COURSES

Advanced Systems & Applications Attack & Defense

Penetration testers will learn how to better attack high security environments


COURSE DESCRIPTION 

SecureNinja’s (5) five day Advanced Systems & Applications Attack & Defense boot camp was created for Network/Web Application Penetration testers that are looking for the little tips and tricks that will help them better attack high security environments. Students that are Network/System Administrators with three or more years’ experience working in environments such as financial institutions, DoD networks, or similar high security environments will benefit greatly from this course. You choose the delivery format.  Either in one of our public training centers or Live Online from work or your home computer.    

TOPICS COVERED

  • Attacking From the Outside
  • Bypassing Anti-Virus & HIPS
  • DLL Injection & Process Injection
  • Advanced Post-Exploitation
  • Capture the Flag Team Hacking

WHO WOULD BENEFIT

IT System Administrators, IT Security Professionals, Windows Developers

PREREQUISITES   

Familiarity with Windows System Administration, familiarity with programming

COURSE LENGTH  

  • 5 Days

FOLLOW ON COURSES          

  • Cyber War
  • Hands-on Malware Analysis
  • Hands-on Mobile Application Security

COURSE DETAILS       

 Day 1: Attacking From the Outside

  • Attacking Hardened Web Applications
    • Advanced Methods of identifying SQLI/XSS
  • Bypassing Common Web Application Security Mechanisms
    • Client-Side Filtering
    • Alphanumeric Filtering
    • Magic Quotes
    • ASP.NET Request Validate
  • Bypassing Common Security Products
    • IDS Signature Evasion
    • Dealing with Web Application Firewalls


Day 1’s Mission:
Attack a mock company’s heavily protected external web applications from the outside

Day 2: Bypassing Anti-Virus & HIPS

  • Bypassing Popular Anti-Virus
    • AVG
    • McAfee
    • Symantec
    • Windows Defender

 

  • Bypassing Popular HIPS
    • McAfee HIPS
    • Symantec EndPoint Protection
    • Forefront

Day 2’s Mission: Bypass the most common host-based security products

Day 3: DLL Injection & Process Injection

 

  • DLL Injection
    • Advanced Post-Exploitation
    • Data-Mining

 

  • Process Injection
    • Advanced Network Enumeration
    • Data-Mining 2008 Active Directory with security settings enabled


Day 3’s Mission: Bypass Group Policy Objects, Software Restriction Policy, and HIPS

Day 4: Advanced Post-Exploitation

  • Attacking Windows 7
    • Advanced Post-Exploitation
    • Data-Mining

 

  • Attacking 2008 Active Directory
    • Advanced Network Enumeration
    • Data-Mining 2008 Active Directory with security settings enabled


Day 4’s Mission: Finding all of a company's intellectual property and stealing it

Day 5: Mother of All Capture the Flags

  • Putting everything together in a team hacking competition   

ABOUT THE INSTRUCTOR       

Joe McCray
Chief Technology Officer and Senior Cybersecurity Instructor

SecureNinja CTO Joe McCray is an Air Force Veteran and has been involved with cybersecurity for over 10 years. Joe has been involved in over 150 very high level pentesting assessments and utilizes his “real world hacking accomplishments”  to ensure his clients and students obtain effective knowledge transfer.

His extensive experience and deep knowledge, mixed with his comedic style has lead Joe to be one of the most highly sought after speaking experts in the industry. Joe often makes speaking appearances and gives seminars at major events in the security community such as Black Hat, DEFCON, BruCon, Hacker Halted, Hacktivity and more.

Joe is the recipient of the 2009 EC-Council Instructor Circle of Excellence Award and the 2010 EC-Council Instructor of the Year Award. In addition he is the founder and CEO of Strategic Security, Inc. an IT Security consulting firm that provides in-depth technical security assessments of your network, web application, and regulatory compliance gap analysis

Advanced Systems & Applications Attack & Defense Classes Schedule
May. 21, 2018 May. 25, 2018 Columbia Mon-Fri SOLD Bootcamp
Jun. 04, 2018 Jun. 08, 2018 Columbia Mon-Fri OPEN Bootcamp
Jun. 25, 2018 Jun. 29, 2018 Alexandria Mon-Fri OPEN Bootcamp
Jun. 25, 2018 Jun. 29, 2018 Live Online Mon-Fri OPEN Online
Jul. 16, 2018 Jul. 20, 2018 Columbia Mon-Fri OPEN Bootcamp
Jul. 30, 2018 Aug. 03, 2018 Alexandria Mon-Fri OPEN Bootcamp
Jul. 30, 2018 Aug. 03, 2018 Live Online Mon-Fri OPEN Online
Aug. 13, 2018 Aug. 17, 2018 Columbia Mon-Fri OPEN Bootcamp
Aug. 27, 2018 Aug. 31, 2018 Alexandria Mon-Fri OPEN Bootcamp
Aug. 27, 2018 Aug. 31, 2018 Live Online Mon-Fri OPEN Online

Not able to attend public scheduled classes? No problem, let us come to you to train your staff on-site on CISSP Training & Certification