Click to read the GCIH description.
-
- Analyst
- Name
- Practical
- Version
- Exams
- Recert
- Expires
-
-
589
- GOLD - Todd Whitley
- ASLEAP to Exploit Vulnerabilities in Cisco LEAP
- v3.0
- 89 , 88
- --
- Expired
-
589
-
-
588
- GOLD - Jeff Pike
- Discovering a Local SUID Exploit
- v3.0
- 96 , 95
- 97
- Jun 30, 2012
-
588
-
-
587
- GOLD - Lasse Sundstrom
- Local Kernel Vulnerability in mremap(2)
- v3.0
- 93 , 95
- --
- Expired
-
587
-
-
586
- GOLD - Fredrick Hartley
- Exploiting Solaris Operating Systems with Hidden Kernel Modules
- v3.0
- 81 , 84
- --
- Expired
-
586
-
-
585
- GOLD - Ivars Suba
- SMBRelay: Still Present After 3 Years
- v3.0
- 84 , 87
- --
- Expired
-
585
-
-
584
- GOLD - Shannon McNaught
- Hacker Techniques, Exploits and Incident Handling
- v3.0
- 89 , 84
- --
- Expired
-
584
-
-
583
- GOLD - Slade Griffin
- Whats the MS04-011?
- v3.0
- 95 , 87
- --
- Expired
-
583
-
-
582
- GOLD - Michael Lastor
- Real Network's Remote Server Remote Root Exploit
- v3.0
- 93 , 92
- 99, 96
- Jun 30, 2012
-
582
-
-
581
- GOLD - Kenneth Dean
- Cracking LDAP User Passwords and Associated Exploits
- v3.0
- 84 , 81
- --
- Expired
-
581
-
-
580
- GOLD - James Balcik
- Robbing the Bank with ITS/MHTML Protocol Handler
- v3.0
- 93 , 92
- 89, 93
- Jun 30, 2012
-
580
-
-
579
- GOLD - Ray Strubinger
- A Buffer Overflow Exploit Against the DameWare Remote Control Software
- v3.0
- 97 , 89
- 98
- Jun 30, 2012
-
579
-
-
578
- GOLD - Greg Schultz
- Looking for Weak Passwords
- v3.0
- 84 , 92
- --
- Expired
-
578
-
-
577
- GOLD - Erik Plaggenmarsch
- Remote Exploit of a Local Vulnerability
- v3.0
- 84 , 92
- --
- Expired
-
577
-
-
576
- GOLD - Chip Childers
- SSLSniff and IEs Certification Chain Validation Vulnerability: Decomposing an Insider Threat to a Sensitive Web Application
- v3.0
- 90 , 95
- --
- Expired
-
576
-
-
575
- GOLD - Stuart Gross
- Shoveling SHells with a DmeWare Exploit
- v3.0
- 88 , 89
- --
- Expired
-
575
-
-
574
- GOLD - Everett Hinckley
- Linux Kernel mremap Vulnerability
- v3.0
- 95 , 89
- 96, 93
- Apr 30, 2012
-
574
-
-
573
- GOLD - Yehia Fathi
- MS Blaster worm to generate an attack via unauthorized wireless internet access
- v3.0
- 81 , 91
- --
- Expired
-
573
-
-
572
- GOLD - Kurt Hinson
- A Bagel Bites Back: An Analysis of the Bagle/J Worm
- v3.0
- 95 , 89
- --
- Expired
-
572
-
-
571
- GOLD - Holger van Lengerich
- X11 Forwarding of SSH considered harmful
- v3.0
- 92 , 88
- --
- Expired
-
571
-
-
570
- GOLD - Aaron Smith
- Bad ESMTP Verb Usage Equals Bad Times for Exchange
- v3.0
- 92 , 91
- 97
- May 31, 2012
-
570
-
-
569
- GOLD - Charlotte Sawyer
- SSH and Fuzzy Fingerprints
- v3.0
- 97 , 88
- --
- Expired
-
569
-
-
568
- GOLD - Matthew Goldencrown
- MyDoom is your Dom: An Anlysis of the MyDoom Virus
- v3.0
- 88 , 91
- --
- Expired
-
568
-
-
567
- GOLD - Ken Ramsay
- SMB Shares Worms - A Parasitic Relationship?
