Join us for a 2 day weekend workshop in the LA area!
Course Description
This 2 day hands-on, focused course is designed to get you started with penetration testing/red teaming and then take your attack skills to the next level with guidance from an experienced full-time penetration tester. Featuring a multi-level network with more than 30 vulnerable systems that incorporates multiple Windows domains, Unix variants, and OSI layer 2 & 3 (Cisco switch) exploitation, the class will also give each student a video of the class, and walkthroughs for each target to take home. Students will be guided through the phases of exploitation using lecture, demonstrations, and practical exercises for each topic. Covering practical exploitation strategies, Metasploit, antivirus evasion, privilege escalation, and Windows domain exploitation, this course is a “must have” for anyone in the information security industry.
Student Prerequisites
In order to be successful, students should have a basic understanding of IP networking, as well as the Linux and Windows command-line. Students will need to have a 64bit system capable of booting from an external USB drive and a working ethernet port supported by Kali Linux.
Course Objectives
The course will teach students the fundamentals of exploitation and the practical approaches to attacking a system or group of systems using lecture, visual, and hands-on learning. At the end of the course the student will have a solid understanding of the penetration testing cycle and will be able to conduct all phases independently.
Training Outline
This course focuses on a practical approach to penetration testing and exploitation. The course is progressive and starts by giving the student a solid understanding of the fundamentals of exploitation. It will then go on to more advanced exploitation where multiple vulnerabilities are combined to gain access. It guides students through various reconnaissance and attack techniques using lecture, demonstrations, and practical exercises in a live environment.
Day 1
- Review
- Shells, IP/networking
- Penetration testing methodology/exploitation cycle
- Reconnaissance with nmap
- Identifying vulnerabilities
- Exploitation without exploits, Metasploit basics, and using public exploit code
- Exploitation hands-on lab 1 (Apprentice Level)
- Exploitation hands-on lab 2 (Apprentice Level)
- Exploitation hands-on lab 3 (Journeyman Level)
Day 2
- Exploitation hands-on lab 4 (Journeyman Level)
- Post exploitation (Metasploit, lateral movement, reusing credentials, password cracking, pass the hash)
- Elevating privileges in Unix and Windows
- Evading antivirus
- Attacking Windows domains (Kerberos abuse, pass the ticket, golden & silver tickets, responder)
- Attacking Cisco switches (layer 2/3 attacks)
- Exploitation hands-on lab 5 (Journeyman Level)
- Exploitation hands-on challenge labs (4 networks & 30+ targets)
Student take-home items
- Video of the class
- Slides from the class
- Cheat sheets
Interested? Sign up!