Advanced Infrastructure Hacking

2019 Edition
5 Day Practical Class
2 Day Fast Track Available
  • Latest exploits, highly relevant.
  • Teaching a wide variety of offensive hacking techniques.
  • Written by real Pen Testers with a world conference reputation (BlackHat, AppSec, OWASP, Defcon etc).
  • Continously Evolving Labs
HOW TO BOOK
Very impressed with the lab environment. Course is packed with Information and exciting challenges. Excellent Content and in-depth presentation. Loved the practice timing and walk-through. The extended lab access is helpful to practice after the class. Delegate, BlackHat USA 2018
This course was exactly as described. It delivered good, solid information on the current state of infrastructure hacking at the rapid pace promised. This was a great way to get back into this area after years away from it.Delegate, Black Hat USA 2016
Very excellent course, highly recommend even for those new to Pen Testing! Great work & EffortDelegate, Black Hat USA 2016
Compressing 4 days of material is very hard to do. I have to say that this class did it well. My brain hurts, not because the class was bad but because it was very, very good. The instructor was well versed in the subject and the assistance was effective. I really appreciate the "recap" after every section. Top notch. The course was exactly as described.Delegate, Black Hat USA 2016
It provided me with the latest Information Security research & developmentDelegate, Black Hat USA 2016
Took this course as the 4-day was full, and was prepared for a fast-paced nightmare! On the contrary this course was well planned for the timescales. Happy with the solution. Delegate, Black Hat USA 2016

30 Day Lab Access

Option to extend hacking lab access for 30 days after the class

Wide Range of Challenges

Real world challenges from local privilege escalation to network exploitation (VLAN, VOIP, VPN included), cloud infrastructure attacks and more

Continuously Developed

The labs are continuously developed to include latest exploits and tools.

Class Overview

An Advanced Infrastructure Hacking class designed for those who wish to push their knowledge … The fast-paced class teaches the audience a wealth of hacking techniques to compromise various operating systems and networking devices. The class will cover advanced penetration techniques to achieve exploitation and will familiarise you with hacking of common operating systems, networking devices and much more. From hacking Domain Controllers to local root, VLAN Hopping to VoIP Hacking, we have got everything covered.

Class Details

Whether you are Penetration Testing, Red Teaming, or hoping to gain a better understanding of managing vulnerabilities in your environment, understanding advanced hacking techniques for infrastructure devices and systems is critical.

The Advanced Infrastructure class will get the attendees familiarised with a wealth of hacking techniques for common Operating Systems and networking devices. While prior Pen Testing experience is not a strict requirement, a prior use of common hacking tools such as Metasploit is recommended for this class.

Module 1: IPv4 and IPv6 Refresher

Advanced topics in network scanning 

Understanding & exploiting IPv6 Targets 

Module 2: OSINT, DVCS, CI Server exploitation

Advanced OSINT Data gathering 

Exploiting git and Continuous Integration (CI) servers.

Module 3: Database Servers

Mysql

Postgres

Oracle

MongoDB

Module 4: Recent Vulnerabilities

SSL / TLS Bugs 

Deserialization Bugs

Module 5: Windows Exploitation

Domain and User Enumeration 

AppLocker / GPO Restriction Bypass 

Local Privilege Escalation Fun with Powershell 

Bypassing AV / AMSI 

Post Exploitation In-Memory Credential Harvesting

Module 6: AD Exploitation

Active Directory Delegation issues 

Understanding WOW64 

Pivoting and WinRM Certificates 

Persistence (Golden Ticket, DCSync) 

Lateral Movement Using WMIC

Module 7: Linux Exploitation

User/Service Enumeration 

File Share Hacks 

SSH Hacks 

X11 Vulnerabilities 

TTY issues 

SSH reverse tunnelling 

Restricted Shells Breakouts 

Breaking Hardened Webservers 

Local Privilege Escalation 

Post Exploitation

Module 8: Container Breakout

Breaking and Abusing Docker/Kubernetes Vulnerabilities

Module 9: VPN Exploitation

Module 10: VoIP Enumeration & Exploitation

Module 11: VLAN Attacks

VLAN Concepts VLAN Hopping Attacks

Module 12: Cloud Hacking

Attacking IaaS

Exploiting PaaS

Abusing FaaS

Pwning SaaS

Prerequisites

Who Should Take This Class?

The course is ideal for those preparing for CREST CCT (ICE), CHECK (CTL), TIGER SST and other similar industry certifications, as well as those who perform Penetration Testing on infrastructure as a day job and wish to add to their existing skill set.

Student Requirements

The only requirement for this class is that you bring your own laptop and have admin/root access. During the class, we will give you VPN access to our state-of-the-art hacklab which is hosted in our datacentre in the UK. Once you are connected to the lab, you will find all the relevant tools/VMs there. We also provide a dedicated Kali VM to each attendee on the hacklab, so you don’t need to bring any VMs with you. all you need is to install the VPN client and you are good to go!  

ALSO TAUGHT AT

Upcoming Classes

August, 3-6 2019

Mandalay Bay, Las Vegas, USA

More information

Hacking Training Classes

Lab-Based Training - Written by BlackHat Trainers - Available Globally

NotSoSecure classes are ideal for those preparing for CREST CCT (ICE), CREST CCT (ACE), CHECK (CTL), TIGER SST and other similar industry certifications, as well as those who perform Penetration Testing on infrastructure / web applications as a day job & wish to add to their existing skill set.


Download the NotSoSecure Hacking Classes Brochure

Beginner Friendly

Hacking 101

The Art of Hacking

The Art of Hacking

=

Infrastructure Hacking

+

Web Hacking

Specialist Offensive Classes

2019 Edition

Advanced Infrastructure Hacking

2019 Edition

Advanced Web Hacking

NEW

Hacking and Securing Cloud Infrastructure

Specialist Defence Classes

2019 Edition

AppSec for Developers

NEW

DevSecOps

NEW

AppSecOps

Book Your Training

Working exclusively with 3 training delivery partners, NotSoSecure Hacking Training is available around the world.


UNITED KINGDOM

REST OF THE WORLD