- v3.0
- 85 , 91
- --
- Expired
-
567
-
-
566
- GOLD - Michael Harbison
- Out of Bounds Windows Workstation Service
- v3.0
- 83 , 72
- --
- Expired
-
566
-
-
565
- GOLD - Jim Kuiphof
- Author DameWare Mini Remote Control Vulnerability Analysis and Sample Incident Response
- v3.0
- 91 , 85
- 97, 96
- Apr 30, 2012
-
565
-
-
564
- GOLD - Jon Lucenius
- How Jacks ID was Hijacked by a Cross-Site Scripting (XSS) Attack
- v3.0
- 91 , 88
- --
- Expired
-
564
-
-
563
- GOLD - Jim LaValley
- Stay Alert While Browsing the Internet
- v3.0
- 89 , 85
- 93
- Apr 30, 2012
-
563
-
-
562
- GOLD - Jim Hendrick
- Author Intruder Alert: Why Internal Security must not take a back seat.
- v3.0
- 97 , 96
- 100, 100
- Apr 30, 2012
-
562
-
-
561
- GOLD - Brian Thomson
- LSADUMP2 - Who Let The Secrets Out?
- v3.0
- 87 , 89
- --
- Expired
-
561
-
-
560
- GOLD - Sherman Hung
- Optixpro 1.31 And Netdevil1.5 Trojan Backdoor Expolits
- v3.0
- 93 , 89
- --
- Expired
-
560
-
-
549
- GOLD - Alfredo Lopez
- Author Attack on "University" - DCOM RPC vulnerability
- v3.0
- 75 , 93
- --
- Expired
-
549
-
-
548
- GOLD - Dean Farrington
- Microsoft RPC-DCOM Buffer Overflow Attack using Dcom.c
- v3.0
- 96 , 91
- 97, 92
- Apr 30, 2012
-
548
-
-
547
- GOLD - Douglas Ridgeway
- Linksys BEFSR41 Compromise: From Buffer Overflow to Simple URL Manipulation
- v3.0
- 91 , 85
- --
- Expired
-
547
-
-
546
- GOLD - Travis West
- Using DWMRCEXP.C to Exploit the DameWare MRC Server Pre-Authentication Buffer Overflow Vulnerability
- v3.0
- 95 , 91
- --
- Expired
-
546
-
-
545
- GOLD - Joel Kirch
- Multithreaded, Dictionary-Based, Brute Force Password Attack on Linksys BEFSR41 With Remote Management Enabled Using A Modified THC-Hydra Tool
- v3.0
- 92 , 87
- --
- Expired
-
545
-
-
544
- GOLD - Peter Hewitt
- All Your Base Are Belong To Someone Else: An Analysis Of The Windows Messenger Service Buffer Overflow Vulnerability
- v3.0
- 99 , 93
- --
- Expired
-
544
-
-
543
- GOLD - Benjamin Corll
- Welchia Worm vs. Policy Makers Fighting Malware with Policy, not with Fire
- v3.0
- 87 , 88
- --
- Expired
-
543
-
-
542
- GOLD - Margaret Layton
- The enemy within: Handling the Insider Threat posed by Shatter Attacks
- v3.0
- 92 , 77
- 93, 88
- Mar 31, 2012
-
542
-
-
541
- GOLD - Steve Pitts
- VPN Aggressive Mode Pre-shared Key Brute Force Attack
- v3.0
- 87 , 92
- --
- Expired
-
541
-
-
540
- GOLD - Keith Wilcox
- Exploiting a PHP Include() Vulnerability to gain a remote rootshell
- v3.0
- 81 , 72
- --
- Expired
-
540
-
-
539
- GOLD - Timothy Hall
- The Educational Facilitys Network
- v3.0
- 83 , 75
- --
- Expired
-
539
-
-
538
- GOLD - Jason Westmacott
- Internet Explorer Self Executing HTML and the Social Engineer
- v3.0
- 93 , 92
- --
- Expired
-
538
-
-
537
- GOLD - James Purcell
- Attacking and Defending Microsoft Small Business Server 2003
- v3.0
- 95 , 92
- --
- Expired
-
537
-
-
536
- GOLD - David Perez
- Catch the culprit!
