowley |
May 7, 2020 |
| SANS @MIC Talk - The Hackers Apprentice |
Mark Baggett |
May 6, 2020 |
| Multi-factor authentication bypass techniques you need to know about. |
Bryce Galbraith |
May 6, 2020 |
| Hacking Jenkins |
Ross Young |
Apr 20, 2020 |
| Using Deception Technologies to Defend Against Active Directory and Ransomware Attacks |
Kyle Dickinson, Kevin Fiscus and Rami Mizrahi |
Apr 16, 2020 |
| SANS @MIC Talk - Take Back The Advantage - Cyber Deception for the Win! |
Kevin Fiscus |
Apr 15, 2020 |
| SANS @MIC Talk- Check out SEC573! More Python3! More Pywars! |
Mark Baggett |
Apr 13, 2020 |
| Introduction to Reverse Engineering with IDA Pro - Stephen Sims |
Steve Sims |
Apr 11, 2020 |
| Dirty Defense, Done Dirt Cheap: Make your life easier by making mine harder |
Tim Medin |
Apr 9, 2020 |
| SANS @MIC Talk - Take Back The Advantage - Cyber Deception for the Win |
Kevin Fiscus |
Apr 8, 2020 |
| Detecting the Deceivers through Deception |
Tony Cole and Kevin Fiscus |
Apr 8, 2020 |
| Understanding Encryption |
Kevin Ripa |
Apr 7, 2020 |
| SANS CyberCast SANS@MIC - Domain Password Auditing with the Cloud |
Matthew Toussain |
Apr 6, 2020 |
| IDA Pro Challenge Walk Through & What\'s New in SEC760 \'Advanced Exploit Dev\' |
Huáscar Tejeda and Stephen Sims |
Apr 2, 2020 |
| SANS CyberCast - SANS@Mic - The Hackers Apprentice |
Mark Baggett |
Mar 30, 2020 |
| SANS CyberCast SANS@MIC - Stealth persistence strategies |
Erik Van Buggenhout |
Mar 30, 2020 |
| SANS CyberCast - SANS@Mic -Attacking Serverless Servers: Reverse Engineering the AWS, Azure, and GCP Function Runtimes |
Brandon Evans |
Mar 25, 2020 |
| Mobile Application Static Analysis |
Jeroen Beckers |
Mar 5, 2020 |
| Adversary Emulation and the C2 Matrix |
Jorge Orchilles |
Feb 26, 2020 |
| Modern Web Application Penetration Testing Part 2, Hash Length Extension Attacks |
Adrien de Beaupre |
Feb 20, 2020 |
| Real-World Implementation of Deception Technologies |
Kyle Dickinson |
Feb 19, 2020 |
| Passwords are a Solvable Problem! |
Matthew Toussain |
Feb 13, 2020 |
| 2019 SANS Holiday Hack Challenge Award Ceremony |
Ed Skoudis, Joshua Wright, Evan Booth |
Feb 13, 2020 |
| Why it’s easy being a hacker |
Chris Dale |
Feb 10, 2020 |
| Your Password Doesn’t Matter |
Alex Weinert |
Feb 5, 2020 |
| Shall We Play a Game? |
Timothy McKenzie |
Jan 28, 2020 |
| Microsoft Patch Tuesday crypt32.dll Vulnerability Overview |
Jake Williams and Johannes Ullrich |
Jan 15, 2020 |
| Why as a DoD Contractor Do I Need to Be CMMC Compliant |
Katie Arrington |
Jan 14, 2020 |
| SEC642: Killing snakes for fun, Flask SSTIs and RCEs in Python |
Moses Frost |
Jan 13, 2020 |
| Don’t Patch - Transformative Security Programs go Beyond the Vulnerability |
Matthew Toussain |
Dec 20, 2019 |
| WhatsApp End To End Encryption Demystified |
Raul Siles |
Dec 17, 2019 |
| Hacking Common AD Misconfigurations |
Tim Medin |
Dec 13, 2019 |
| Workforce Development What Works – Jason Jury – Booz Allen Hamilton |
Jason Jury and John Pescatore |
Dec 4, 2019 |
| Hiring and retaining for the SOC: Recruit, Train, and Retain Talented and Dedicated Staff |
Christopher Crowley |
Nov 14, 2019 |
| SEC588: Cloud Penetration Testing. What is it? What\'s different, and why? |
Moses Frost |
Nov 12, 2019 |
| What\'s New in SEC575: Mobile Device Security and Ethical Hacking |
Jeroen Beckers and Erik Van Buggenhout |
