Click to read the GCIH description.
-
- Analyst
- Name
- Practical
- Version
- Score
- Expires
-
-
589
- GOLD - Todd Whitley
- ASLEAP to Exploit Vulnerabilities in Cisco LEAP
- v3.0
- 89
- Jun 30, 2008
-
589
-
-
588
- GOLD - Jeff Pike
- Discovering a Local SUID Exploit
- v3.0
- 97
- Jun 30, 2012
-
588
-
-
587
- GOLD - Lasse Sundstrom
- Local Kernel Vulnerability in mremap(2)
- v3.0
- 95
- Jun 30, 2008
-
587
-
-
586
- GOLD - Fredrick Hartley
- Exploiting Solaris Operating Systems with Hidden Kernel Modules
- v3.0
- 84
- Jun 30, 2008
-
586
-
-
585
- GOLD - Ivars Suba
- SMBRelay: Still Present After 3 Years
- v3.0
- 87
- Jun 30, 2008
-
585
-
-
584
- GOLD - Shannon McNaught
- Hacker Techniques, Exploits and Incident Handling
- v3.0
- 89
- Jun 30, 2008
-
584
-
-
583
- GOLD - Slade Griffin
- Whats the MS04-011?
- v3.0
- 95
- Jun 30, 2008
-
583
-
-
582
- GOLD - Michael Lastor
- Real Network's Remote Server Remote Root Exploit
- v3.0
- 99
- Jun 30, 2012
-
582
-
-
581
- GOLD - Kenneth Dean
- Cracking LDAP User Passwords and Associated Exploits
- v3.0
- 84
- Jun 30, 2008
-
581
-
-
580
- GOLD - James Balcik
- Robbing the Bank with ITS/MHTML Protocol Handler
- v3.0
- 93
- Jun 30, 2012
-
580
-
-
579
- GOLD - Ray Strubinger
- A Buffer Overflow Exploit Against the DameWare Remote Control Software
- v3.0
- 98
- Jun 30, 2012
-
579
-
-
578
- GOLD - Greg Schultz
- Looking for Weak Passwords
- v3.0
- 92
- Jun 30, 2008
-
578
-
-
577
- GOLD - Erik Plaggenmarsch
- Remote Exploit of a Local Vulnerability
- v3.0
- 92
- Jun 30, 2008
-
577
-
-
576
- GOLD - Chip Childers
- SSLSniff and IEs Certification Chain Validation Vulnerability: Decomposing an Insider Threat to a Sensitive Web Application
- v3.0
- 95
- Jun 30, 2008
-
576
-
-
575
- GOLD - Stuart Gross
- Shoveling SHells with a DmeWare Exploit
- v3.0
- 89
- Apr 30, 2008
-
575
-
-
574
- GOLD - Everett Hinckley
- Linux Kernel mremap Vulnerability
- v3.0
- 96
- Apr 30, 2012
-
574
-
-
573
- GOLD - Yehia Fathi
- MS Blaster worm to generate an attack via unauthorized wireless internet access
- v3.0
- 91
- May 31, 2008
-
573
-
-
572
- GOLD - Kurt Hinson
- A Bagel Bites Back: An Analysis of the Bagle/J Worm
- v3.0
- 95
- May 31, 2008
-
572
-
-
571
- GOLD - Holger van Lengerich
- X11 Forwarding of SSH considered harmful
- v3.0
- 92
- May 31, 2008
-
571
-
-
570
- GOLD - Aaron Smith
- Bad ESMTP Verb Usage Equals Bad Times for Exchange
- v3.0
- 97
- May 31, 2012
-
570
-
-
569
- GOLD - Charlotte Sawyer
- SSH and Fuzzy Fingerprints
- v3.0
- 97
- May 31, 2008
-
569
-
-
568
- GOLD - Matthew Goldencrown
- MyDoom is your Dom: An Anlysis of the MyDoom Virus
- v3.0
- 91
- May 31, 2008
-
568
-
-
567
- GOLD - Ken Ramsay
- SMB Shares Worms - A Parasitic Relationship?
