.
Select Search Category

Advanced Infrastructure
Hacking

Whether you are penetration testing, Red Teaming or trying to get a better understanding of managing vulnerabilities in your environment, understanding advanced hacking techniques is critical. This course covers a wide variety of neat, new and ridiculous techniques to compromise modern Operating Systems and networking devices.

While prior pentest experience is not a strict requirement, familiarity with both Linux and Windows command line syntax will be greatly beneficial.

The syllabus
for the class:
1
Day
  • IPv4/IPv6 Basics
  • Exploiting systems/services over IPv6
  • Host Discovery & Enumeration
  • Advanced OSINT & Asset Discovery
  • Exploiting DVCS and CI-CD Server
  • Hacking Databases: PostgreSQL/MySQL, Oracle, NoSQL
  • Exploiting De-Serialization Vulnerabilities: Java, PHP, Python
2
Day

Windows Exploitation including:

  • Windows Desktop 'Breakout' and AppLocker Bypass Techniques (Win 10)
  • Local Privilege Escalation
  • Offensive PowerShell Tools and Techniques

Active Directory Attacks including:

  • Delegation Reviews and Pwnage (Win 2012 server)
  • Pass the Hash/Ticket •
  • Pivoting, Port Forwarding and Lateral Movement Techniques
3
Day
  • Linux Vulnerabilities
  • Treasure hunting via enumeration
  • File Share/SSH Hacks
  • X11 Vulnerabilities
  • Restricted Shells Breakouts
  • Breaking Hardened Web Servers
  • MongoDB exploitation
  • TTY hacks, Pivoting
  • Gaining root via misconfigurations
  • Kernel Exploitation
4
Day
  • Cloud and Containers Vulnerabilities
  • Breaking and abusing Docker
  • Kubernetes vulnerabilities
  • AWS/Azure/GCP specific attacks
  • Credentials, API's and token Abuse
  • IaaS, PaaS, SaaS, CaaS and Serverless exploitation
  • Azure AD attacks
  • Exploiting Insecure VPN Configuration
Session FAQ

System Administrators, SOC analysts, Penetration testers, network engineers, security enthusiasts and anyone who wants to take their skills to the next level.

While prior pentest experience is not a strict requirement, familiarity with both Linux and Windows command line syntax will be greatly beneficial. A further hands-on experience with common hacking tools such as Metasploit will also be beneficial, although, less advanced users can work their way up during the 30 days of complimentary lab access provided as part of the class.

The only requirement for this class is that you must bring your own laptop and have admin/root access on it. During the class, we will give you VPN access to our state-of-art hacklab which is hosted in our data-center in the UK. Once you are connected to the lab, you will find all the relevant tools/VMs there. We also provide a dedicated Kali VM to each attendee on the hacklab. So, you don't need to bring any VMs with you. All you need is admin access to install the VPN client and once connected, you are good to go!

Access to a hacking lab not just during the course but for 30 days after the class too. This gives students plenty of time to practice the concepts taught in the class. The lab contains a wide variety of challenges from local privilege escalation to VLAN hopping etc. Numerous scripts and tools will also be provided during the training, along with student handouts.

Our courses also come with detailed answer sheets. That is a step by step walkthrough of how every exercise within the class needs to be solved. These answer sheets are also provided to students at the end of the class.

Anthony Webb