GIAC Exploit Researcher and Advanced Penetration Tester (GXPN) icon

GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)

The GIAC Exploit Researcher and Advanced Penetration Tester certification validates a practitioner's ability to find and mitigate significant security flaws in systems and networks. GXPN certification holders have the skills to conduct advanced penetration tests and model the behavior of attackers to improve system security, and the knowledge to demonstrate the business risk associated with these behaviors.

Areas Covered

  • Network Attacks, Crypto, Network Booting, and Restricted Environments
  • Python, Scapy, and Fuzzing
  • Exploiting Windows and Linux for Penetration Testers

Who is GXPN for?

  • Network Penetration Testers
  • Systems Penetration Testers
  • Incident Handlers
  • Application Developers
  • IDS Engineers
  • Security personnel responsible for assessing target networks, systems and applications to find vulnerabilities

GXPN with CyberLive

GIAC knows that cyber security professionals need:

  • Discipline-specific certifications
  • Practical testing that validates their knowledge and hands-on skills

In response to this industry-wide need, GIAC developed CyberLive - hands-on, real-world practical testing.

CyberLive testing creates a lab environment where cyber practitioners prove their knowledge, understanding, and skill using:

  • Actual programs
  • Actual code
  • Virtual machines

Candidates are asked practical questions that require performance of real-world-like tasks that mimic specialized job roles.

Find out more about CyberLive here.

Exam Format

  • 1 proctored exam
  • 60 questions
  • 3 hours
  • Minimum passing score of 67%

Delivery

NOTE: All GIAC Certification exams are web-based and required to be proctored. There are two proctoring options: remote proctoring through ProctorU, and onsite proctoring through PearsonVUE. Click here for more information.

GIAC certification attempts will be activated in your GIAC account after your application has been approved and according to the terms of your purchase. Details on delivery will be provided along with your registration confirmation upon payment. You will receive an email notification when your certification attempt has been activated in your account. You will have 120 days from the date of activation to complete your certification attempt.

Exam Certification Objectives & Outcome Statements

  • Accessing the Network
    The candidate will demonstrate an understanding of how to bypass network access control systems.
  • Advanced Fuzzing Techniques
    The candidate will be able to develop custom fuzzing test sequences using the Sulley framework, measure code coverage in fuzzing, identify the limitations of fuzzing, and identify ways to improve a fuzzer.
  • Advanced Stack Smashing
    The candidate will demonstrate an understanding of how to write advanced stack overflow exploits against canary-protected programs and ASLR.
  • Client Exploitation and Escape
    The candidate will demonstrate an understanding of bypassing or exploiting restricted Windows or Linux client environments, and exploiting or interacting with client environments using tools like Powershell.
  • Crypto for Pen Testers
    The candidate will be able to attack and exploit common weaknesses in cryptographic implementations.
  • Exploiting the Network
    The candidate will demonstrate an understanding of how to exploit common vulnerabilities in modern networks attacking client systems and common network protocols.
  • Fuzzing Introduction and Operation
    The candidate will demonstrate an understanding of the benefits and practical application of protocol fuzzing to identify flaws in target software systems.
  • Introduction to Memory and Dynamic Linux Memory
    The candidate will demonstrate a basic understanding of X86 processor architecture, Linux memory management, assembly and the linking and loading process.
  • Introduction to Windows Exploitation
    The candidate will demonstrate an understanding of Windows constructs required for exploitation and the most common OS and Compile-Time Controls.
  • Manipulating the Network
    The candidate will demonstrate an understanding of how to manipulate common network systems to gain escalated privileges and the opportunity to exploit systems.
  • Python and Scapy For Pen Testers
    The candidate will demonstrate an understanding of the ability to read and modify Python scripts and packet crafting using Scapy to enhance functionality as required during a penetration test.
  • Shellcode
    The candidate will demonstrate the ability to write shellcode on the Linux operating system, and demonstrate an understanding of the Windows shellcode methodology.
  • Smashing the Stack
    The candidate will demonstrate an understanding of how to write basic exploits against stack overflow vulnerabilities.
  • Windows Overflows
    The candidate will demonstrate an understanding of how to exploit Windows vulnerabilities on the stack, and bypass memory protections.

Other Resources

  • Training is available in a variety of modalities including live training and OnDemand
  • Practical work experience can help ensure that you have mastered the skills necessary for certification
  • College level courses or self paced study through another program or materials may meet the needs for mastery.
  • Get information about the procedure to contest exam results.
2340x500-generic-2-background-only_copy.jpg

Find Affiliate Training

Explore affiliate training options to prepare for your GIAC certification exam.