GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
TargetSecurity personnel whose job duties involve assessing target networks, systems and applications to find vulnerabilities. The GXPN certifies that candidates have the knowledge, skills, and ability to conduct advanced penetration tests, how to model the abilities of an advanced attacker to find significant security flaws in systems, and demonstrate the business risk associated with these flaws.
Preparing for the GXPN Exam: Candidates may choose to prepare for the GXPN exam by taking the SANS Training Course: SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking
*No Specific training is required for any GIAC certification. If candidates need help in mastering the objectives for this certification, there are many sources of information available. Practical experience is one option; there are also numerous books on the market covering Computer Information Security. Another option is SANS training, or any relevant courses from other training providers.*
- 1 proctored exam
- 75 questions
- Time limit of 3 hours
- Minimum Passing Score of 66%
Certifications must be renewed every 4 years. Click here for details.
NOTE: GIAC exams are NOT given the day after the conference ends.
GIAC certification attempts purchased without SANS training will be activated in your SANS/GIAC account within 24 business hours of purchase. GIAC certification attempts purchased with SANS training will be activated in your SANS/GIAC account 7 days after the end of the conference. In both cases, you will receive an email notification when your certification attempt has been activated in your account. You will have 120 days from the date of activation to complete your certification attempt. GIAC exams must be proctored through Pearson VUE. Please click the following link for instructions on How to Schedule Your GIAC Proctored Exam. GIAC exams are delivered online through a standard web browser.
- Certified Professionals (GXPN)
- Exam Feedback Procedure
- Grievance Procedure
- Proctored exam procedure
- SANS Information Security Reading Room
Bulletin (Part 2 of Candidate Handbook)
Exam Certification Objectives & Outcome Statements
The topic areas for each exam part follow:
- Accessing the Network
- The candidate will demonstrate an understanding of how to bypass network access control systems.
- Advanced Fuzzing Techniques
- The candidate will be able to develop custom fuzzing test sequences using the Sulley framework.
- Advanced Stack Smashing
- The candidate will demonstrate an understanding of how to write advanced stack overflow exploits against canary-protected programs and ASLR.
- Crypto for Pen Testers
- The candidate will be able to attack and exploit common weaknesses in cryptographic implementations.
- Escaping Restricted Environments
- The candidate will demonstrate an understanding of restricted environments in Linux and Windows, Desktop restriction techniques, as well as tools and techniques for bypassing them.
- Exploiting the Network
- The candidate will demonstrate an understanding of how to exploit common vulnerabilities in modern networks attacking client systems and common network protocols.
- Fuzzing Introduction and Operation
- The candidate will demonstrate an understanding of the benefits and practical application of protocol fuzzing to identify flaws in target software systems.
- Introduction to Memory and Dynamic Linux Memory
- The candidate will demonstrate a basic understanding of X86 processor architecture, Linux memory management, assembly and the linking and loading process.
- Introduction to Windows Exploitation
- The candidate will demonstrate an understanding of Windows constructs required for exploitation and the most common OS and Compile-Time Controls.
- Manipulating the Network
- The candidate will demonstrate an understanding of how to manipulate common network systems to gain escalated privileges and the opportunity to exploit systems.
- Network Boot Attacks
- The candidate will be able to attack and exploit common weaknesses in network boot environments, including DHCP, BOOTP, and PXE.
- Python and Scapy For Pen Testers
- The candidate will demonstrate an understanding of the ability to read and modify Python scripts and packet crafting using Scapy to enhance functionality as required during a penetration test.
- The candidate will demonstrate the ability to write shellcode on the Linux operating system, and demonstrate an understanding of the Windows shellcode methodology.
- Smashing the Stack
- The candidate will demonstrate an understanding of how to write basic exploits against stack overflow vulnerabilities.
- Windows Overflows
- The candidate will demonstrate an understanding of how to exploit Windows vulnerabilities on the stack, and bypass memory protections.
Where to Get Help
Training is available from a variety of resources including on line, course attendance at a live conference, and self study.
Practical experience is another way to ensure that you have mastered the skills necessary for certification. Many professionals have the experience to meet the certification objectives identified.
Finally, college level courses or study through another program may meet the needs for mastery.
The procedure to contest exam results can be found at http://www.giac.org/about/procedures/grievance.