SANS Pen Test Poster: Pivots Payloads Boardgame

 

We are excited to introduce to you the new SANS Penetration Testing Educational Poster, “Pivots & Payloads Board Game”! It is a poster and a board game. How is it a board game? You can lay it down on a table, cut out the game pieces and game modifiers, use a dice to move your piece around the board…and play with your friends, colleagues, and/or family.

The board game takes you through pen test methodology, tactics, and tools with many possible setbacks that defenders can utilize to hinder forward progress for a pen tester or attacker. The game helps you learn while you play. It’s also a great way to showcase to others what pen testers do and how they do it.

We have made the poster/board game available to download, with additional downloads of the cheat sheets, game pieces, and game modifiers. We will add additional content to this blog page as we continue to evolve the board game and improve on it in future versions.

Download PDF of Pivots & Payloads:

http://blogs.sans.org/pen-testing/files/2018/11/PEN-PR-BGP_v1_1018_WEB_11052018.pdf

PEN-PR-BGP_v1_1018_WEB_FINAL_11052018_web_front

PEN-PR-BGP_v1_1018_WEB_FINAL_11052018_web_back

Additional Pivots & Payloads:

Desktop Wallpaper

PEN-PR-BGP_v1_1018_wallaperV1

PEN-PR-BGP_v1_1018_wallaperV2

Game Pieces – Print PDF

Pieces

Cheat Sheets – Print PDF

HashCat

Recon

NetCat

Pen Test Cheat Sheets:

SANS Pen Test Training:

SANS Pen Test Posters:

Build your Skills (Free):

SANS Penetration Testing Webcasts (YouTube):

Upcoming SANS Special Event – 2018 Holiday Hack Challenge

KringleCon

SANS Holiday Hack Challenge – KringleCon 2018

  • Free SANS Online Capture-the-Flag Challenge
  • Our annual gift to the entire Information Security Industry
  • Designed for novice to advanced InfoSec professionals
  • Fun for the whole family!!
  • Build and hone your skills in a fun and festive roleplaying like video game, by the makers of SANS NetWars
  • Learn more: www.kringlecon.com
  • Play previous versions from free 24/7/365: www.holidayhackchallenge.com

Player Feedback!

  • “On to level 4 of the #holidayhackchallenge. Thanks again @edskoudis / @SANSPenTest team.” – @mikehodges
  • “#SANSHolidayHack Confession – I have never used python or scapy before. I got started with both today because of this game! Yay!” – @tww2b
  • “Happiness is watching my 12 yo meet @edskoudis at the end of #SANSHolidayHack quest. Now the gnomes #ProudHackerPapa” – @dnlongen
kringle_02

SANS Cheat Sheet: Python 3

 

by: Mark Baggett

Python 2 – The end of the world as we know it.

It will happen. In the year 2020 an event will occur that will alter the course of information security forever. What is this apocalyptic event? The end of life for Python 2. Is it that big of a deal? Meh. I’m just being dramatic. As of 2020 they will stop releasing updates and patches to Python 2. But Python 2 isn’t going anywhere. If history has taught us lessons about what happens to unsupported software then we will continue to see it running critical infrastructure and hospital equipment for many years to come. Those programs that run in Python 2 interpreters today will continue to run in Python 2 interpreters well after 2020. Sadly today some organizations are still running old Python 2.5 interpreters despite the fact that it is now 13 years old and has serious security issues. It’s pretty safe to say that we will continue to see Python 2 for the foreseeable future.

That said, I think it is a little short sighted to continue to develop new tools and automation in Python 2 today. Today you should definitely be developing new code that works in Python 3. Any new tools you purchase and plan to use for more than a year should run in Python 3. You should also evaluate the risk associated with running that old Python 2 interpreter that may have security vulnerabilities once it is no longer supported vs updating your code to work with a supported interpreter. As you look to the future you should do that with Python 3 in your sights.

SANS SEC573: Automating information Security with Python course and the associated GPYC certification rides the Python2/Python3 fence along with the rest of the Industry. The course teaches you to build new tools for automation of common defensive, forensics and offensive task in Python 3. Developing new tools in Python 3 will set you up for success moving forward. We also covers what you need to know to convert your existing Python 2 code to Python 3. If you need to continue to use Python 2 we will teach you how to write code that is forward compatible to Python 3 so you are ready to switch when you are eventually forced to. In my opinion it isn’t really a choice between Python 2 and Python 3. The answer is both. We will supporting both versions for a while. In celebration of that fact here are the SEC573 Python2 and Python3 cheat sheets available for you to download and print! Enjoy!