- v3.0
- 100 , 95
- --
- GSE
-
536
-
535
- GOLD - David Bruno
- Macromedia ColdFusion RDS default condition exploit - Honors
- v3.0
- 92 , 85
- --
- Expired
-
534
- GOLD - Justin Smith
- Exploiting the ProFTPD Server in a DMZ Environment
- v3.0
- 87 , 87
- --
- Expired
-
533
- GOLD - Timothy Grant
- Incident Handling Process: Blaster Worm Exploit
- v3.0
- 95 , 81
- --
- Expired
-
532
- GOLD - Ken Rode
- Greymatter Remote Command Execution Vulnerability - Honors
- v3.0
- 93 , 95
- --
- Expired
-
531
- GOLD - Dave Shackleford
- The Yin and the Yang: A Sordid Tale of Information Security, OR DCOM, Netcat, and a Live Response, OH MY! - Honors
- v3.0
- 96 , 92
- --
- Expired
-
530
- GOLD - Jason Lam
- Attack on GIAC Enterprises Network
- v3.0
- 92 , 92
- --
- Expired
-
529
- GOLD - Wai-Kit Ho
- An Attacker On RPC Compromised Remote VPN Host Runs Arbitrary Code on Microsoft Exchange Server 2000
- v3.0
- 83 , 84
- --
- Expired
-
528
- GOLD - Zdravko Pribeg
- Oversights Add Up: MySQL Buffer Overflow
- v3.0
- 89 , 89
- --
- Expired
-
527
- GOLD - Peter Beckley
- WebDAV Buffer Overflow Vulnerability
- v3.0
- 81 , 92
- 95, 93
- Feb 29, 2012
-
526
- GOLD - Chris Perst
- ProFTPD ASCII File Transfer Buffer Overflow Vulnerability
- v3.0
- 88 , 88
- --
- Expired
-
525
- GOLD - Paul Wright
- How to stop someone exploiting the do_brk () vulnerability of the Linux Kernel to gain root and then steal your Intellectual Property.
- v3.0
- 93 , 93
- --
- GSM
-
524
- GOLD - Brad Johnson
- Combating the Nachia Worm in Enterprise Environments
- v3.0
- 88 , 87
- 75
- Feb 29, 2012
-
523
- GOLD - Stanley Yachera
- GIAC Certified Incident Handling Practical
- v3.0
- 92 , 89
- 91
- Feb 29, 2012
-
522
- GOLD - Rick Slade
- Skinning a LAN with a Media Player Vulnerability
- v3.0
- 85 , 77
- --
- Expired
-
521
- GOLD - Eric Arnoth
- A Study of the o_wks.c Exploit for MS03-049
- v3.0
- 91 , 95
- 92, 92
- Feb 29, 2012
-
520
- GOLD - Russ Griffith
- Nachi to the Rescue?
- v3.0
- 95 , 89
- 93, 99
- Jan 31, 2012
-
519
- GOLD - Patti Lawrence
- Exploiting Heap Overflow in Microsoft Messenger Service with msgr07.exe
- v3.0
- 95 , 92
- --
- Expired
-
518
- GOLD - Jeff Garrett
- The Microsoft RPC Interface DCOM Buffer Overrun Vulnerability Exploited by the DCOM.C Exploit
- v3.0
- 97 , 83
- --
- Expired
-
517
- GOLD - Eugene Bransfield
- The Welchia Worm
- v3.0
- 77 , 87
- 86
- Jan 31, 2010
-
516
- GOLD - Steve Smith
- Windows Media Services NSIISLOG.DLL Remote Buffer Overflow
- v3.0
- 92 , 85
- 97, 96
- Jan 31, 2012
-
515
- GOLD - Kris Vangeneugden
- OpenBSD Privilege Escalation
- v3.0
- 92 , 96
- --
- Expired
-
514
- GOLD - Stephen Hall
- When Script-kiddies become the target, as well as the menace: A variant of the WU-FTPD File Globbing Heap Corruption Vulnerability
- v3.0
- 84 , 87
- 99, 99
- Jan 31, 2012
-
513
- GOLD - Don Murdoch
- Session stealing with WebMin
- v3.0
- 95 , 96
- 95, 89
- Jan 31, 2012
-
512
- GOLD - T. Brian Granier
- Netcat is your friend
- v3.0
- 92 , 80
- --
- Sep 30, 2011
-
511
- GOLD - Gary Dziak
- Cisco VPN Client Privilege Escalation Vulnerability
- v2.1a
- 87 , 83
- 83, 85
- Dec 31, 2011
-
510
- GOLD - Reid Stephan
- Swen: The Worm with Social Engineering Aspirations
- v3.0
- 87 , 83
- --
- Expired
-
509
- GOLD - Christanya Gordon
- Advanced Incident Handling and Hacker Exploits
- v2.1a
- 81 , 80
- --
- Expired
-
508
- GOLD - Denis Brooker
- Hacker Techniques, Exploits, and Incident Handling
- v3.0
