SANS Online Training Special: Get an iPad Mini, Chromebook Flip, or $250 Off until 10/30! 


To attend this webcast, login to your SANS Account or create your Account.

Pillage the Village Redux: More Pen Test Adventures in Post Exploitation

  • Thursday, March 19th, 2015 at 9:00 AM EDT (13:00:00 UTC)
  • John Strand
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!


Join SANS Instructor John Strand as he discusses some really novel approaches to demonstrating business risk through penetration testing - with some awesome recommendations for post-exploitation activities. John will look at ways to surreptitiously plunder target machines and pivot through target environments more flexibly than ever in this fun and engaging webcast. Every security professional (from defender through analyst through pen tester) should know about these techniques, which mimic the capabilities of real-world bad guys.

We will also be sharing a new backdoor we created which uses gmail as a command and control point and some awesome new netsh research by Ed Skoudis!

Speaker Bio

John Strand

John Strand currently is the owner and senior security researcher with Black Hills Information Security, and a consultant with Argotek, Inc for TS/SCI programs. As a certified SANS instructor he teaches: 504 "Hacker Techniques, Exploits and Incident Handling," 517, "Cutting Edge Hacking Techniques," and 560 "Network Penetration Testing." He is a contributing author of Nagios 3 Enterprise Network Monitoring, and a regular contributor to SearchSecurity's "Ask the Expert" series on the latest information security threats. He also regularly posts videos demonstrating the latest computer attacks and defenses at He started the practice of computer security with Accenture Consulting in the areas of intrusion detection, incident response, and vulnerability assessment/penetration testing. John then moved on to Northrop Grumman specializing in DCID 6/3 PL3-PL5 (multi-level security solutions), security architectures, and program certification and accreditation. He has a masters degree from Denver University and is currently also a professor at Denver University. In his spare time he writes loud rock music and makes various futile attempts at fly-fishing.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.