Real World Pen Testing

Veris Group, LLC

Register Now

USA 2011 4-day Training Session //July 30 - Aug 2


So what exactly IS a penetration test and how do you define a qualified penetration tester? How do you identify a comprehensive and successful penetration test? These questions have loomed over the security community for many years without concrete answers, leading to often sub-standard engagements and an inability to differentiate service offerings in the penetration testing field. Meanwhile, regulations now require organizations in many industries to conduct "penetration tests," leading many consultancies to begin offering penetration testing services. However, methodologies for conducting penetration tests have not kept up with the dramatic increase in demand for assessments that must be conducted with limited resources and within pre-defined timeframes. On a national level, the National Board of Information Security Examiners (NBISE) has begun work on driving consistency in the penetration testing field through the development of a competency measurement model for the field.

The purpose of this course is to assist participants in conducting penetration tests in defined time periods that are consistent, repeatable and measurable. The goal of such assessments should be to provide customers with valuable insight into real world risk and business impact of network intrusions, while working with constrained resources, mid-level testers and limited engagement timeframes. Such assessments cannot be designed to cover every possible attack vector, but should cover likely intrusion points into an organization's network. This course will both review technologies and associated penetration testing methods and provide a methodology for conducting defined penetration tests. A wide range of topics will be covered, from soft skills to exploitation techniques for network devices, Windows and Unix systems with a large number of associated practical, lab-based scenarios. In addition, course scenarios will be closely related to NBISE's competency assessment and situational judgment scenarios.

Most importantly, this course is designed for participants to walk away with the ability to actually conduct thorough, operationally focused network penetration tests. Participants will be presented with a myriad of information and practical scenarios designed to mimic customer environments. As such, this course is not targeted at participants without experience and previous training in the topic areas. It is expected that the student have a fundamental understanding of the material presented in the syllabus.

Who Should Take This Class

The course is also meant to provide a broad technical overview of many technologies with a heavy practical scenario-based lab focus. Labs will be very technically difficult and designed to emulate testing environments.

Student Requirements, experience/expertise

Participants should have two to three years of information security assessment experience with the ability to conduct common penetration testing activities without assistance. This includes conducting information gathering and network enumeration activities, quickly launch exploits with a chosen exploit framework, conducting privilege escalation activities and post-exploitation information gathering and network foothold activities.

What You Need to Bring

  • Laptop with Windows Environment with at least 20 GBs of Free Space and 2 GBs of RAM
  • VMWare Player or other VMWare product. Other VM products will not be supported by the instructors (Backtrack will be provided and may act as the Unix environment)
  • Recommended following tools be installed (Many of the tools are installed within Backtrack, however participants should bring the tools they are most comfortable with)

    • Exploitation framework
    • Network mapping tool
    • Packet capture tool
    • Windows system administrative/manipulation tools
    • Password cracker
    • Exploitation framework
    • Network mapping tool
    • Packet capture tool
    • Windows system administrative/manipulation tools
    • Password cracker

What we will cover:

Day 1

  • Introduction & Soft Skills
  • Engagement Lifecycle
  • Open Source Intelligence Gathering
  • Network Technologies: 1.75 hours

Day 2

  • Network Level Attacks
  • Network Enumeration
  • Windows Environments

Day 3

  • Windows Exploitation
  • Windows Post-Exploitation
  • Windows Exploitation Countermeasures

Day 4

  • Unix Environments
  • Unix Exploitation
  • Unix Post-Exploitation
  • Unix Exploitation Countermeasures
  • Capstone Exercise

List of Materials You Will Provide to Participants:

  • Printed Course Material
  • DVD of Course Material
  • Backtrack DVD
  • Printed example practical questions for use during and after the course


Mr. David McGuire is a Senior Security Engineer with Veris Group, LLC where he leads penetration testing and vulnerability assessment efforts for commercial clients and major Federal agencies, including the Department of Justice (DOJ) and the Department of Homeland Security (DHS). He specializes in penetration testing methodologies, tools and techniques and wireless systems security with extensive experience in conducting large scale network vulnerability assessments, penetration tests, web application assessments, wireless vulnerability assessments and red team operations. In addition, he has extensive experience in operational training of team members from various disciplines in computer security, red team and penetration testing methodologies. Previously, David was the senior technical lead at a large Department of Defense (DoD) Red Team, providing mission planning and direction through numerous operations. David has a Bachelor's Degree in Computer Information Technology and is a CREST Certified Infrastructure Tester, GIAC Certified Penetration Tester (GPEN), GIAC Certified Web Application Penetration Tester (GWAPT) and Offensive Security Certified Professional (OSCP).

Jason Frank is a Security Engineer with Veris Group, LLC where he supports multiple Federal agencies developing technical security programs and participating in penetration tests and vulnerability assessments. His specialties include network penetration testing activities, web application assessments and incident response. Through his experiences, Jason developed and deployed enterprise technical training courses and exercises for commercial and government clients. His experiences also include developing and leading multiple teams in classroom and conference Capture-the-Flag events, which challenged participants in areas such as technical knowledge expertise, logic exercises and system defense techniques. Jason holds a Bachelor of Science in Information Science and Technology from the Pennsylvania State University. In addition, Jason is a GIAC certified incident handler (GCIH) and web application penetration tester (GWAPT).

Ends April 30
Ends Jun 15
Ends Jul 29