- 95 , 93
- 89, 84
- Dec 31, 2011
-
507
- GOLD - Dan Gilbert
- The One Packet Wonder:HD Moore's rootdown.pl
- v3.0
- 87 , 88
- --
- Expired
-
506
- GOLD - Mike Mahurin
- The Tactical Use of Rainbow Crack to Exploit Windows Authentication in a Hybrid Physical-Electronic Attack
- v3.0
- 95 , 87
- 100, 96
- Dec 31, 2011
-
505
- GOLD - Jason Kelly
- Pass
- v2.1a
- 93 , 87
- --
- Expired
-
504
- GOLD - Linda Bourbeau
- RPC Overflow Vulnerability - Examining the Nachi Exploit
- v2.1a
- 91 , 77
- --
- Expired
-
503
- GOLD - Brian Porter
- RPC-DCOM Vulnerability & Exploit
- v2.1a
- 96 , 93
- 93, 95
- Nov 30, 2011
-
502
- GOLD - Shaheem Motlekar
- Red Team Assessment of a GIAC Enterprises Security Design
- v2.1a
- 77 , 81
- --
- Expired
-
501
- GOLD - Karmendra Kohli
- My First Incident Handling Experience
- v2.1a
- 96 , 96
- 99, 97
- Nov 30, 2011
-
500
- GOLD - Charles Hamby
- Breaking Windows 2000 Passwords via LDAP Password Crackers
- v2.1a
- 83 , 84
- --
- Expired
-
499
- GOLD - Brandon Young
- WebDAV: The new nemesis of IIS Administrators
- v2.1a
- 97 , 95
- --
- Expired
-
498
- GOLD - Jim Sproule
- Support for the Cyber Defence Initiative: SNMP - Hiding in Plain Sight
- v2.1a
- 95 , 88
- --
- Expired
-
497
- GOLD - David Hefley
- UDP Port 1434 - Services, Vulnerabilities and Exploits
- v2.1a
- 85 , 93
- 97, 92
- Oct 31, 2011
-
496
- GOLD - Sangita Pakala
- Penetration Testing of a Secure Network
- v2.1a
- 85 , 92
- 99, 99
- Oct 31, 2011
-
495
- GOLD - Richard Hayler
- RPC/DCOM vulnerability exploited via a wireless network.
- v2.1a
- 95 , 89
- --
- Expired
-
494
- GOLD - Nicholas Garner
- Honeypots for Incident Handling Education
- v2.1a
- 87 , 91
- --
- Expired
-
493
- GOLD - Wayne Freeman
- An Analysis of the Microsoft RPC/DCOM Vulnerability
- v2.1a
- 93 , 83
- --
- Expired
-
492
- GOLD - Heather Larrieu
- A J0k3r Takes Over
- v2.1a
- 96 , 96
- --
- Expired
-
491
- GOLD - Rich Barger
- The Blind Leading The Blind - Sadmind/IIS Worm
- v2.1a
- 79 , 79
- 92, 85
- Oct 31, 2011
-
490
- GOLD - Matthew Carver
- *Pass
- v2.1a
- 89 , 85
- --
- Expired
-
489
- GOLD - John Van Hoogstraten
- Blasting Windows: An Analysis of the W32/Blaster Worm
- v2.1a
- 93 , 95
- 97, 99
- Oct 31, 2011
-
488
- GOLD - Sonali Gupta
- Red Team Assessment Of a GCFW Practical Network Design
- v2.1a
- 93 , 89
- 99, 100
- Oct 31, 2011
-
487
- GOLD - Raul Siles
- Real World ARP Spoofing
- v2.1a
- 87 , 95
- --
- GSE
-
486
- GOLD - Jon Zerden
- Using Social Engineering and Sniffing Techniques To Change An Employees Salary - A True Story
- v2.1a
- 85 , 93
- --
- Expired
-
485
- GOLD - William Tucek
- Exploit in Action: Lovgate - Lessons Learned From The Lovgate Worm
- v2.1a
- 84 , 81
- --
- Expired
-
484
- GOLD - Byron Darrah
- Exploiting Sambas SMBTrans2 Vulnerability
- v2.1a
- 96 , 89
- 96, 97
- Oct 31, 2011
-
483
- GOLD - Derek Pence
- Lovgate and the Enterprise
- v2.1a
- 89 , 88
- --
- Expired
-
482
- GOLD - Ty Kirk
- Line Me Up Port 80: Apache Linefeed Denial of Service Attack
- v2.1a
- 91 , 85
- --
- Expired
-
481
- GOLD - John Ives
- A Weak Password And A Windows Rootkit: A Recipe For Trouble
- v2.1a
- 96 , 95
- --
- Expired
-
480
- GOLD - David Bianco
- Tracking Butthead: An Encounter With an SSL Script Kiddie
- v2.1a
- 99 , 92
- 99, 99
- Oct 31, 2011
Some practicals are purposely not linked so as not to prematurely disclose answers to those still completing the assignment.
bold text denotes Honors received on the practical
