GPEN GIAC Certified Penetration Tester All-in-One Exam Guide
- 7h 51m
- Bill MacCormack, Ray Nutting
This effective study guide provides 100% coverage of every topic on the GPEN GIAC Penetration Tester exam
This effective self-study guide fully prepares you for the Global Information Assurance Certification’s challenging Penetration Tester exam, which validates advanced IT security skills. The book features exam-focused coverage of penetration testing methodologies, legal issues, and best practices. GPEN GIAC Certified Penetration Tester All-in-One Exam Guide contains useful tips and tricks, real-world examples, and case studies drawn from authors’ extensive experience. Beyond exam preparation, the book also serves as a valuable on-the-job reference.
Covers every topic on the exam, including:
- Pre-engagement and planning activities
- Reconnaissance and open source intelligence gathering
- Scanning, enumerating targets, and identifying vulnerabilities
- Exploiting targets and privilege escalation
- Password attacks
- Post-exploitation activities, including data exfiltration and pivoting
- PowerShell for penetration testing
- Web application injection attacks
- Tools of the trade: Metasploit, proxies, and more
About the Authors
Raymond Nutting, CompTIA PenTest+™, CISSP-ISSEP, is a published author and security practitioner with over 20 years of experience in the field of information security. He is the co-owner and founder of nDepth Security, a managed security service provider that specializes in penetration testing. Ray holds numerous industry-recognized certifications and has presented at various conferences and events throughout his career.
William MacCormack, GPEN, GSE, is a reformed systems administrator who has worked in IT for over 15 years and is currently a penetration tester for a small cybersecurity firm located in Columbia, MD. He currently teaches penetration testing at a local community college and in his free time mentors high school students beginning their cybersecurity education.
In this Book
Planning and Preparation
Persistence, Privilege Escalation, and Evasion
Discovery and Lateral Movement
Data Collection and Exfiltration
Writing and Communicating the Pentest Report