- v3.0
- 91
- May 31, 2008
-
567
-
-
566
- GOLD - Michael Harbison
- Out of Bounds Windows Workstation Service
- v3.0
- 83
- May 31, 2008
-
566
-
-
565
- GOLD - Jim Kuiphof
- Author DameWare Mini Remote Control Vulnerability Analysis and Sample Incident Response
- v3.0
- 97
- Apr 30, 2012
-
565
-
-
564
- GOLD - Jon Lucenius
- How Jacks ID was Hijacked by a Cross-Site Scripting (XSS) Attack
- v3.0
- 91
- Apr 30, 2008
-
564
-
-
563
- GOLD - Jim LaValley
- Stay Alert While Browsing the Internet
- v3.0
- 93
- Apr 30, 2012
-
563
-
-
562
- GOLD - Jim Hendrick
- Author Intruder Alert: Why Internal Security must not take a back seat.
- v3.0
- 100
- Apr 30, 2012
-
562
-
-
561
- GOLD - Brian Thomson
- LSADUMP2 - Who Let The Secrets Out?
- v3.0
- 89
- Apr 30, 2008
-
561
-
-
560
- GOLD - Sherman Hung
- Optixpro 1.31 And Netdevil1.5 Trojan Backdoor Expolits
- v3.0
- 93
- Apr 30, 2008
-
560
-
-
549
- GOLD - Alfredo Lopez
- Author Attack on "University" - DCOM RPC vulnerability
- v3.0
- 93
- Apr 30, 2008
-
549
-
-
548
- GOLD - Dean Farrington
- Microsoft RPC-DCOM Buffer Overflow Attack using Dcom.c
- v3.0
- 97
- Apr 30, 2012
-
548
-
-
547
- GOLD - Douglas Ridgeway
- Linksys BEFSR41 Compromise: From Buffer Overflow to Simple URL Manipulation
- v3.0
- 91
- Mar 31, 2008
-
547
-
-
546
- GOLD - Travis West
- Using DWMRCEXP.C to Exploit the DameWare MRC Server Pre-Authentication Buffer Overflow Vulnerability
- v3.0
- 95
- Mar 31, 2008
-
546
-
-
545
- GOLD - Joel Kirch
- Multithreaded, Dictionary-Based, Brute Force Password Attack on Linksys BEFSR41 With Remote Management Enabled Using A Modified THC-Hydra Tool
- v3.0
- 92
- Mar 31, 2012
-
545
-
-
544
- GOLD - Peter Hewitt
- All Your Base Are Belong To Someone Else: An Analysis Of The Windows Messenger Service Buffer Overflow Vulnerability
- v3.0
- 99
- Mar 31, 2012
-
544
-
-
543
- GOLD - Benjamin Corll
- Welchia Worm vs. Policy Makers Fighting Malware with Policy, not with Fire
- v3.0
- 92
- Mar 31, 2012
-
543
-
-
542
- GOLD - Margaret Layton
- The enemy within: Handling the Insider Threat posed by Shatter Attacks
- v3.0
- 93
- Mar 31, 2012
-
542
-
-
541
- GOLD - Steve Pitts
- VPN Aggressive Mode Pre-shared Key Brute Force Attack
- v3.0
- 92
- Mar 31, 2008
-
541
-
-
540
- GOLD - Keith Wilcox
- Exploiting a PHP Include() Vulnerability to gain a remote rootshell
- v3.0
- 81
- Mar 31, 2008
-
540
-
-
539
- GOLD - Timothy Hall
- The Educational Facilitys Network
- v3.0
- 89
- Mar 31, 2012
-
539
-
-
538
- GOLD - Jason Westmacott
- Internet Explorer Self Executing HTML and the Social Engineer
- v3.0
- 93
- Mar 31, 2008
-
538
-
-
537
- GOLD - James Purcell
- Attacking and Defending Microsoft Small Business Server 2003
- v3.0
- 95
- Mar 31, 2008
-
537
-
-
536
- GOLD - David Perez
- Catch the culprit!
