Advanced Systems & Applications Attack & Defense

Penetration testers will learn how to better attack high security environments


SecureNinja’s (5) five day Advanced Systems & Applications Attack & Defense boot camp was created for Network/Web Application Penetration testers that are looking for the little tips and tricks that will help them better attack high security environments. Students that are Network/System Administrators with three or more years’ experience working in environments such as financial institutions, DoD networks, or similar high security environments will benefit greatly from this course. You choose the delivery format.  Either in one of our public training centers or Live Online from work or your home computer.    


  • Attacking From the Outside
  • Bypassing Anti-Virus & HIPS
  • DLL Injection & Process Injection
  • Advanced Post-Exploitation
  • Capture the Flag Team Hacking


IT System Administrators, IT Security Professionals, Windows Developers


Familiarity with Windows System Administration, familiarity with programming


  • 5 Days


  • Cyber War
  • Hands-on Malware Analysis
  • Hands-on Mobile Application Security


 Day 1: Attacking From the Outside

  • Attacking Hardened Web Applications
    • Advanced Methods of identifying SQLI/XSS
  • Bypassing Common Web Application Security Mechanisms
    • Client-Side Filtering
    • Alphanumeric Filtering
    • Magic Quotes
    • ASP.NET Request Validate
  • Bypassing Common Security Products
    • IDS Signature Evasion
    • Dealing with Web Application Firewalls

Day 1’s Mission:
Attack a mock company’s heavily protected external web applications from the outside

Day 2: Bypassing Anti-Virus & HIPS

  • Bypassing Popular Anti-Virus
    • AVG
    • McAfee
    • Symantec
    • Windows Defender


  • Bypassing Popular HIPS
    • McAfee HIPS
    • Symantec EndPoint Protection
    • Forefront

Day 2’s Mission: Bypass the most common host-based security products

Day 3: DLL Injection & Process Injection


  • DLL Injection
    • Advanced Post-Exploitation
    • Data-Mining


  • Process Injection
    • Advanced Network Enumeration
    • Data-Mining 2008 Active Directory with security settings enabled

Day 3’s Mission: Bypass Group Policy Objects, Software Restriction Policy, and HIPS

Day 4: Advanced Post-Exploitation

  • Attacking Windows 7
    • Advanced Post-Exploitation
    • Data-Mining


  • Attacking 2008 Active Directory
    • Advanced Network Enumeration
    • Data-Mining 2008 Active Directory with security settings enabled

Day 4’s Mission: Finding all of a company's intellectual property and stealing it

Day 5: Mother of All Capture the Flags

  • Putting everything together in a team hacking competition   


Joe McCray
Chief Technology Officer and Senior Cybersecurity Instructor

SecureNinja CTO Joe McCray is an Air Force Veteran and has been involved with cybersecurity for over 10 years. Joe has been involved in over 150 very high level pentesting assessments and utilizes his “real world hacking accomplishments”  to ensure his clients and students obtain effective knowledge transfer.

His extensive experience and deep knowledge, mixed with his comedic style has lead Joe to be one of the most highly sought after speaking experts in the industry. Joe often makes speaking appearances and gives seminars at major events in the security community such as Black Hat, DEFCON, BruCon, Hacker Halted, Hacktivity and more.

Joe is the recipient of the 2009 EC-Council Instructor Circle of Excellence Award and the 2010 EC-Council Instructor of the Year Award. In addition he is the founder and CEO of Strategic Security, Inc. an IT Security consulting firm that provides in-depth technical security assessments of your network, web application, and regulatory compliance gap analysis

Advanced Systems & Applications Attack & Defense Classes Schedule
Jul. 30, 2018 Aug. 03, 2018 Alexandria Mon-Fri OPEN Bootcamp
Jul. 30, 2018 Aug. 03, 2018 Live Online Mon-Fri OPEN Online
Aug. 13, 2018 Aug. 17, 2018 Columbia Mon-Fri OPEN Bootcamp
Aug. 27, 2018 Aug. 31, 2018 Alexandria Mon-Fri OPEN Bootcamp
Aug. 27, 2018 Aug. 31, 2018 Live Online Mon-Fri OPEN Online

Not able to attend public scheduled classes? No problem, let us come to you to train your staff on-site on CISSP Training & Certification