 

DOWNLOAD – Python 2.7 Cheat Sheet

Python2_7

DOWNLOAD – Python 3 Cheat Sheet

Python3

 

Pen Test Cheat Sheets:

 

SANS Pen Test Training:

 

Upcoming SANS Special Event – 2018 Holiday Hack Challenge

KringleCon

SANS Holiday Hack Challenge – KringleCon 2018

  • Free SANS Online Capture-the-Flag Challenge
  • Our annual gift to the entire Information Security Industry
  • Designed for novice to advanced InfoSec professionals
  • Fun for the whole family!!
  • Build and hone your skills in a fun and festive roleplaying like video game, by the makers of SANS NetWars
  • Learn more: www.kringlecon.com
  • Play previous versions from free 24/7/365: www.holidayhackchallenge.com

Player Feedback!

  • “On to level 4 of the #holidayhackchallenge. Thanks again @edskoudis / @SANSPenTest team.” – @mikehodges
  • “#SANSHolidayHack Confession – I have never used python or scapy before. I got started with both today because of this game! Yay!” – @tww2b
  • “Happiness is watching my 12 yo meet @edskoudis at the end of #SANSHolidayHack quest. Now the gnomes #ProudHackerPapa” – @dnlongen
kringle_02

SANS Cheat Sheet: Netcat

 

by SANS Pen Test Team

We are adding another SANS Cheat Sheet to our arsenal of information security/penetration testing cheat sheets available here at the SANS Pen Test Blog. If you would like additional cheat sheets, click on the “cheatsheet” category or see below to find them all.

This cheat sheet is from our SANS SEC560: Network Penetration Testing and Ethical Hacking course, authored by SANS Fellow, Ed Skoudis. To learn Netcat in-depth along with many other tools, methods, and techniques of penetration testing, please consider taking our core pen testing course, SEC560.

What is Netcat… from the wiki:

Netcat (often abbreviated to nc) is a computer networking utility for reading from and writing to network connections using TCP or UDP. Netcat is designed to be a dependable back-end that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and investigation tool, since it can produce almost any kind of connection its user could need and has a number of built-in capabilities.

Download PDF: netcat-cheat-sheet

Netcat1

 

Other Netcat Resources:

Bash’s Built-in Netcat Client

Netcat without -e? No problem!

 

Pen Test Cheat Sheets:

SANS Pen Test Training:

Upcoming SANS Special Event – 2018 Holiday Hack Challenge

KringleCon

SANS Holiday Hack Challenge – KringleCon 2018

  • Free SANS Online Capture-the-Flag Challenge
  • Our annual gift to the entire Information Security Industry
  • Designed for novice to advanced InfoSec professionals
  • Fun for the whole family!!
  • Build and hone your skills in a fun and festive roleplaying like video game, by the makers of SANS NetWars
  • Learn more: www.kringlecon.com
  • Play previous versions from free 24/7/365: www.holidayhackchallenge.com

Player Feedback!

  • “On to level 4 of the #holidayhackchallenge. Thanks again @edskoudis / @SANSPenTest team.” – @mikehodges
  • “#SANSHolidayHack Confession – I have never used python or scapy before. I got started with both today because of this game! Yay!” – @tww2b
  • “Happiness is watching my 12 yo meet @edskoudis at the end of #SANSHolidayHack quest. Now the gnomes #ProudHackerPapa” – @dnlongen
kringle_02

So You Wanna Be a Pen Tester? 3 Paths To Consider (Updated)

Tips for Entering the Penetration Testing Field

By Ed Skoudis

It’s an exciting time to be a professional penetration tester. As malicious computer attackers amp up the number and magnitude of their breaches, the information security industry needs an enormous amount of help in proactively finding and resolving vulnerabilities. Penetration testers who are able to identify flaws, understand them, and demonstrate their business impact through careful exploitation are an important piece of the defensive puzzle.

