Advanced Cyber War Boot Camp

COURSE DESCRIPTION

WHO WOULD BENEFIT

IT System Administrators, IT Security Professionals

PREREQUISITES  

This class is designed for advanced penetration testers, red teams, and offensive cyber operations groups.

COURSE LENGTH  

• 5 days

FOLLOW ON COURSES    

• Exploit Development Boot Camp
• Advanced Systems & Applications Attack & Defense

COURSE DETAILS           

• Identifying/Bypassing External Security Mechanisms
  • Load Balancers
  • Intrusion Prevention Systems
  • Web Application Firewalls
• Advanced Targeting & Exploitation
  • Email Address Harvesting
  • Client-Side Application Fingerprinting
  • Bypassing Anti-Virus
  • Dealing with Egress Filtering
  • Bypassing Authenticating Proxies

• Persistence with and without Metasploit (Windows 7/8)
  • Advanced Meterpreter Features
  • Writing Meterpreter Post Modules
  • Building your own implant (non-meterpreter custom backdoor)
• Advanced Tunneling (Windows 7/8)
  • Socks Tunneling
  • ICMP Tunneling
  • SSH Tunneling
  • IPV6 Tunneling
  • Direct Access

• Data-Mining Windows 7/8
  • Stealing hashes, Kerberos tickets, and passwords
  • Stealing User Certificates
  • Finding and Stealing Critical Data
  •  Attacking 2008/2012 Active Directory
  • Advanced Network Enumeration
  • Data-Mining 2008/2012 Active Directory with security settings enabled
  • Finding and attacking databases via Active Directory
• Attacking Sharepoint
  • Version fingerprinting, directory brute-forcing, password stealing
  • Frontpage Access Files, DLLs, Virtual Directories
  • File upload vulnerabilities, command-execution vulnerabilities

• Data Exfiltration
  • Aggregating files
  • Staging Serves
  • Dealing with network segmentation issues
• Post-Exploitation With Powershell
  • Host Enumeration
  • Privilege Escalation
  • Stealing passwords and hash dumping
  • Network Enumeration
  • Download your toolkit to multiple hosts and execute it remotely   

Day 5: Cyber Operation

Get your sleep the night before, eat your Wheaties the morning of because you are about to participate in a Cyber Operation and it is gonna be intense! You will be tasked with finding and stealing data from a highly protected target network. You will be given a description of data that you must steal the target network that has a combination of hardened workstations (similar to a STIG), Anti-Virus and Host-Based Intrusion Prevention Systems. In addition to common technical challenges, there will be a wide range of environmental variables that I’ve experienced in real operations to make it as realistic as possible.   

ABOUT THE INSTRUCTOR       

Joe McCray
Chief Technology Officer and Senior Cybersecurity Instructor

SecureNinja CTO Joe McCray is an Air Force Veteran and has been involved with cybersecurity for over 10 years. Joe has been involved in over 150 very high-level penetration testing assessments and utilizes his “real world hacking accomplishments”  to ensure his clients and students obtain effective knowledge transfer.

His extensive experience and deep knowledge, mixed with his comedic style have lead Joe to be one of the most highly sought after speaking experts in the industry. Joe often makes speaking appearances and gives seminars at major events in the security community such as Black Hat, DEFCON, BruCon, Hacker Halted, Hacktivity and more.

Joe is the recipient of the 2009 EC-Council Instructor Circle of Excellence Award and the 2010 EC-Council Instructor of the Year Award. In addition, he is the founder and CEO of Strategic Security, Inc. an IT Security consulting firm that provides in-depth technical security assessments of your network, web application, and regulatory compliance gap analysis