GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
Global Information Assurance Certification (GIAC)
The GIAC Exploit Researcher and Advanced Penetration Tester (GXPN) certification validates a practitioner’s ability to find and mitigate significant security flaws in systems and networks.
GXPN certification holders have the skills to conduct advanced penetration tests and model the behavior of attackers to improve system security, and the knowledge to demonstrate the business risk associated with these behaviors.
Target Audience
The GXPN is ideal for security professionals including:
- Senior Penetration Testers
- Exploit Developers
- Red Team Leads
- Security Researchers
- Reverse Engineers
- Network and Systems Penetration Testers
- Incident Handlers
- Application Developers
- IDS Engineers
Skills Tested
The exam covers various technical domains:
- Understanding how routing and traffic control can be influenced to exploit networks
- Linux memory organization and management fundamentals, low-level Linux binary execution, and how to leverage this information with shell code
- Issues in cryptographic implementations and different ways to exploit those implementations
- Building fuzzing grammars and knowing when and how to use them
- Creating simple return-oriented chains to achieve execution
Exam Format
- Questions: 60 multiple-choice questions
- Duration: 3 hours
- Passing Score: 67% or higher
- Format: Open-book, web-based, proctored
- Practical Labs: Includes 7 CyberLive hands-on practical labs
Certification Maintenance
- GIAC certifications are valid for four years
- Certification holders must submit 36 CPEs for renewal
- Maintenance fee: $499
- Alternative: Retake the current exam
Related Training
The official SANS course SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking directly maps to GXPN. The course teaches advanced penetration testing skills to develop custom exploits, perform network attacks, analyze cryptographic implementations, and master advanced exploitation techniques.