3-DAY TRAINING 5 – Pentesting & Exploiting Highly Secured Enterprise Networks

DURATION: 3 DAYS

CAPACITY: 20 pax

SEATS AVAILABLE: REGISTRATION CLOSED


EUR2599 (early bird)

EUR2999 (normal)

Early bird registration rate ends on the 12th of January


Overview

Pentesting and Exploiting Highly Secured Enterprise Networks is an action-packed hands-on class giving attendees a chance to perform real-world exploitation on enterprise network scenarios accompanied with practical lab exercises in a CTF style formart. The course goes far beyond simple exploitation of low-hanging fruits and shows pentesters how to perform the abilities of an advanced attacker to find out flaws in a secured networks and calculate the business risk associated with these flaws.

This training is intended for senior/experienced pentesters. Just running a vulnerability scanner and submitting that as your report provides no real benefit to a company. This goes far beyond your traditional pentesting courses. Real-world Enterprise Networks are much complex in nature, needing your special attention choosing the techniques and tools that you use in order to infiltrate. A senior penetration tester must succeed when others fail. A senior pentester doesn’t give up when particular exploit is not working, he tries to analyse the exploit and make some modification those are necessary. He should think outside of the box and come up with solutions to complex problems. He must have knowledge of all domains and his skill should range from network attacks, web attacks, scripting to system exploitation.

This training is a result of years of pentesting experience, compromising some of the highly secured networks combined into one practical and hands-on class. This course provides in-depth knowledge of the most powerful attack vectors and provides labs to perform these attacks in numerous hands-on scenarios. The course will walk through dozens of real-world attacks used by the most seasoned penetration testers. Since the class is extremely practical, expect to pop a lot of shells during the attack. The training class has a number of targets and you’ll be exploiting both Windows and Linux platforms.

We also cover topics including Exploiting private networks, Writing own python exploits, Shellcoding for customizing exploits, attacking Databases, chaining multiple vulnerabilities together to exploit the system and more. The class also gives attendees a hands-on experience with “popular” vulnerabilities such as Shellshock, Heartbleed, POODLE, Padding Oracle, JSON Web Token, SSLStrip, Kerberos Attacks (Pass-the-Hash, Pass-the-Tickets, Golden tickets, Silver tickets etc.) and more.

Attendees will be provided with hands-on experience into techniques currently used by hackers to bypass network-based enterprise intrusion detection and prevention systems (IDS/IPS), proxies, DLP, DMZ Web-application Firewalls (WAF). We will use case studies of Machine Learning for detection and evasion of IDS/IPS, AV etc. Attendees will learn learn advanced evasion techniques of corporate host-based countermeasures including antivirus, UAC by developing custom backdoors, payloads into protected enterprise networks. The training includes 50+ labs and 30+ challenges which are inspired by real world vulnerabilities and case studies.

We will build Command and Control (C2) because network intrusion may be detected and compromised system can be patched, some exploits only work once, to survive the reboot. C2 will be Stealth to avoid detection by IDS, persistence to survive reboot, encryption for secure communication and minimising possibility of firewall interference.

After the training attendees will get 1 month remote lab access free with additional 20 challenges and 5+ hours of HD videos of training walkthrough. Also before the 1 month of training, attendees will get videos on basic Assembly Language and Python Scripting which will help them in class.

Who Should Attend

  • Pentesters who want to take their skills to the next level
  • Security Professionals
  • Network / System Admins

Key  Learning Objectives

  • Python programming for Scanning, Fuzzing, Keylogging, Sandbox detection etc
  • Learn to use custom code in post exploitation to bypass firewall, IDS/IPS and to evade Anti Virus
  • Write your own custom encoders using shellcoding
  • Learn to write Python DLL Injector which will allow us to load code into remote process and have it execute within process’ context to evade firewall
  • Read, edit, modify, execute scripts / shellcode downloaded from internet
  • Learn how to port exploit using Powershell
  • Build Command and Control (C2) infrastructure using different payload delivery methods such as VBA, Client-side exploits, HTML etc.