Nov 8, 2019 |
| Modern Web Application Penetration Testing Part 1, XSS and XSRF Together |
Adrien de Beaupre |
Oct 23, 2019 |
| When Hacking Becomes Deadly – InfoSec in the Age of Connected Medical Devices |
Kenneth May |
Oct 7, 2019 |
| Red, Blue and Purple Teams: Combining Your Security Capabilities for the Best Outcome |
Chris Dale and Bobby Kuzma |
Oct 3, 2019 |
| Dominating the Active Directory |
Erik Van Buggenhout |
Oct 2, 2019 |
| How to accelerate your cyber security career |
Stephen Sims |
Sep 5, 2019 |
| More Super Practical Blue Tips, Tools, and Lessons Learned from Team-Based Training: Coordinating Hand-Offs, Your Buddy RITA, and Microsoft Message Analyzer FOR THE WIN! |
Ed Skoudis and Joshua Wright |
Aug 28, 2019 |
| Kerberos & Attacks 101 |
Tim Medin |
Aug 21, 2019 |
| Legacy Authentication and Password Spray, Understanding and Stopping Attackers Favorite TTPs in Azure AD |
Mark Morowczynski and Ramiro Calderon |
Aug 19, 2019 |
| Practical tips to build a successful purple team |
Erik Van Buggenhout |
Aug 14, 2019 |
| SANS Introduction to Python Course |
Mark Baggett |
Aug 8, 2019 |
| A BEAST and a POODLE celebrating SWEET32 |
Bojan Zdrnja |
Jul 25, 2019 |
| Tips, Tricks, and Cheats Gathered from Red vs. Blue Team-Based Training |
Ed Skoudis and Joshua Wright |
Jul 23, 2019 |
| Effective Threat Hunting |
Chris Dale |
Jul 3, 2019 |
| Web App Testing 101 - Getting the Lay of the Land |
Mike Saunders |
Jun 21, 2019 |
| Increasing Visibility with Ixia\'s Vision ONE |
Serge Borso and Taran Singh |
Jun 18, 2019 |
| Secure Kubernetes Application Delivery |
Andrew Martin |
May 30, 2019 |
| Hacking without Domain Admin |
Tim Medin and Mike Saunders |
May 14, 2019 |
| Purple PowerShell: Current attack strategies & defenses |
Erik Van Buggenhout |
Apr 10, 2019 |
| 2018 Holiday Hack Challenge Winner Announcement and More! |
Ed Skoudis, Josh Wright and Evan Booth |
Mar 21, 2019 |
| Purple Kerberos: Current attack strategies & defenses |
Erik Van Buggenhout |
Mar 11, 2019 |
| Top 10 Writing Mistakes in Cybersecurity and How You Can Avoid Them |
Lenny Zeltser |
Feb 22, 2019 |
| Offensive WMI |
Tim Medin |
Feb 12, 2019 |
| Assumption of a breach: How a new notion can help protect your enterprise |
Tim Medin |
Jan 9, 2019 |
| Introducing the NEW SANS Pen Test Poster - Pivots & Payloads Board Game |
Jason Blanchard, Ed Skoudis, and Mick Douglas |
Dec 19, 2018 |
| Tips and Tricks for Customers and Pen Testers on How to Get Higher Value Pen Tests |
Chris Dale |
Dec 13, 2018 |
| A Practical Introduction into How to Exploit Blind Vulnerabilities |
Chris Dale |
Dec 11, 2018 |
| Passwords and Authentication - Get Up to Speed on Attacks and Defenses |
Chris Dale |
Nov 27, 2018 |
| How Hackers Run Circles Around Our Defenses |
Bryce Galbraith |
Oct 29, 2018 |
| Web Hacking with Burp Suite - Deep Dive into Burp Suite\'s Functionality for Pen Testers |
Chris Dale |
Oct 25, 2018 |
| Web Application Scanning Automation |
Timothy McKenzie |
Oct 17, 2018 |
| Python Decorators Demystified |
Mark Baggett |
Oct 16, 2018 |
| Hacker Techniques: Covert Command and Control |
Derek Rook |
Sep 17, 2018 |
| Password Cracking: Beyond the Basics |
Jon Gorenflo |
Sep 13, 2018 |
| Pen Testing with PowerShell: Automating the Boring so You Can Focus on the FUN! |
Mick Douglas |
Sep 6, 2018 |
