GXPN - getz!

After the many weeks of crazy after-office hours and weekends, I've finally went for the first attempt and passed the GIAC GXPN http://www.giac.org/certification/exploit-researcher-advanced-penetration-tester-gxpn . It's quite a challenge and probably the hardest examination I've ever took since my computer engineering degree days. For me, I attended Stephen Sim's class (SANS SEC660) and it was the best EVAR. Although things get pretty hairy after day 3, it's totally worth it. And I'm thankful for my company who sponsored the hefty amount. If you're into security, it's like attending a rock concert and get wow-ed at every juncture of the course.

If you decide, however, not to attend SANS SEC660 and do a GIAC attempt, you could do so too. Some tips on preparation can be found @ iPostive's blog: http://ipositivesecurity.blogspot.sg/2012/08/passed-giac-gxpn-exam.html

Btw, GXPN is a 3-hour open book examination and you're allowed to use the course materials. Open-book examinations are usually tougher and kinda applies in this case too. For those who have signed up or intend to attempt the GIAC GXPN in the near future, I've made an index for a quick-flip (trust me - you'll probably need it) and a "time reference" table to help keep track of time since you can only skip 5 questions. http://pastebin.com/wwPVMiqc

Some ways to use it:

1. Use word or some open source office tools to split the page to 3 columns

2. Cut and paste the contents from the pastebin.com link http://pastebin.com/wwPVMiqc

3. Shrink the margin or font to your preference to fit to the number of pages (mine is a 2-page index)

4. You could add/remove more keywords/phrases/toolnames into the index to make it better for your own use.

So what's with the page?

If it says for e.g. Tool X 4.125 - it means Book 4, page 125.

If you want to know how GIAC GXPN is like, you could also goto http://www.pwnag3.com/2012/10/gxpn-review.html to read his/her review.

So what do the candidate need to prepare:

Try this link: http://www.giac.org/certification/exploit-researcher-advanced-penetration-tester-gxpn

Some tips that helped me:

1. Do the TWO practice exams - they are a good indicator. I got 60% without any book reference. Got a 77% for 2nd practice. And final got a 78%. (Not great, but i'm thankful I've passed. I wished I studied more.)

2. You have to know your basics (nmap, cain rdp mitm, lsa, etc). They are not found in GXPN coursewares and I suspect they are from the SEC560 coursewares. Not too sure about that.

3. You have to know your stuffs really well. Reading is NOT good enough - you'll need to set up your lab environment and spend time working. There's really no shortcut to this - you can't braindump bruteforce your way through this exam.

NOW I AM A FREE BIRD =D Gonna go celebrate a little before returning to my side projects ;)

To the GXPN attempters: Good luck folks!

J.S out.