Join us for the FREE Cyber Defense Forum | Live Online on October 9


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

CyberCity Hands-on Kinetic Cyber Range Webcast

  • Tuesday, November 11, 2014 at 1:00 PM EDT (2014-11-11 18:00:00 UTC)
  • Tim Medin, Ed Skoudis

You can now attend the webcast using your mobile device!



Based on the brand SANS new course, SEC562: CyberCity Hands-on Kinetic Cyber Range Exercise, this webcast will cover a few of the useful techniques learned and practiced in the course, such as:

  • Effective use of multiple shells and tunnels to get you deeper and further into your target
  • Duplicating a Meterpreter session for redundancy and team work, because sharing is indeed caring
  • Attacking the ICS/SCADA protocol Modbus to inject and forge traffic

The SANS SEC562 course, SANS' newest course debuting at SANS CDI in December, is a hands-on course that offers practical hands-on scenarios that replicate a wide range of real-world scenarios. The scenarios are built upon SANS CyberCity and use assets that you would find in a real city, including real ICS hardware and software. The exercises are performed in teams, just like they are in the real world, a fun way to foster teamwork and communication. This ground breaking course uses the SANS NetWars system to guide and direct the teams through the wide range of missions to create a fun and interactive course to build your knowledge and practical skills.

Learn more about the course at

Speaker Bios

Ed Skoudis

Ed Skoudis is the founder of Counter Hack, an innovative organization that designs, builds, and operates popular infosec challenges and simulations including CyberCity, NetWars, Cyber Quests, and Cyber Foundations. As director of the CyberCity project, Ed oversees the development of missions which help train cyber warriors in how to defend the kinetic assets of a physical, miniaturized city. Ed's expertise includes hacker attacks and defenses, incident response, and malware analysis, with over fifteen years of experience in information security. Ed authored and regularly teaches the SANS courses on network penetration testing (Security 560) and incident response (Security 504), helping over three thousand information security professionals each year improve their skills and abilities to defend their networks. He has performed numerous security assessments; conducted exhaustive anti-virus, anti-spyware, Virtual Machine, and IPS research; and responded to computer attacks for clients in government, military, financial, high technology, healthcare, and other industries. Previously, Ed served as a security consultant with InGuardians, International Network Services (INS), Global Integrity, Predictive Systems, SAIC, and Bell Communications Research (Bellcore). Ed also blogs about command line tips and penetration testing.

Tim Medin

Tim Medin is the founder and Principal Consultant at Red Siege, a company focused to adversary emulation and penetration testing. Tim is also the SANS MSISE Program Director and author of several SANS courses. Through the course of his career, Tim has performed penetration tests on a wide range of organizations and technologies. He gained information security experience in a variety of industries including previous positions in control systems, higher education, financial services, and manufacturing. Tim is an experienced international speaker, having presented to organizations around the world. Tim is also the creator of Kerberoasting, a technique to extract kerberos tickets in order to offline attack the password of enterprise service accounts. Tim earned his MBA through the University of Texas. 

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.