In the courses I teach on penetration testing, I’m frequently asked about how someone can land their first job in the field after they’ve acquired the appropriate technical skills and gained a good understanding of methodologies. Also, over the past decade, I’ve counseled a lot of my friends and acquaintances as they’ve moved into various penetration testing jobs. Although there are many different paths to pen test nirvana, let’s zoom into three of the most promising. It’s worth noting that these three paths aren’t mutually exclusive either. I know many people who started on the first path, jumped to the second mid-way, and later found themselves on path #3. Or, you can jumble them up in arbitrary order.

Path A: General Enterprise Security Practitioner Moving to Penetration Testing

First, you could parlay a job in the security group of an enterprise (whether a corporate, government, or educational position) into vulnerability assessment and then penetration testing. For example, today, you may be a security auditor, administrator, analyst, or a member of a Security Operations Center (SOC) team. Tell your management that you are keenly interested in vulnerability assessment and penetration testing, and offer your support in existing projects associated with those tasks. You might have to start by taking one for the team and putting in your own hours in helping out, without getting a break from your “regular” job. Consider this extra time an investment in yourself. At first, you could help with tasks such as project scoping, false positive reduction, and remediation verification. Later, offer help in preparing a high-quality penetration testing report. Over the space of several months or even a year, you’ll demonstrate increasing skills and can ask management or other groups in your enterprise for a move more directly in the heart of penetration testing work.

Path B: Working for a Company or Division that Focuses on Penetration Testing

There are many companies that provide third-party penetration testing services to other companies, including organizations such as Verizon, Trustwave, and FishNet Security. Many of these organizations are looking to hire exceptional penetration testers, especially those who have experience. If you have no direct penetration testing experience, you may still want to try your hand by applying for a junior role in such organizations. A solid background in secure networking, development, or operations will prove helpful. But, if experience is absolutely required, consider moving through Paths A or C to hone your skills before jumping to Path B.

Path C: Going Out on Your Own

If you are more entrepreneurially minded, you may want to consider forming your own small company on the side to do vulnerability assessment for local small businesses, such as a local florist or auto mechanic. Start with just vulnerability assessment services, and build your skills there before going into full-blown penetration testing. There are a couple of huge caveats to take into account with this path, though. First off, make sure you get a good draft contract and statement of work template drawn up by a lawyer to limit your liability. Next, get some liability and errors & omissions insurance for penetration testing. Such protection could cost a few thousand dollars annually, but is vital in doing this kind of work. Once you’ve built your vulnerability assessment capabilities, you may want to gradually start looking at carefully exploiting discovered flaws (when explicitly allowed in your Statements of Work) to move from vulnerability assessment to penetration testing. After your small business is humming, you may decide to stick with this path, growing your business, or jump into Paths A or B.

Regardless of whether you go down paths A, B, C, or your own unique approach to entering the penetration testing industry, always keep in mind that your reputation and trustworthiness are paramount in the information security field. Your name is your personal brand, so work hard, be honest, and always maintain your integrity. Additionally, build yourself a lab of four or five virtual machines so you can practice your technical skills regularly, running scanners, exploitation tools, and sniffers so you can understand your craft at a fine-grained level. Learn a scripting language such as Python or Ruby so you can start automating various aspects of your tasks and even extend the capabilities of tools such as the Metasploit framework. And, most of all, give back to the community by writing a blog, sharing your ideas and techniques, and releasing scripts and tools you’ve created. You see, to excel in pen testing, you can’t think of it as a job. It is a way of life. Building a sterling reputation and contributing to others is not only beneficial to the community, but it will provide many direct and indirect benefits to you as you move down your path from new penetration tester to seasoned professional.

Additional SANS Penetration Testing Resources

Watch: WEBCAST – So, You Wanna Be a Pen Tester?

