Two More Days to Get a $400 Amazon Gift Card with qualifying OnDemand course purchase! Don't Miss Out!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Pillage the Village Redux: More Pen Test Adventures in Post Exploitation

  • Thursday, March 19, 2015 at 9:00 AM EDT (2015-03-19 13:00:00 UTC)
  • John Strand

You can now attend the webcast using your mobile device!



Join SANS Instructor John Strand as he discusses some really novel approaches to demonstrating business risk through penetration testing - with some awesome recommendations for post-exploitation activities. John will look at ways to surreptitiously plunder target machines and pivot through target environments more flexibly than ever in this fun and engaging webcast. Every security professional (from defender through analyst through pen tester) should know about these techniques, which mimic the capabilities of real-world bad guys.

We will also be sharing a new backdoor we created which uses gmail as a command and control point and some awesome new netsh research by Ed Skoudis!

Speaker Bio

John Strand

John Strand currently is the owner and senior security researcher with Black Hills Information Security, and a consultant with Argotek, Inc for TS/SCI programs. As a certified SANS instructor he teaches: 504 "Hacker Techniques, Exploits and Incident Handling," 517, "Cutting Edge Hacking Techniques," and 560 "Network Penetration Testing." He is a contributing author of Nagios 3 Enterprise Network Monitoring, and a regular contributor to SearchSecurity's "Ask the Expert" series on the latest information security threats. He also regularly posts videos demonstrating the latest computer attacks and defenses at He started the practice of computer security with Accenture Consulting in the areas of intrusion detection, incident response, and vulnerability assessment/penetration testing. John then moved on to Northrop Grumman specializing in DCID 6/3 PL3-PL5 (multi-level security solutions), security architectures, and program certification and accreditation. He has a masters degree from Denver University and is currently also a professor at Denver University. In his spare time he writes loud rock music and makes various futile attempts at fly-fishing.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.