Advanced Infrastructure Hacking

2018 Edition
5 Day Practical Class
  • Latest exploits, highly relevant.
  • Teaching a wide variety of offensive hacking techniques.
  • Written by real Pen Testers with a world conference reputation (BlackHat, AppSec, OWASP, Defcon etc).
  • Continously Evolving Labs
HOW TO BOOK
This course was exactly as described. It delivered good, solid information on the current state of infrastructure hacking at the rapid pace promised. This was a great way to get back into this area after years away from it.Delegate, Black Hat USA 2016
Very excellent course, highly recommend even for those new to Pen Testing! Great work & EffortDelegate, Black Hat USA 2016
Compressing 4 days of material is very hard to do. I have to say that this class did it well. My brain hurts, not because the class was bad but because it was very, very good. The instructor was well versed in the subject and the assistance was effective. I really appreciate the "recap" after every section. Top notch. The course was exactly as described.Delegate, Black Hat USA 2016
It provided me with the latest Information Security research & developmentDelegate, Black Hat USA 2016
Took this course as the 4-day was full, and was prepared for a fast-paced nightmare! On the contrary this course was well planned for the timescales. Happy with the solution. Delegate, Black Hat USA 2016

30 Day Lab Access

Option to extend hacking lab access for 30 days after the class

Wide Range of Challenges

Real world challenges from local privilege escalation to VLAN hopping etc

Continuously Developed

The labs are continuosly developed to include latest exploits and tools.

Class Overview

An Advanced Infrastructure Hacking class designed for those who wish to push their knowledge … The fast-paced class teaches the audience a wealth of hacking techniques to compromise various operating systems and networking devices. The class will cover advanced penetration techniques to achieve exploitation and will familiarise you with hacking of common operating systems, networking devices and much more. From hacking Domain Controllers to local root, VLAN Hopping to VoIP Hacking, we have got everything covered.

 

Class Details

Whether you are Penetration Testing, Red Teaming, or hoping to gain a better understanding of managing vulnerabilities in your environment, understanding advanced hacking techniques for infrastructure devices and systems is critical.

The Advanced Infrastructure class will get the attendees familiarised with a wealth of hacking techniques for common Operating Systems and networking devices. While prior Pen Testing experience is not a strict requirement, a prior use of common hacking tools such as Metasploit is recommended for this class.

Day 1

IPv4 and IPv6 Refresher

Advanced topics in network scanning

Understanding & exploiting IPv6 Targets

OSINT, DVCS, CI Server exploitation

Advanced OSINT Data gathering

Exploiting git and Continuous Integration (CI) servers.

Database Servers

Mysql, Postgres, Oracle

Recent Vulnerabilities

SSL / TLS Bugs

Deserialization Bugs

Day 2

Windows Exploitation

Domain and User Enumeration

AppLocker / GPO Restriction Bypass

Local Privilege Escalation

Fun with Powershell

Bypassing AV / AMSI

Post Exploitation In-Memory Credential Harvesting

Day 3

AD Exploitation

Active Directory Delegation issues

Understanding WOW64

Pivoting and WinRM Certificates

Persistence (Golden Ticket, DCSync)

Lateral Movement Using WMIC

Day 4

Linux Exploitation

User/Service Enumeration

File Share Hacks

SSH Hacks

X11 Vulnerabilities

TTY issues, SSH reverse tunneling

Restricted Shells Breakouts

Breaking Hardened Webservers

Local Privilege Escalation

Post Exploitation

Day 5

Container Breakout

Breaking and Abusing Docker

Kubernetes Vulnerabilities

VPN Exploitation

VoIP Enumeration & Exploitation

VLAN Attacks

VLAN Concepts

VLAN Hopping Attacks

Prerequisites

Who Should Take This Class?

The course is ideal for those preparing for CREST CCT (ICE), CHECK (CTL), TIGER SST and other similar industry certifications, as well as those who perform Penetration Testing on infrastructure as a day job and wish to add to their existing skill set.

Student Requirements

The only requirement for this class is that you bring your own laptop and have admin/root access. During the class, we will give you VPN access to our state-of-the-art hacklab which is hosted in our datacentre in the UK. Once you are connected to the lab, you will find all the relevant tools/VMs there. We also provide a dedicated Kali VM to each attendee on the hacklab, so you don’t need to bring any VMs with you. all you need is to install the VPN client and you are good to go!

 

ALSO TAUGHT AT

Hacking Training Classes

Lab-Based Training - Written by BlackHat Trainers - Available Globally

NotSoSecure classes are ideal for those preparing for CREST CCT (ICE), CREST CCT (ACE), CHECK (CTL), TIGER SST and other similar industry certifications, as well as those who perform Penetration Testing on infrastructure / web applications as a day job & wish to add to their existing skill set.


Download the NotSoSecure Hacking Classes Brochure

The Art of Hacking

The Art of Hacking

=

Infrastructure Hacking

+

Web Hacking

Other Specialist Classes

Advanced Infrastructure Hacking

Advanced Web Hacking

AppSec for Developers

Book Your Training

Working exclusively with 3 training delivery partners, NotSoSecure Hacking Training is available around the world.


UNITED KINGDOM

REST OF THE WORLD