Advanced Infrastructure Hacking

2017 Edition
5 Day Practical Class
  • Latest exploits, highly relevant.
  • Teaching a wide variety of offensive hacking techniques.
  • Written by real Pen Testers with a world conference reputation (BlackHat, AppSec, OWASP, Defcon etc).
HOW TO BOOK
This course was exactly as described. It delivered good, solid information on the current state of infrastructure hacking at the rapid pace promised. This was a great way to get back into this area after years away from it.Delegate, Black Hat USA 2016
Very excellent course, highly recommend even for those new to Pen Testing! Great work & EffortDelegate, Black Hat USA 2016
Compressing 4 days of material is very hard to do. I have to say that this class did it well. My brain hurts, not because the class was bad but because it was very, very good. The instructor was well versed in the subject and the assistance was effective. I really appreciate the "recap" after every section. Top notch. The course was exactly as described.Delegate, Black Hat USA 2016
It provided me with the latest Information Security research & developmentDelegate, Black Hat USA 2016
Took this course as the 4-day was full, and was prepared for a fast-paced nightmare! On the contrary this course was well planned for the timescales. Happy with the solution. Delegate, Black Hat USA 2016

30 Day Lab Access

Access to a hacking lab not just during the course but for 30 days after the class too

Wide Range of Challenges

Real world challenges from local privilege escalation to VLAN hopping etc

Continuously Developed

The labs are continuosly developed to include latest exploits and tools.

Class Overview

An Advanced Infrastructure Hacking class designed for those who wish to push their knowledge … The fast-paced class teaches the audience a wealth of hacking techniques to compromise various operating systems and networking devices. The class will cover advanced penetration techniques to achieve exploitation and will familiarise you with hacking of common operating systems, networking devices and much more. From hacking Domain Controllers to local root, VLAN Hopping to VoIP Hacking, we have got everything covered.

 

Class Details

Whether you are Penetration Testing, Red Teaming, or hoping to gain a better understanding of managing vulnerabilities in your environment, understanding advanced hacking techniques for infrastructure devices and systems is critical.

The Advanced Infrastructure class will get the attendees familiarised with a wealth of hacking techniques for common Operating Systems and networking devices. While prior Pen Testing experience is not a strict requirement, a prior use of common hacking tools such as Metasploit is recommended for this class.

Day 1

IPv4 and IPv6 Refresher

Advanced topics in network Scanning

Understanding and exploiting IPv6 Targets

OSINT, DVCS Exploitation

Advanced OSINT Data gathering

Exploiting git and Continuous Integration (CI) servers.

Database Servers

Mysql

Postgres

Oracle

Recent Vulnerabilities

Heart-Bleed and Shell-Shock

PHP Serialization Exploit

Web-sphere Java Exploits

Day 2

Windows Exploitation

Domain and User Enumeration

AppLocker / GPO Restriction Bypass

Local Privilege Escalation

Post Exploitation #1 (AMSI Bypass & Mimikatz)

Post Exploitation #2 (LSASecrets)

Day 3

AD Exploitation

Active Directory Delegation issues

WOW64

Pivoting and WinRM

Persistence (Golden Ticket and DCSync)

Lateral Movement Using WMIC

Day 4

Linux Exploitation

Port scanning and Enumeration

FS + SSH

Privilege Escalation

rservices

Apache

X11 Services

Day 5

Container Breakout

Docker breakout

VPN Exploitation

VPN

VoIP Exploitation

VoIP enumeration

VoIP exploitation

VLAN Exploitation

VLAN concepts

VLAN hopping attacks.

Prerequisites

Who Should Take This Class?

The course is ideal for those preparing for CREST CCT (ICE), CHECK (CTL), TIGER SST and other similar industry certifications, as well as those who perform Penetration Testing on infrastructure as a day job and wish to add to their existing skill set.

Student Requirements

The only requirement for this class is that you bring your own laptop and have admin/root access. During the class, we will give you VPN access to our state-of-the-art hacklab which is hosted in our datacentre in the UK. Once you are connected to the lab, you will find all the relevant tools/VMs there. We also provide a dedicated Kali VM to each attendee on the hacklab, so you don’t need to bring any VMs with you. all you need is to install the VPN client and you are good to go!

Also, note that we will use an Ethernet/wired network for this class. If your laptop does not support this, please carry the correct adaptor to ensure you are able to connect to the wired network.

ALSO TAUGHT AT

Hacking Training Classes

Lab-Based Training - Written by BlackHat Trainers – Available Globally

NotSoSecure classes are ideal for those preparing for CREST CCT (ICE), CHECK (CTL), TIGER SST and other similar industry certifications, as well as those who perform Penetration Testing on infrastructure as a day job and wish to add to their existing skill set.


Download the NotSoSecure Hacking Classes Brochure

The Art of Hacking

The Art of Hacking

=

Infrastructure Hacking

+

Web Hacking

Other Specialist Classes

Advanced Infrastructure Hacking

AppSec for Developers

Practical IoT Hacking Training

Book Your Training

Working exclusively with 3 training delivery partners, NotSoSecure Hacking Training is available around the world.


UNITED KINGDOM

REST OF THE WORLD