EdSkoudis_SoYouWannaBeAPenTester_06192018

Available Now!
Recorded: 6/19/2108
https://www.sans.org/webcasts/so-wanna-pen-tester-3-paths-106920

 

Upcoming SANS Pen Test Webcasts:

Pen Test Cheat Sheets:

SANS Pen Test Posters:

Build your Skills (Free):

SANS Penetration Testing Webcasts (YouTube):

SANS Pen Test Training:

–Ed.

https://twitter.com/edskoudis

Upcoming SANS Special Event – 2018 Holiday Hack Challenge

KringleCon

SANS Holiday Hack Challenge – KringleCon 2018

  • Free SANS Online Capture-the-Flag Challenge
  • Our annual gift to the entire Information Security Industry
  • Designed for novice to advanced InfoSec professionals
  • Fun for the whole family!!
  • Build and hone your skills in a fun and festive roleplaying like video game, by the makers of SANS NetWars
  • Learn more: www.kringlecon.com
  • Play previous versions from free 24/7/365: www.holidayhackchallenge.com

Player Feedback!

  • “On to level 4 of the #holidayhackchallenge. Thanks again @edskoudis / @SANSPenTest team.” – @mikehodges
  • “#SANSHolidayHack Confession – I have never used python or scapy before. I got started with both today because of this game! Yay!” – @tww2b
  • “Happiness is watching my 12 yo meet @edskoudis at the end of #SANSHolidayHack quest. Now the gnomes #ProudHackerPapa” – @dnlongen
kringle_02

SANS Pen Test Cheat Sheet: Metasploit

For the longest time we haven’t had a proper blog post for our Metasploit Cheat Sheet. This is one of our most popular cheat sheets. It was created by Ed Skoudis and his team.

When we attend BSides and conferences like DerbyCon and ShmooCon we bring a ton of printed copies with us and give them out at the booth and attendees always grab a bunch for themselves and for friends back at the office. But, in case you can’t make it to a local conference we are sponsoring, we’re making it available online for you to download, print, and share.

Did you know that we teach Metasploit in our core SANS Pen Testing Course, SEC560: Network Penetration Testing and Ethical Hacking and in our newly revised and updated 2-day hands-on SEC580: Metasploit Kung Fu for Enterprise Pen Testing?

Oh… we just made something that we think is pretty nifty. Here is a desktop wallpaper, in multiple sizes, based on the Metasploit Cheat Sheet for you to download and use.

(Click on the image for full-sized version to download)

Metasploit_1280x1024Metasploit_1280x1024
Metasploit_1920x1080Metasploit_1920x1080
Metasploit_5120x2880Metasploit_5120x2880

Download the 2-Page, PDF, Printable Version of Metasploit Cheat Sheet

Metasploit_CheatSheetPage_LARGE

Download: MetasploitCheatsheet2.0

Pen Test Cheat Sheets:

SANS Pen Test Training:

Upcoming SANS Special Event – 2018 Holiday Hack Challenge

KringleCon

SANS Holiday Hack Challenge – KringleCon 2018

  • Free SANS Online Capture-the-Flag Challenge
  • Our annual gift to the entire Information Security Industry
  • Designed for novice to advanced InfoSec professionals
  • Fun for the whole family!!
  • Build and hone your skills in a fun and festive roleplaying like video game, by the makers of SANS NetWars
  • Learn more: www.kringlecon.com
  • Play previous versions from free 24/7/365: www.holidayhackchallenge.com

Player Feedback!

  • “On to level 4 of the #holidayhackchallenge. Thanks again @edskoudis / @SANSPenTest team.” – @mikehodges
  • “#SANSHolidayHack Confession – I have never used python or scapy before. I got started with both today because of this game! Yay!” – @tww2b
  • “Happiness is watching my 12 yo meet @edskoudis at the end of #SANSHolidayHack quest. Now the gnomes #ProudHackerPapa” – @dnlongen
kringle_02

SANS Penetration Testing: Command Line Kung-Fu – Desktop Wallpapers

PenTest_WhiteBoard_Back_Preview

SANS Pen Test: Command Line Kung-Fu

Desktop Wallpapers

So… we made our new SANS Pen Test Poster: “White Board of Awesome Command Line Kung-Fu” and posted it on Twitter for some initial feedback and  someone asked us if we could turn it into a desktop wallpaper and we thought, “that’s a really cool idea!”

But, we created it and everything on it was too small and although it looked cool, it wasn’t functional. So, then we thought, what if we broke it up into individual pieces. “Eureka!” we exclaimed as we contacted our graphic designer with a new request.

Now… “BEHOLD!”

Introducing the first of many SANS Pen Test Curriculum Desktop Wallpapers!