| Pen Testing with PowerShell: Local Privilege Escalation Technique |
Mick Douglas |
Sep 4, 2018 |
| Weaponizing Browser-Based Memory Leak Bugs - Stephen Sims |
Stephen Sims |
Aug 23, 2018 |
| Pen Testing with PowerShell: Data Exfiltration Techniques |
Mick Douglas |
Aug 23, 2018 |
| What’s covered in the SANS Advanced Web App Pen Testing Course – SEC642? Thanks for Asking! |
Moses Hernandez |
Aug 15, 2018 |
| Intro to Smart Contract Security |
Jonathan Haas |
Jul 18, 2018 |
| PowerShell for PenTesting |
Mick Douglas |
Jul 17, 2018 |
| Enterprise Discovery: I Still Haven’t Found What I’m Looking For |
Tim Medin |
Jul 2, 2018 |
| Three free Python apps to improve your defenses and response capabilities |
Mark Baggett |
Jun 21, 2018 |
| So, You Wanna Be a Pen Tester? 3 Paths to Consider |
Ed Skoudis |
Jun 19, 2018 |
| Software Defined Radio for Penetration Testing and Analysis |
Larry Pesce |
Jun 19, 2018 |
| Which SANS Pen Test Course Should I Take? SEC560 Edition |
Ed Skoudis and Kevin Fiscus |
Jun 13, 2018 |
| Introduction to enterprise vulnerability assessment; finding Struts |
Adrien de Beaupre |
Jun 12, 2018 |
| Maximizing Your Existing Toolset… I Got 99 Tools, but Time Ain\'t One |
Jon Gorenflo |
Jun 7, 2018 |
| Everything I Didn’t Learn in School |
Jonathan Haas |
May 29, 2018 |
| Software Defined Radio for Penetration Testing and Analysis |
James Leyte-Vidal |
May 14, 2018 |
| Raspberry Honey Pi: Botnet for Good- A SANS Masters Degree Candidate Presentation |
Tim Collyer |
May 10, 2018 |
| Python Regular Expressions for the Win! |
Joff Thyer |
Apr 13, 2018 |
| Hitting every rock on the way down: A look back at 15 years of pentesting with John Strand |
John Strand |
Apr 12, 2018 |
| A Pentesters perspective: Catching attackers living off the land |
Jack Danahy and Dave Shackleford |
Apr 12, 2018 |
| Pausing the attack: deep dive on Pause-Process. A PowerShell script that allows you to pause and unpause potentially malicious attacks |
Mick Douglas |
Apr 5, 2018 |
| Being Offensive in the Workplace |
Derek Rook |
Mar 29, 2018 |
| Java on the Server? What Could Possibly Go wrong? |
Adrien de Beaupre |
Mar 28, 2018 |
| How hackers run circles around our defenses. |
Bryce Galbraith |
Mar 28, 2018 |
| 2017 SANS Holiday Hack Challenge Award Ceremony & Tutorial |
Ed Skoudis |
Mar 15, 2018 |
| OSINT for Pentesters: Finding Targets and Enumerating Systems |
Micah Hoffman and David Mashburn |
Mar 2, 2018 |
| Mind the Gap: going beyond penetration testing for security improvement |
Caspian Kilkelly, Senior Advisory Services Consultant, Rapid7 |
Feb 27, 2018 |
| A pen-testers perspective on malware & ransomware attack techniques and the state of endpoint security |
Jack Danahy and Jake Williams |
Feb 22, 2018 |
| Security is QA: My Path from Developer to Pen Tester |
Joshua Barone |
Feb 16, 2018 |
| Windows Baselining and Remote System Assessment: For the Low-low Price of Free-ninety-free |
Chris Pizor and John Strand |
Feb 16, 2018 |
| Which SANS Pen Test Course Should I Take? - February 2018 Edition |
Ed Skoudis and Josh Wright |
Feb 14, 2018 |
| Debugging Python Code for mere mortals |
Mark Baggett |
Feb 12, 2018 |
| 2 > 1: Teaming Up for Social Engineering Adventures |
Jen Fox |
Feb 8, 2018 |
| OSINT for Everyone: Understanding Risks and Protecting Your Data |
Micah Hoffman and Josh Huff |
Feb 1, 2018 |