- v3.0
- 100
- GSE
-
536
-
-
535
- GOLD - David Bruno
- Macromedia ColdFusion RDS default condition exploit - Honors
- v3.0
- 92
- Mar 31, 2008
-
535
-
-
534
- GOLD - Justin Smith
- Exploiting the ProFTPD Server in a DMZ Environment
- v3.0
- 87
- Mar 31, 2008
-
534
-
-
533
- GOLD - Timothy Grant
- Incident Handling Process: Blaster Worm Exploit
- v3.0
- 95
- Mar 31, 2008
-
533
-
-
532
- GOLD - Ken Rode
- Greymatter Remote Command Execution Vulnerability - Honors
- v3.0
- 95
- Feb 29, 2008
-
532
-
-
531
- GOLD - Dave Shackleford
- The Yin and the Yang: A Sordid Tale of Information Security, OR DCOM, Netcat, and a Live Response, OH MY! - Honors
- v3.0
- 96
- Feb 29, 2008
-
531
-
-
530
- GOLD - Jason Lam
- Attack on GIAC Enterprises Network
- v3.0
- 92
- Feb 29, 2008
-
530
-
-
529
- GOLD - Wai-Kit Ho
- An Attacker On RPC Compromised Remote VPN Host Runs Arbitrary Code on Microsoft Exchange Server 2000
- v3.0
- 84
- Feb 29, 2008
-
529
-
-
528
- GOLD - Zdravko Pribeg
- Oversights Add Up: MySQL Buffer Overflow
- v3.0
- 89
- Feb 29, 2008
-
528
-
-
527
- GOLD - Peter Beckley
- WebDAV Buffer Overflow Vulnerability
- v3.0
- 95
- Feb 29, 2012
-
527
-
-
526
- GOLD - Chris Perst
- ProFTPD ASCII File Transfer Buffer Overflow Vulnerability
- v3.0
- 88
- Feb 29, 2008
-
526
-
-
524
- GOLD - Brad Johnson
- Combating the Nachia Worm in Enterprise Environments
- v3.0
- 88
- Feb 29, 2012
-
524
-
-
523
- GOLD - Stanley Yachera
- GIAC Certified Incident Handling Practical
- v3.0
- 92
- Feb 29, 2012
-
523
-
-
522
- GOLD - Rick Slade
- Skinning a LAN with a Media Player Vulnerability
- v3.0
- 85
- Feb 29, 2008
-
522
-
-
521
- GOLD - Eric Arnoth
- A Study of the o_wks.c Exploit for MS03-049
- v3.0
- 95
- Feb 29, 2012
-
521
-
-
520
- GOLD - Russ Griffith
- Nachi to the Rescue?
- v3.0
- 99
- Jan 31, 2012
-
520
-
-
519
- GOLD - Patti Lawrence
- Exploiting Heap Overflow in Microsoft Messenger Service with msgr07.exe
- v3.0
- 95
- Jan 31, 2008
-
519
-
-
518
- GOLD - Jeff Garrett
- The Microsoft RPC Interface DCOM Buffer Overrun Vulnerability Exploited by the DCOM.C Exploit
- v3.0
- 97
- Jan 31, 2008
-
518
-
-
517
- GOLD - Eugene Bransfield
- The Welchia Worm
- v3.0
- 87
- Jan 31, 2010
-
517
-
-
516
- GOLD - Steve Smith
- Windows Media Services NSIISLOG.DLL Remote Buffer Overflow
- v3.0
- 97
- Jan 31, 2012
-
516
-
-
515
- GOLD - Kris Vangeneugden
- OpenBSD Privilege Escalation
- v3.0
- 96
- Jan 31, 2008
-
515
-
-
514
- GOLD - Stephen Hall
- When Script-kiddies become the target, as well as the menace: A variant of the WU-FTPD File Globbing Heap Corruption Vulnerability
- v3.0
- 99
- Jan 31, 2012
-
514
-
-
513
- GOLD - Don Murdoch
- Session stealing with WebMin
- v3.0
- 96
- Jan 31, 2012
-
513
-
-
512
- GOLD - T. Brian Granier
- Netcat is your friend
- v3.0
- 92
- Sep 30, 2011
-
512
-
-
511
- GOLD - Gary Dziak
- Cisco VPN Client Privilege Escalation Vulnerability
- v2.1a
- 87
- Dec 31, 2011
-
511
-
-
510
- GOLD - Reid Stephan
- Swen: The Worm with Social Engineering Aspirations
- v3.0
- 87
- Dec 31, 2007
-
510
-
-
509
- GOLD - Christanya Gordon
- Advanced Incident Handling and Hacker Exploits
- v2.1a
- 81
- Dec 31, 2007
-
509
-
-
508
- GOLD - Denis Brooker
- Hacker Techniques, Exploits, and Incident Handling
- v3.0
- 95
- Dec 31, 2011
-
508
-
-
507
- GOLD - Dan Gilbert
- The One Packet Wonder:HD Moore's rootdown.pl