(Click on the image for the full-sized version)

BASH_1280x1024BASH_1280x1024
BASH_1920x1080BASH_1920x1080
BASH_5120x2880BASH_5120x2880
Powershell_1280x1024Powershell_1280x1024
Powershell_1920x1080Powershell_1920x1080
Powershell_5120x2880Powershell_5120x2880
Python_1280x1024Python_1280x1024
Python_1920x1080Python_1920x1080
Python_5120x2880Python_5120x2880

 

Comment below if you have ideas for future SANS Penetration Testing Curriculum – Desktop Wallpapers we should make.

Thanks!

 

Pen Test Cheat Sheets:

SANS Pen Test Training:

Upcoming SANS Special Event – 2018 Holiday Hack Challenge

KringleCon

SANS Holiday Hack Challenge – KringleCon 2018

  • Free SANS Online Capture-the-Flag Challenge
  • Our annual gift to the entire Information Security Industry
  • Designed for novice to advanced InfoSec professionals
  • Fun for the whole family!!
  • Build and hone your skills in a fun and festive roleplaying like video game, by the makers of SANS NetWars
  • Learn more: www.kringlecon.com
  • Play previous versions from free 24/7/365: www.holidayhackchallenge.com

Player Feedback!

  • “On to level 4 of the #holidayhackchallenge. Thanks again @edskoudis / @SANSPenTest team.” – @mikehodges
  • “#SANSHolidayHack Confession – I have never used python or scapy before. I got started with both today because of this game! Yay!” – @tww2b
  • “Happiness is watching my 12 yo meet @edskoudis at the end of #SANSHolidayHack quest. Now the gnomes #ProudHackerPapa” – @dnlongen
kringle_02

SANS Pen Test Cheat Sheet: Python – pyWars (SEC573)

by: Mark Baggett

Python skills are incredibly useful for all kinds of information security personnel, from pen testers to cyber defenders to forensics pros.  With so many tools written in Python and so many Python libraries to work magic in just a few lines of code, I wrote a course (SANS SEC573) on how to get the most out of this handy language.

But, In 2012 I faced a challenge.

I had created a software platform for delivering SEC573’s Python based labs to students called pyWars and I needed to test that server under load before I used it in a classroom environment.  I had already run fuzzers and traffic generators against the server, but nothing quite matches the testing that is done by a human.  I know this to be true because we succeed as Penetration testers despite the availability of high quality vulnerability scanners!  I decided to have a SANS@Night session where I would issue an open invitation to students at the conference to come and try out the new SEC573 labs.  One of the immutable rules of information security is this, if you invite people to come hack stuff and give them free beer, then people will come.  So that is what we did.

But what about people who don’t know Python?!

I can’t expect people to really test my labs when I haven’t taught them any Python.  So, I boiled down the bare essentials into a 1 hour introduction I could present to get people going on the labs.  I would present the material and if everyone remembered EVERYTHING I said they could complete the labs.  But none of us remember everything.  I needed a condensed version of the essential Python skills required to perform common tasks covered in the courseware that I could hand out.  Thus the SEC573 Python 2.7 cheat sheet was born.

This cheat sheet is specific to version 2.7 and it covers the bare essential of coding in Python.  It is intended to help you quickly find the proper syntax of commonly used Python commands.   Whether you are going to take the new GPYC  – GIAC (Python Coder) Certification or just want to knock out a program without pulling our your reference manuals I hope that you will find the cheat sheet useful.Python_CheatSheet_07052016

Download: Python Cheat Sheet – 2pg PDF

Learn more about GIAC’s *new* Python Coder CertificationGPYC.

Mark Baggett
SANS Instructor
Course Author – SEC573

SANS Online Training:

OLT_forBlogs

All SANS Online Training courses include:

  • Convenience and Flexibility
  • Subject-Matter Expert Support
  • Anytime, Anywhere access for four or more months
  • Save costs and time – no travel necessary

Test Drive any of 30 SANS courses today at www.sans.org/demo

“I love the material, I love the SANS Online delivery, and I want the entire industry to take these courses.” – Nick Sewell, IIT

SANS Pen Test Cheat Sheet: PowerShell

by Ed Skoudis

PowerShell really is amazing, and comes in handy for all kinds of infosec tasks, from defense to analysis to offense.  In my SANS Security 560 course, we cover PowerShell as a post-exploitation language, with all kinds of nifty tips and tricks for using it.  When I teach the class, though, I notice that many students are fairly new to PowerShell’s awesomeness.

