COURSE DESCRIPTION
WHO WOULD BENEFIT
IT System Administrators, IT Security Professionals
PREREQUISITES
This class is designed for advanced penetration testers, red teams, and offensive cyber operations groups.
COURSE LENGTH
- 5 days
FOLLOW ON COURSES
- Exploit Development Boot Camp
- Advanced Systems & Applications Attack & Defense
COURSE DETAILS
- Identifying/Bypassing External Security Mechanisms
- Load Balancers
- Intrusion Prevention Systems
- Web Application Firewalls
- Advanced Targeting & Exploitation
- Email Address Harvesting
- Client-Side Application Fingerprinting
- Bypassing Anti-Virus
- Dealing with Egress Filtering
- Bypassing Authenticating Proxies
- Persistence with and without Metasploit (Windows 7/8)
- Advanced Meterpreter Features
- Writing Meterpreter Post Modules
- Building your own implant (non-meterpreter custom backdoor)
- Advanced Tunneling (Windows 7/8)
- Socks Tunneling
- ICMP Tunneling
- SSH Tunneling
- IPV6 Tunneling
- Direct Access
- Data-Mining Windows 7/8
- Stealing hashes, Kerberos tickets, and passwords
- Stealing User Certificates
- Finding and Stealing Critical Data
- Attacking 2008/2012 Active Directory
- Advanced Network Enumeration
- Data-Mining 2008/2012 Active Directory with security settings enabled
- Finding and attacking databases via Active Directory
- Attacking Sharepoint
- Version fingerprinting, directory brute-forcing, password stealing
- Frontpage Access Files, DLLs, Virtual Directories
- File upload vulnerabilities, command-execution vulnerabilities
- Data Exfiltration
- Aggregating files
- Staging Serves
- Dealing with network segmentation issues
- Post-Exploitation With Powershell
- Host Enumeration
- Privilege Escalation
- Stealing passwords and hash dumping
- Network Enumeration
- Download your toolkit to multiple hosts and execute it remotely
Day 5: Cyber Operation
Get your sleep the night before, eat your Wheaties the morning of because you are about to participate in a Cyber Operation and it is gonna be intense! You will be tasked with finding and stealing data from a highly protected target network. You will be given a description of data that you must steal the target network that has a combination of hardened workstations (similar to a STIG), Anti-Virus and Host-Based Intrusion Prevention Systems. In addition to common technical challenges, there will be a wide range of environmental variables that I’ve experienced in real operations to make it as realistic as possible.
These training courses are only delivered as an onsite format for groups of 5 or more. Our world-class instructors will bring our on-demand turn-key solution directly to you. Contact us now for more details and pricing