- v3.0
- 88
- Dec 31, 2007
-
507
-
-
506
- GOLD - Mike Mahurin
- The Tactical Use of Rainbow Crack to Exploit Windows Authentication in a Hybrid Physical-Electronic Attack
- v3.0
- 100
- Dec 31, 2011
-
506
-
-
505
- GOLD - Jason Kelly
- Pass
- v2.1a
- 93
- Nov 30, 2007
-
505
-
-
504
- GOLD - Linda Bourbeau
- RPC Overflow Vulnerability - Examining the Nachi Exploit
- v2.1a
- 91
- Nov 30, 2007
-
504
-
-
503
- GOLD - Brian Porter
- RPC-DCOM Vulnerability & Exploit
- v2.1a
- 96
- Nov 30, 2011
-
503
-
-
502
- GOLD - Shaheem Motlekar
- Red Team Assessment of a GIAC Enterprises Security Design
- v2.1a
- 81
- Nov 30, 2007
-
502
-
-
501
- GOLD - Karmendra Kohli
- My First Incident Handling Experience
- v2.1a
- 99
- Nov 30, 2011
-
501
-
-
500
- GOLD - Charles Hamby
- Breaking Windows 2000 Passwords via LDAP Password Crackers
- v2.1a
- 100
- Nov 30, 2011
-
500
-
-
499
- GOLD - Brandon Young
- WebDAV: The new nemesis of IIS Administrators
- v2.1a
- 97
- Oct 31, 2007
-
499
-
-
498
- GOLD - Jim Sproule
- Support for the Cyber Defence Initiative: SNMP - Hiding in Plain Sight
- v2.1a
- 95
- Oct 31, 2007
-
498
-
-
497
- GOLD - David Hefley
- UDP Port 1434 - Services, Vulnerabilities and Exploits
- v2.1a
- 97
- Oct 31, 2011
-
497
-
-
496
- GOLD - Sangita Pakala
- Penetration Testing of a Secure Network
- v2.1a
- 99
- Oct 31, 2011
-
496
-
-
495
- GOLD - Richard Hayler
- RPC/DCOM vulnerability exploited via a wireless network.
- v2.1a
- 95
- Oct 31, 2007
-
495
-
-
494
- GOLD - Nicholas Garner
- Honeypots for Incident Handling Education
- v2.1a
- 91
- Oct 31, 2007
-
494
-
-
493
- GOLD - Wayne Freeman
- An Analysis of the Microsoft RPC/DCOM Vulnerability
- v2.1a
- 93
- Oct 31, 2007
-
493
-
-
492
- GOLD - Heather Larrieu
- A J0k3r Takes Over
- v2.1a
- 96
- Oct 31, 2007
-
492
-
-
491
- GOLD - Rich Barger
- The Blind Leading The Blind - Sadmind/IIS Worm
- v2.1a
- 92
- Oct 31, 2011
-
491
-
-
490
- GOLD - Matthew Carver
- *Pass
- v2.1a
- 89
- Oct 31, 2007
-
490
-
-
489
- GOLD - John Van Hoogstraten
- Blasting Windows: An Analysis of the W32/Blaster Worm
- v2.1a
- 99
- Oct 31, 2011
-
489
-
-
488
- GOLD - Sonali Gupta
- Red Team Assessment Of a GCFW Practical Network Design
- v2.1a
- 100
- Oct 31, 2011
-
488
-
-
487
- GOLD - Raul Siles
- Real World ARP Spoofing
- v2.1a
- 95
- GSE
-
487
-
-
486
- GOLD - Jon Zerden
- Using Social Engineering and Sniffing Techniques To Change An Employees Salary - A True Story
- v2.1a
- 93
- Oct 31, 2007
-
486
-
-
485
- GOLD - William Tucek
- Exploit in Action: Lovgate - Lessons Learned From The Lovgate Worm
- v2.1a
- 84
- Oct 31, 2007
-
485
-
-
484
- GOLD - Byron Darrah
- Exploiting Sambas SMBTrans2 Vulnerability
- v2.1a
- 97
- Oct 31, 2011
-
484
-
-
483
- GOLD - Derek Pence
- Lovgate and the Enterprise
- v2.1a
- 89
- Oct 31, 2007
-
483
-
-
482
- GOLD - Ty Kirk
- Line Me Up Port 80: Apache Linefeed Denial of Service Attack
- v2.1a
- 91
- Oct 31, 2007
-
482
-
-
481
- GOLD - John Ives
- A Weak Password And A Windows Rootkit: A Recipe For Trouble
- v2.1a
- 98
- Feb 28, 2013
-
481
-
-
480
- GOLD - David Bianco
- Tracking Butthead: An Encounter With an SSL Script Kiddie
- v2.1a
- 99
- Oct 31, 2011
-
480
Some practicals are purposely not linked so as not to prematurely disclose answers to those still completing the assignment.
bold text denotes Honors received on the practical
