IT infrastructure is more complex and dynamic than it’s ever been demanding comprehensive, up-to-date, and well-rehearsed security skills to match. Join this, hands-on 5-day course to push your infrastructure hacking to the next level and widen your career prospects. Get your hands dirty with our popular virtual labs and learn from experienced, practicing penetration testers with a legacy of training at Black Hat.
Interested in attending? Have a suggestion about running this event near you?
Register your interest now
Description
As different on-premise and cloud environments shapeshift and converge, the practice of infrastructure security is becoming more complex. Organisations and their security teams can no longer afford to understand the overarching attack surface at a high level. Nor can they rely on the same security practices that worked in the past. What’s needed is a thorough, contextual understanding of how and why your architecture and systems get targeted by threat actors, which are at risk, and what happens when those attacks succeed. Our Advanced Infrastructure Hacking course provides delegates with this knowledge and more, by giving them an up-to-date arsenal of advanced offensive testing and remediation skills. Our syllabuses are revised regularly to reflect the latest in-the-wild hacks and whatever proof of concepts we’ve been developing through our own research. Because they remain so up to date with the threat landscape and security industry standard, many delegates return every 1-2 years to update their skills and get a refresh.
What’s in the syllabus
IPV4/IPV6 SCANNING AND OPEN-SOURCE INTELLIGENCE GATHERING (OSINT)
IPv6 service discovery and enumeration
Exploiting systems/services over IPv6
Host discovery and enumeration
Advanced OSINT and asset discovery
Exploiting DVCS and CI-CD server
HACKING DATABASES
PostgreSQL / MySQL
Oracle
NoSQL
WINDOWS EXPLOITATION
Windows enumeration and configuration Issues
Windows desktop breakout and AppLocker bypass techniques (Win 10)
Local privilege escalation
Windows Antivirus
Offensive PowerShell /Offsec Development
AMSI bypass Techniques
AV Evasion Techniques
Post-exploitation Tips, Tools, and Methodology
ACTIVE DIRECTORY ATTACKS
Active Directory delegation reviews and pwnage (Win 2016 Server)
Pass the hash/ticket
Cross domain and forest attacks
Pivoting, port forwarding, and lateral movement techniques
Persistence and backdooring techniques (Golden and Diamond Ticket)
Command and Control (C2) frameworks
LINUX
Linux vulnerabilities and configuration issues
Treasure hunting via enumeration
File share/SSH Hacks
X11 Vulnerabilities
Restricted shells breakouts
Breaking hardened web servers
Local privilege escalation
MongoDB exploitation
TTY “Teletype” hacks and pivoting
Gaining root access via misconfigurations
Kernel exploitation
Post exploitation
Persistence techniques
CONTAINER BREAKOUT
Kerberos authentication
Breaking and abusing Docker
Exploiting Kubernetes vulnerabilities
Breaking out of Kubernetes containers
CLOUD HACKING
AWS, MS Azure, and GCP specific attacks
Storage misconfigurations
Credentials, APIs, and token abuse
Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS), Container as a Service (CaaS), and serverless exploitation
Azure AD attacks
Exploiting insecure VPN configuration
VLAN hopping attacks
Audience
This course is suitable for in-house security teams from intermediate to advanced. It’s also relevant to other security and IT practitioners and managers who want to understand the current threat landscape and defend their organization.
Delegates must have the following to make the most of the course:
- Intermediate knowledge of infrastructure application security (at least 2 years’ experience)
- Common command line syntax competency
- Experience using virtual labs for pentesting and/or offensive research
Prerequisites
What you’ll learn
This course uses a Defence by Offence methodology based on real world engagements and offensive research (not theory). That means everything we teach has been tried and tested on live environments and in our labs, so you can put it into practice as soon as the training is over. By the end of the course, you’ll know:
- How to think and behave like an advanced, real world threat actor
- How to identify commonly used vulnerabilities known to have recently caused damage and disruption
- How to deploy the latest and most common network infrastructure and cloud hacks, (including many novel techniques that can’t be detected by scanners)
- How to analyse vulnerabilities within your own organisation and customise your hacking techniques in