| Head Hacking |
Tim Medin |
Jan 16, 2018 |
| Introducing the *NEW* SANS Pen Test Poster - Building A Better Pen Tester - Blueprint |
Ed Skoudis and Jason Blanchard |
Jan 9, 2018 |
| Java on the server? What could possibly go wrong? |
Adrien de Beaupre and Jason Blanchard |
Dec 8, 2017 |
| Security and Ops Hacks |
Sonny Sarai |
Dec 6, 2017 |
| Which SANS Pen Test Course Should I Take? November 2017 Edition |
Ed Skoudis, Larry Pesce, and Jason Blanchard |
Nov 9, 2017 |
| The facts about KRACK and your WPA enabled WiFi network |
Larry Pesce |
Oct 19, 2017 |
| Strut(s) your stuff. |
Moses Hernandez |
Oct 13, 2017 |
| Beyond Scanning: Delivering Impact Driven Vulnerability Assessments |
Matthew Toussain |
Oct 4, 2017 |
| New SANS Course - How to Prevent, Detect & Respond to an Advanced Attack |
Erik Van Buggenhout and Stephen Sims |
Oct 3, 2017 |
| Breaking Red - Designing IOCs Using Red Team Tools |
Joe Vest |
Sep 18, 2017 |
| Harness the Hacker With Breach and Attack Simulation |
Itzik Kotler and John Pescatore |
Sep 13, 2017 |
| Building Your Own Super-Duper Home Lab |
Jeff McJunkin and Jason Blanchard |
Aug 24, 2017 |
| Which SANS Pen Test Course Should I Take? |
Ed Skoudis, Mark Baggett, and Jason Blanchard |
Aug 23, 2017 |
| PowerShell Proxy |
Kenton Groombridge |
Jul 18, 2017 |
| Catch Me if You can - Pentesting vs APT |
Mor Levi |
Jun 15, 2017 |
| Obfuscated No More: Practical Steps for Defeating Android Obfuscation |
Joshua Wright |
May 5, 2017 |
| WikiLeaks\' Release of CIA Hacking Tools: What Security Professionals Need to Know |
Jake Williams and Rick McElroy |
Apr 26, 2017 |
| Profiling Online Personas: Are We Sharing Too Much? |
Micah Hoffman and Lance Spitzner |
Mar 23, 2017 |
| Breaking Red - Understanding Threats through Red Teaming |
Joe Vest and James Tubberville |
Mar 17, 2017 |
| I Don\'t Give One IoTA: Introducing the Internet of Things Attack Methodology |
Larry Pesce |
Mar 16, 2017 |
| Going Past the Wire: Leveraging Social Engineering in Physical Security Assessments |
Stephanie Carruthers |
Mar 15, 2017 |
| The Problems with the Dark Web: From Crime to Complicated Crawling |
Emily Wilson and Alex Viana |
Feb 23, 2017 |
| So What\'s It Mean To Hack a Car |
Matt Carpenter |
Feb 21, 2017 |
| Elevators as Security Risks... What Goes Up May Let You Down |
Deviant Ollam |
Feb 7, 2017 |
| Automating Information Security |
Mark Baggett |
Jan 31, 2017 |
| Introducing the NEW SANS Pen Test Poster - White Board of Awesome Command Line Kung-Fu |
Ed Skoudis |
Jan 25, 2017 |
| Opening a can of Active Defense and Cyber Deception to confuse and frustrate attackers |
Chris Pizor, Ed Skoudis, and John Strand |
Dec 5, 2016 |
| Top Methods Pen Testers Use to Socially Engineer Their Way In |
Dave Shackleford and Lance Spitzner |
Nov 29, 2016 |
| Navigating SANS Pen Test Cheat Sheets for Fun and Profit |
Ed Skoudis |
Sep 8, 2016 |
| Running a Better Red Team Through Understanding ICS/SCADA Adversary Tactics |
Robert M. Lee |
Aug 10, 2016 |
| This phish goes to 11, w/ Guest: “SNOW” [DEF CON 22 Social Engineering CtF - Black Badge Winner] |
Stephanie Carruthers |
May 11, 2016 |
| HTTP/2 & Websockets Are Gonna Change the Pen Test World. Are You Ready? |
Justin Searle and Adrien de Beaupre |
Apr 13, 2016 |
| Easier Web App Pen Testing by Leveraging Plugins & Extensions |
Micah Hoffman |