To help people build their PowerShell skills, Phil Smith and I created this PowerShell cheat sheet (with some great input from Tim Medin and Jeff McJunkin too), containing some of the essential items needed to use PowerShell effectively.  In essence, this cheat sheet is what I wish I had when I started learning PowerShell.  I hope you enjoy it, especially the 5 PowerShell Essentials section!

Download it by clicking this link: PowerShellCheatSheet_v4PowerShell Essentials
PowerShellCheatSheetPg1

Have fun PowerShell’ing.  :)

–Ed.

Pen Test Cheat Sheets:

SANS Pen Test Training:

Upcoming SANS Special Event – 2018 Holiday Hack Challenge

KringleCon

SANS Holiday Hack Challenge – KringleCon 2018

  • Free SANS Online Capture-the-Flag Challenge
  • Our annual gift to the entire Information Security Industry
  • Designed for novice to advanced InfoSec professionals
  • Fun for the whole family!!
  • Build and hone your skills in a fun and festive roleplaying like video game, by the makers of SANS NetWars
  • Learn more: www.kringlecon.com
  • Play previous versions from free 24/7/365: www.holidayhackchallenge.com

Player Feedback!

  • “On to level 4 of the #holidayhackchallenge. Thanks again @edskoudis / @SANSPenTest team.” – @mikehodges
  • “#SANSHolidayHack Confession – I have never used python or scapy before. I got started with both today because of this game! Yay!” – @tww2b
  • “Happiness is watching my 12 yo meet @edskoudis at the end of #SANSHolidayHack quest. Now the gnomes #ProudHackerPapa” – @dnlongen
kringle_02

SANS Pen Test Cheat Sheet: Nmap v1.1

 

Whenever we attend information security conferences like DerbyCon, ShmooCon, or any of the many BSides we support, we always take SANS Pen Test Cheat Sheets with us and everyone that comes by the booth takes a few for themselves and their colleagues back at the office.

So… we have made them available for you to download, print, and share with others.

Ed Skoudis and the fine folks at Counter Hack have put together a nifty Nmap cheat sheet covering some of the most useful options of everyone’s favorite general-purpose port scanner, Nmap.  And, with its scripting engine, Nmap can do all kinds of wonderful things for security professionals.

Please check out the updated cheat sheet below.  Even if you are an experienced attacker, it might cover a tip or trick that’s new and useful to you.

Nmap_CheatSheet_page1

2-Page, Printable, PDF: NmapCheatSheetv1.1

Oh… we just made something that we think is pretty helpful. Here is a desktop wallpapers, in multiple sizes, based on the Nmap Cheat Sheet for you to download and use.

(Click on the image for full-sized version to download)

NMAP_1280X1024NMap_1280x1024
NMAP_1920X1080NMap_1920x1080
NMAP_5120X2880NMap_5120x2880

Learn how to use Nmap and penetration testing methods, techniques, and tools in SANS SEC560: Network Penetration Testing and Ethical Hacking.

–Ed Skoudis.

SANS Fellow
Counter Hack Challenges Founder

Upcoming SANS Special Event – 2018 Holiday Hack Challenge

KringleCon

SANS Holiday Hack Challenge – KringleCon 2018

  • Free SANS Online Capture-the-Flag Challenge
  • Our annual gift to the entire Information Security Industry
  • Designed for novice to advanced InfoSec professionals
  • Fun for the whole family!!
  • Build and hone your skills in a fun and festive roleplaying like video game, by the makers of SANS NetWars
  • Learn more: www.kringlecon.com
  • Play previous versions from free 24/7/365: www.holidayhackchallenge.com

Player Feedback!

  • “On to level 4 of the #holidayhackchallenge. Thanks again @edskoudis / @SANSPenTest team.” – @mikehodges
  • “#SANSHolidayHack Confession – I have never used python or scapy before. I got started with both today because of this game! Yay!” – @tww2b
  • “Happiness is watching my 12 yo meet @edskoudis at the end of #SANSHolidayHack quest. Now the gnomes #ProudHackerPapa” – @dnlongen
kringle_02