Advanced Infrastructure Hacking

5 Day

Launched at BlackHat USA – Latest exploits, highly relevant, continuously developed.
5-day practical class, teaching a wide variety of offensive hacking techniques.
Written by real Pen Testers with a world conference reputation (BlackHat, AppSec, OWASP, Defcon et al).

Overview Prerequisites Details PDF HOW TO BOOK

Class Overview

An Advanced Infrastructure Hacking class, released at BlackHat, designed for those who wish to push their knowledge … The fast-paced class teaches the audience a wealth of hacking techniques to compromise various operating systems and networking devices. The class will cover advanced penetration techniques to achieve exploitation and will familiarise you with a wealth of hacking techniques for common operating systems, networking devices and much more. From hacking Domain Controllers with MS14-068 to GHOST local root, VLAN Hopping to VoIP Hacking, you have got everything covered.

Advanced Infrastructure Hacking class- Preview from NotSoSecure on Vimeo.

Class Details

Whether you are Penetration Testing, Red Teaming, or hoping to gain a better understanding of managing vulnerabilities in your environment, understanding advanced hacking techniques for infrastructure devices and systems is critical.

The Advanced Infrastructure class will get the attendees familiarised with a wealth of hacking techniques for common Operating Systems and networking devices. While prior Pen Testing experience is not a strict requirement, a prior use of common hacking tools such as Metasploit is recommended for this class.

Day 1

Hacking Networks, Databases

  • TCP/IP & Network Enumeration
  • Port Scanning
  • TCP/UDP Scanning
  • Windows/Linux Enumeration
  • The Art of Brute-Forcing
  • Insecure SNMP Configuration
  • Database Exploitation (Oracle, Postgres, Mysql)
  • Hacking Application servers (Websphere)
  • Exploiting SSL Vulnerabilities such as Heartbleed
  • Exploiting Remote Systems via Shellshock
  • Exploiting Java and PHP Serialization Bugs

Day 2

Advanced Windows Hacking

  • Windows Vulnerabilities
  • Mastering Metasploit
  • Latest Remote Exploits
  • Pivoting within Internal Network
  • Local Privilege Escalation
  • Custom Payloads
  • Post-Exploitation

Day 3

Hacking Windows Domains

  • Compromising Windows Domain
  • Pass the hash
  • Pass the ticket
  • Breaking Kerberos
  • Third party exploits (browser, java, pdf)

Day 4

Advanced Linux Hacking

  • Linux Vulnerabilities
  • Finger
  • Rservices
  • NFS Hacks
  • SSH Hacks
  • X11 Vulnerabilities
  • Local Privilege Escalation
  • Kernel Exploits
  • Weak File Permissions
  • SUID/SGID Scripts
  • Inetd Services

Day 5

Hacking VLANs, VoIP, Switches & Routers

  • VLAN Hopping
  • Hacking VoIP
  • Exploiting Insecure VPN Configuration
  • Switch/Router vulnerabilities

Prerequisites

Who Should Take This Class?

The course is ideal for those preparing for CREST CCT (ICE), CHECK (CTL), TIGER SST and other similar industry certifications, as well as those who perform Penetration Testing on infrastructure as a day job and wish to add to their existing skill set.

Student Requirements

The only requirement for this class is that you bring your own laptop and have admin/root access. During the class, we will give you VPN access to our state-of-the-art hacklab which is hosted in our datacentre in the UK. Once you are connected to the lab, you will find all the relevant tools/VMs there. We also provide a dedicated Kali VM to each attendee on the hacklab, so you don’t need to bring any VMs with you. all you need is to install the VPN client and you are good to go!

Also, note that we will use an Ethernet/wired network for this class. If your laptop does not support this, please carry the correct adaptor to ensure you are able to connect to the wired network.

Hacking Training Classes

Lab-Based Training - Written by BlackHat Trainers – Available Globally

NotSoSecure classes are ideal for those preparing for CREST CCT (ICE), CHECK (CTL), TIGER SST and other similar industry certifications, as well as those who perform Penetration Testing on infrastructure as a day job and wish to add to their existing skill set.


Download the NotSoSecure Hacking Classes Brochure

The Art of Hacking

The Art of Hacking

=

Infrastructure Hacking

+

Web Hacking

Other Specialist Classes

Advanced Infrastructure Hacking

AppSec for Developers

Practical Internet Of Things (IoT) Hacking

Book Your Training

Working exclusively with 3 training delivery partners, NotSoSecure Hacking Training is available around the world.


UNITED KINGDOM

REST OF THE WORLD

IEEE MEMBER