Oct 27, 2015 |
| Security Evaluation of Mobile Applications using 'App Report Cards' |
Raul Siles |
Oct 13, 2015 |
| Complete Application pwnage via Multi-POST XSRF |
Adrien de Beaupre |
Oct 9, 2015 |
| Manual Testing is a Must, but Automation is Divine |
Ed Skoudis and John Strand |
Oct 2, 2015 |
| DIY vulnerability discovery with DLL Side Loading |
Jake Williams |
Sep 22, 2015 |
| What you need to know about Stagefright |
Josh Wright and Brian LaFlamme |
Aug 14, 2015 |
| Hacking for the Masses |
Mark Baggett |
Aug 3, 2015 |
| SANS NetWars: Building a Better InfoSec Pro with Gamification |
Ed Skoudis, Josh Wright, and Jeff McJunkin |
Jul 14, 2015 |
| A Taste of SANS SEC660: Utilizing ROP on Windows 10 |
Stephen Sims |
Jun 22, 2015 |
| If it fits, it sniffs: Adventures in WarShipping |
Larry Pesce |
Apr 23, 2015 |
| Saboreando SANS SEC575: Seguridad y pen-testing de dispositivos, apps, comunicaciones y entornos moviles |
Raul Siles |
Apr 21, 2015 |
| Adventures in High-Value Pen Testing: A Taste of SANS Security 560" by Ed Skoudis |
Ed Skoudis |
Apr 6, 2015 |
| How to Build Account Harvesters and Password Guessers with Python |
Ed Skoudis and Michael Murr |
Apr 3, 2015 |
| SANS 8 Mobile Device Security Steps |
Christopher Crowley, SANS Certified Instructor |
Mar 31, 2015 |
| Pillage the Village Redux: More Pen Test Adventures in Post Exploitation |
John Strand |
Mar 19, 2015 |
| Pillage the Village Redux: More Pen Test Adventures in Post Exploitation |
Ed Skoudis, and John Strand |
Feb 26, 2015 |
| Shellshock hands-on |
Eric Conrad |
Feb 25, 2015 |
| How to Give the Best Pen Test of your Life |
Ed Skoudis, SANS Faculty Fellow |
Dec 18, 2014 |
| Securing Personal and Mobile Device Use with Next-Gen Network Access Controls |
Joshua Wright, Jack Marsal, Matt Santill |
Nov 14, 2014 |
| CyberCity Hands-on Kinetic Cyber Range Webcast |
Ed Skoudis, Tim Medin |
Nov 11, 2014 |
| Ramping Up Your Phishing Program |
Cheryl Conley, Business Area Information Security Officer, Lockheed Martin |
Oct 30, 2014 |
| Patch Pwnage: Ripping Apart Microsoft Patches to Build Exploits |
Stephen Sims |
Oct 8, 2014 |
| Your App is Leaking! - Bypassing Exploit Mitigations for Pentesters... |
Stephen Sims |
Sep 8, 2014 |
| How Not To Fail at a Pen Test |
John Strand and Ed Skoudis |
Aug 25, 2014 |
| SQL Injection Exploited |
Micah Hoffman |
Aug 8, 2014 |
| Demanding MOAR From Your Vulnerability Assessments & Pen Tests by Ed Skoudis |
Ed Skoudis and Morey J. Haber |
Jul 31, 2014 |
| How To Not Fail At Pentesting |
John Strand |
Jul 9, 2014 |
| Secrets of Exploiting Blind SQL Injection |
Justin Searle |
Apr 30, 2014 |
| OpenSSL "Heartbleed" Vulnerability |
Jake WIlliams |
Apr 9, 2014 |
| Your Pen-Test has a Glaring Weakness - Emulating the Attackers Better with Social Engineering |
Dave Shackleford & James Lyne |
Mar 10, 2014 |
| SANS Asia-Pacific Series: A Taste of SANS SEC660 - Advanced Penetration Testing: Attacking Network Devices |
|
Mar 5, 2014 |
| Secrets of Exploiting Local and Remote File Inclusion |
Justin Searle |
Feb 18, 2014 |
Security Training
Security Certification
Internet Storm Center
College Cybersecurity Programs
Security Awareness Training
Blue Team Operations
Forensics & Incident Response
Offensive Operations
Industrial Control Systems
Cloud Security
Cybersecurity Leadership
Government Private Training
