DURATION: 3 DAYS
CAPACITY: 20 pax
SEATS AVAILABLE: REGISTRATION CLOSED
EUR2599 (early bird)
EUR2999 (normal)
Early bird registration rate ends on the 12th of January
Overview
Pentesting and Exploiting Highly Secured Enterprise Networks is an action-packed hands-on class giving attendees a chance to perform real-world exploitation on enterprise network scenarios accompanied with practical lab exercises in a CTF style formart. The course goes far beyond simple exploitation of low-hanging fruits and shows pentesters how to perform the abilities of an advanced attacker to find out flaws in a secured networks and calculate the business risk associated with these flaws.
This training is intended for senior/experienced pentesters. Just running a vulnerability scanner and submitting that as your report provides no real benefit to a company. This goes far beyond your traditional pentesting courses. Real-world Enterprise Networks are much complex in nature, needing your special attention choosing the techniques and tools that you use in order to infiltrate. A senior penetration tester must succeed when others fail. A senior pentester doesn’t give up when particular exploit is not working, he tries to analyse the exploit and make some modification those are necessary. He should think outside of the box and come up with solutions to complex problems. He must have knowledge of all domains and his skill should range from network attacks, web attacks, scripting to system exploitation.
This training is a result of years of pentesting experience, compromising some of the highly secured networks combined into one practical and hands-on class. This course provides in-depth knowledge of the most powerful attack vectors and provides labs to perform these attacks in numerous hands-on scenarios. The course will walk through dozens of real-world attacks used by the most seasoned penetration testers. Since the class is extremely practical, expect to pop a lot of shells during the attack. The training class has a number of targets and you’ll be exploiting both Windows and Linux platforms.
We also cover topics including Exploiting private networks, Writing own python exploits, Shellcoding for customizing exploits, attacking Databases, chaining multiple vulnerabilities together to exploit the system and more. The class also gives attendees a hands-on experience with “popular” vulnerabilities such as Shellshock, Heartbleed, POODLE, Padding Oracle, JSON Web Token, SSLStrip, Kerberos Attacks (Pass-the-Hash, Pass-the-Tickets, Golden tickets, Silver tickets etc.) and more.
Attendees will be provided with hands-on experience into techniques currently used by hackers to bypass network-based enterprise intrusion detection and prevention systems (IDS/IPS), proxies, DLP, DMZ Web-application Firewalls (WAF). We will use case studies of Machine Learning for detection and evasion of IDS/IPS, AV etc. Attendees will learn learn advanced evasion techniques of corporate host-based countermeasures including antivirus, UAC by developing custom backdoors, payloads into protected enterprise networks. The training includes 50+ labs and 30+ challenges which are inspired by real world vulnerabilities and case studies.
We will build Command and Control (C2) because network intrusion may be detected and compromised system can be patched, some exploits only work once, to survive the reboot. C2 will be Stealth to avoid detection by IDS, persistence to survive reboot, encryption for secure communication and minimising possibility of firewall interference.
After the training attendees will get 1 month remote lab access free with additional 20 challenges and 5+ hours of HD videos of training walkthrough. Also before the 1 month of training, attendees will get videos on basic Assembly Language and Python Scripting which will help them in class.
Who Should Attend
Pentesters who want to take their skills to the next level
Security Professionals
Network / System Admins
Key Learning Objectives
Python programming for Scanning, Fuzzing, Keylogging, Sandbox detection etc
Learn to use custom code in post exploitation to bypass firewall, IDS/IPS and to evade Anti Virus
Write your own custom encoders using shellcoding
Learn to write Python DLL Injector which will allow us to load code into remote process and have it execute within process’ context to evade firewall
Read, edit, modify, execute scripts / shellcode downloaded from internet
Learn how to port exploit using Powershell
Build Command and Control (C2) infrastructure using different payload delivery methods such as VBA, Client-side exploits, HTML etc.
