About the course
Hacking Enterprises: Understanding in.security (including complementary hackpack and 14-day lab access)
Our basic/intermediate course covers a lot of popular topics and the content is structured in a way that allows you to fully understand how small pieces of information may allow an attacker access to critical infrastructure.
This course is an intensive 5-day hands-on experience, where each topic is accompanied by practical exercises ensuring that underlying theory is reinforced by practical understanding and application. This course is ideal for system administrators, network engineers, information security professionals or anyone that wants to improve their technical security skills and advance within the expanding cyber security sector.
Day 5 of the course is the practical exam. This is a 'capture the flag' style assessment and passing the exam will award the following levels of certification:
- 65% + is awarded the 'Student in.security' certification
- 85% + is awarded the 'Master in.security' certification
Why Train With Us?
Aside from the fact that your trainers have taught at Black Hat USA/Asia/EU 2016/17/18, attending this course will also get you free tech swag! Your complementary hackpack will include:
- A customised Raspberry Pi based on Kali Linux
- Keyboard and mouse
- 14-days lab access after training concludes
- 14-days access to our Slack training support channel
Syllabus
- An introduction into infrastructure and application security assessments
- An introduction into monitoring and alerting
- Understanding the importance of and leveraging OSINT activities
- Discovering, targeting and enumerating IPv4 and IPv6 hosts in local and remote networks
- Exposure to vulnerability assessment toolsets
- Identifying and exploiting vulnerabilities
- Client-side attacks and targeting users in simulated phishing tests
- Executing effective post-exploitation tasks
- P@ssw0rd cracking 101
- Lateral movement and pivoting techniques (routing, tunnelling and SOCKS proxies)
- Understanding and abusing domain trusts to compromise the enterprise
- Gaining persistence in the environment
Technical Requirements
- Students will need to have administrative/root access on their laptops running either Windows, Linux or Mac operating systems
- Students will need to have access to (or install) a RDP client and the OpenVPN client
- The class will require stable internet access as the LABs are accessed via a VPN (TCP 443)
What You'll Learn
- We provide in-lab access to popular vulnerability scanners, phishing platforms, operating systems and hacker toolsets
- We provide detailed theory content, and back this up with thorough practical exercises that are accessible via our cloud-based labs
- We provide an additional 14-day complementary lab access to all students, so they can continue to practise after the class
- All content (slides, exercise material, walkthrough guides) will be provided to students in PDF form