Sunday, January 22, 2012

Goals for 2012

It’s been a long time since I have blogged, and one of my goals this year is to blog at least twice a month. I plan on having two types of post(s), a personal/goals update and a technical post, if I do additional posts in a month the post will be technical.

This post is my first post so it going to be a personal/goals nature. I got the idea of from my Australian friends Chris and Ash. Each year they lay out their study plans for various certifications. I plan on doing the same and adding other technical skills that I plan on working on this year (perhaps skills without a corresponding certification).

For certifications I am breaking them into three categories, new certifications maintenance of certifications and possible certifications. Maintenance will be for certifications requiring taking a test, however those like the CISSP requiring CPE’s will not be discussed. Possible certifications include some certifications that I want to take this year, but not sure if I will get them completed for various reasons.

This year I only have two that I must update. With the GSE all of my SANS/GIAC are maintained through renewing the GSE every four years. The two certifications I must renew are the Cisco Certified Security Professional (CCSP) and the Offensive Security Wireless Professional (OSWP).

Typically you renew a Cisco professional level certification by either passing a CCIE written or any professional (exam 642 number) level certification. Normally I update my CCSP by taking the Firewall (the current Cisco exam number is 642-617) exam. However last year Cisco changed the name from CCSP to CCNP Security, ironically enough the CCSP used to be known as the CCNP Security. Why the name change was made I have no idea, but one thing Cisco did I don’t like is they did not grandfather in current CCSP’s, unlike they did when the CCVP was converted to the CCNP Voice. Fortunately for me, if I understand the change correctly, I have to take the VPN (exam number is 642-647) to renew and convert my CCSP to the new CCNP Security. I must have this completed by July of this year, and my goal is to have this completed by end of May.

The second certification, the OWSP, I must renew is much more straight forward fashion. In December 2011, Offensive Security updated Offensive Security Wireless Attacks to version 3.0. Although it is not a requirement to update, I plan on updating because I loved this course/certification. My plan is to renew this certification by the end of June.

The next category of certifications is new ones I plan to achieve this year. All of these have been budgeted and approved (out of my own pocket). All certifications this I want to achieve this year are by Offensive Security with the exception of a SANS certification from last year.

The first certification I tackled this year, was actually a hold over from last year, is the GIAC Reverse Engineering Malware (GREM). In September of 2011 I took the corresponding SANS class, FOR 610 reverse engineering malware. My goal was to have this certification completed by the end of Janurary, which I accomplished on Jan 21st.

The next certification I plan on tackling is the Offensive Security Certified Professional (OSCP). This certification is about being able to perform penetration testing using backtrack. The certification exam is a 24 hour (continuous) lab test performing a pen test against an unknown number of targets. I have heard that you are only allowed to use tools a certain number of times, for example you cant use metaspolit to pop every box in the lab. I want to have this certification completed by March 23 this year. That date is important for several reasons, but the big one is I want to have it completed before I start my next certification. This certification includes the includes the Offensive Security Testing with Backtrack class.

Once I have the OSCP completed, my next certification I will actually hope to take with my friends Chris and Ash. Together we have decided to attempt the Offensive Security Certified Expert (OSCE). This certification is about being able to perform advanced penetration testing such as using fuzzing to find exploits, modifying exploit code to customize it, using GRE tunnels to sniff remote traffic. Once the class is completed you sit of a 48 hour (again continuous) lab perform a pen testing using more advanced techniques against unknown number of targets. Our tentative schedule is some time in the Sept/Oct time frame to complete. This certification includes the Offensive Security Cracking the Perimeter class.

The last certification I plan on trying this year is a new certification from Offensive Certification, the Offensive Security Web Expert (OSWE). This certification is all about performing attacks against web applications. These are common web attack’s including XSS, SQL Injection, CSRF, and Web Service’s against and unknown. The course and certification for this class, Advanced Web Attacks, is not available yet, but I plan on having this certification by the end of November, but could push to next year if the class is not available at that time.

The third category of certifications fall into ones I want to take but may or may not be able for various reasons. All of these certifications are GAIC certifications. The ones I might try to get are the GAIC Certified Penetration Tester (GPEN), GIAC Web Application Penetration Tester (GWAPT), and GAIC Forensics (GFOR).

The GPEN and GWAPT will be taken after the OSCP and OSWE respectively if I feel I can successfully challenge them. At this time my plan is complete the OSCP, and then buy a GPEN practice test to see how I do. If I feel I can successfully challenge the GPEN I will, if not then I will probably place this certification on the to be accomplished later list after I take the class. I plan on following the same process for the GWAPT. If I do challenge these exams it will be with-in one month of completing the OSCP and OSWE.

The other certification I would like to get is the GFOR, which is GIAC’s Forensics certification. This certification is proving that I can perform forensics analysis on computers. This is not my strongest area and will not attempt to challenge this exam with out completing the corresponding SANS FOR 508 class. If I do take this class it will be in September with a certification completed by the end of October.

Besides the certification’s I have several other goals. I want to really get into the python programming language, I want to write a vulnerable web application in ASP.NET, and finally I have some soft-skill goals as well.

I want to learn python, because it’s a cross platform language that is used in many common security tools. I can currently write some code in python, but want to become much more proficient with it.

I want to write a vulnerable ASP.NET app because most vulnerable web applications used for training/testing are written in PHP. ASP.NET is used a lot and I think it could use a new testing play ground! How big the app will be, what it will run on (i.e. straight IIS, SQL server or perhaps get it running on Sharepoint). I do know I plan on highlighting every vulnerability and how to fix each vulnerability.

Additional goals I have are to write and publish 4 articles in Hackin9 and/or PenTest Magazine. I also want to give at least 2 presentations to either security groups or conferences (i.e. a Bsides somewhere). I will continue to serve as a betatester/proofreader for PenTest Magazine, and of course try to blog twice a month!

So those are my goals, I have gone public with them and now I just have to accomplish them. Well I know you probably did not want to read all of this but I wanted to get my goals out there, and track how I am doing with them. My next article will be technical and a hell a lot more interesting to others!
Site Meter