Preequisite Knowledge
Basic Networking knowledge
Basic Windows and Linux command-line Skills
Penetration Testing Experience
Basic Assembly Language knowledge (Videos will be provided 1 month before the training)
Scripting knowledge in Python (Videos will be provided 1 month before the training)
Hardware / Software Requirements
Modern laptop with wireless networking capabilities and have admin/root access on it. (64-bit Machine)
Minimum 4 GB RAM installed
At least 40 GB HD Free
VMware Workstation / Fusion installed
Agenda
DAY 1
Advanced Information Gathering, Network Scanning, Enumeration, Stealth Scanning Strategies
Threat Modelling
Simulating Advanced Persistent Threat (APT)
Spoofing Based Attacks
Multiple techniques for gaining man-in-the-middle network access
IPv4 and IPv6 attacks for pentesters
Attacking an IPSec Virtual Private Network
Exploiting vulnerabilities in communication protocols
Adding custom Nmap scripts to your arsenal
Assessing Routers – Router scanning analysis, iptables network analysis
Evaluating switches – VLAN Hopping attacks, GARP attacks, Layer two attacks
Working with Virtual Switches Evasion
Pentesting and Exploiting Linux Systems
Pentesting and Exploiting Windows Systems
Client Side Exploitation – Backdooring Executable Files, Attacking a System using Hostile Scripts
Faster and smarter password cracking
Custom network protocol manipulation
DAY 2
Exploit routing protocol implementations
Bypass different types of Network Access Control (NAC) implementations
Firewalls – Mapping beyond firewall, Firewall identification, Evading Firewalls
Intrusion Detection System / Intrusion Prevention System (IDS/IPS) – IDS/IPS identification, Evading IDS/IPS
Antivirus – Bypassing Antivirus using different framework, Evading detection and blocks from the different endpoint protection mechanisms that may encounter during your testing, Generating compiled python executable from the raw the shellcode from Veil framework
Using Port forward, Pivoting and Tunneling to reach out another network in real-world pentests
Identification and Enumeration of internal network hosts
Write Python scripts to automate testing
Detection of Web Application Firewall and Load Balancers
Bypassing Web Application Firewalls (WAF) – Tricks to Penetrate Firewall
Shellcoding and customizing existing shellcodes
Web app attacks – Advanced Cross-Site Scripting (XSS) – XSS to system compromise, Advanced SQL Injections – SQL Injection to system compromise, RCE, File uploads and more.
DAY 3
Windows Domain Attacks – Modern Enumeration of Windows Environments, Controlling the Domain, Authentication Protocol Downgrade Attacks, Breaking from Restricted Desktops
Kerberos Attacks – Pass-the-Hash, Pass-the-Tickets, Golden tickets, Silver tickets etc.
Active Directory Exploitation
Windows API Exploitation
Bypassing Windows User Account Control (UAC)
Using PowerShell in Post Exploitation Scenario
Privilege Escalation
Fingerprinting and Attacking CMS – WordPress, Drupal, Joomla
Database Hacking – MySQL, SQL Server, MongoDB, Postgres, Oracle
Insecure System/Service configuration – FTP, NTP, VNC, SNMP, WebDav, Samba etc.
System Vulnerabilities – SMTP, SNMP, SSH
Recent Vulnerabilities – Shellshock vulnerability, Heartbleed vulnerability, POODLE vulnerability, JSON Web Token, Padding Oracle
Attacking Secure Socket Layer – SSL downgrade attacks, Overcoming SSL transport encryption security with SSLStrip, SSL 2.0
Advanced memory scanning techniques
DLL Injection
Credential Replay Attacks
Shellcoding
Writing your own shellcode for Bind and Reverse TCP, Egg Hunter etc.
Use and modify 3rd party shellcode for fun and profit
Write your own Encoders, Decoders, Crypters to evade AntiVirus
Create Polymorphic and Mutation code
Buid Command and Control (C2) infrastructure for stealth, Remote File Access, Remote Command Execution