Preequisite Knowledge

  • Basic Networking knowledge
  • Basic Windows and Linux command-line Skills
  • Penetration Testing Experience
  • Basic Assembly Language knowledge (Videos will be provided 1 month before the training)
  • Scripting knowledge in Python (Videos will be provided 1 month before the training)

Hardware / Software Requirements

  • Modern laptop with wireless networking capabilities and have admin/root access on it. (64-bit Machine)
  • Minimum 4 GB RAM installed
  • At least 40 GB HD Free
  • VMware Workstation / Fusion installed

Agenda

DAY 1

  • Advanced Information Gathering, Network Scanning, Enumeration, Stealth Scanning Strategies
  • Threat Modelling
  • Simulating Advanced Persistent Threat (APT)
  • Spoofing Based Attacks
  • Multiple techniques for gaining man-in-the-middle network access
  • IPv4 and IPv6 attacks for pentesters
  • Attacking an IPSec Virtual Private Network
  • Exploiting vulnerabilities in communication protocols
  • Adding custom Nmap scripts to your arsenal
  • Assessing Routers – Router scanning analysis, iptables network analysis
  • Evaluating switches – VLAN Hopping attacks, GARP attacks, Layer two attacks
  • Working with Virtual Switches Evasion
  • Pentesting and Exploiting Linux Systems
  • Pentesting and Exploiting Windows Systems
  • Client Side Exploitation – Backdooring Executable Files, Attacking a System using Hostile Scripts
  • Faster and smarter password cracking
  • Custom network protocol manipulation

DAY 2

  • Exploit routing protocol implementations
  • Bypass different types of Network Access Control (NAC) implementations
  • Firewalls – Mapping beyond firewall, Firewall identification, Evading Firewalls
  • Intrusion Detection System / Intrusion Prevention System (IDS/IPS) – IDS/IPS identification, Evading IDS/IPS
  • Antivirus – Bypassing Antivirus using different framework, Evading detection and blocks from the different endpoint protection mechanisms that may encounter during your testing, Generating compiled python executable from the raw the shellcode from Veil framework
  • Using Port forward, Pivoting and Tunneling to reach out another network in real-world pentests
  • Identification and Enumeration of internal network hosts
  • Write Python scripts to automate testing
  • Detection of Web Application Firewall and Load Balancers
  • Bypassing Web Application Firewalls (WAF) – Tricks to Penetrate Firewall
  • Shellcoding and customizing existing shellcodes
  • Web app attacks – Advanced Cross-Site Scripting (XSS) – XSS to system compromise, Advanced SQL Injections – SQL Injection to system compromise, RCE, File uploads and more.

DAY 3

  • Windows Domain Attacks – Modern Enumeration of Windows Environments, Controlling the Domain, Authentication Protocol Downgrade Attacks, Breaking from Restricted Desktops
  • Kerberos Attacks – Pass-the-Hash, Pass-the-Tickets, Golden tickets, Silver tickets etc.
  • Active Directory Exploitation
  • Windows API Exploitation
  • Bypassing Windows User Account Control (UAC)
  • Using PowerShell in Post Exploitation Scenario
  • Privilege Escalation
  • Fingerprinting and Attacking CMS – WordPress, Drupal, Joomla
  • Database Hacking – MySQL, SQL Server, MongoDB, Postgres, Oracle
  • Insecure System/Service configuration – FTP, NTP, VNC, SNMP, WebDav, Samba etc.
  • System Vulnerabilities – SMTP, SNMP, SSH
  • Recent Vulnerabilities – Shellshock vulnerability, Heartbleed vulnerability, POODLE vulnerability, JSON Web Token, Padding Oracle
  • Attacking Secure Socket Layer – SSL downgrade attacks, Overcoming SSL transport encryption security with SSLStrip, SSL 2.0
  • Advanced memory scanning techniques
  • DLL Injection
  • Credential Replay Attacks
  • Shellcoding
    • Writing your own shellcode for Bind and Reverse TCP, Egg Hunter etc.
    • Use and modify 3rd party shellcode for fun and profit
    • Write your own Encoders, Decoders, Crypters to evade AntiVirus
  • Create Polymorphic and Mutation code
  • Buid Command and Control (C2) infrastructure for stealth, Remote File Access, Remote Command Execution

TRAININGS
Location: Training Rooms Date: April 9, 2018 Time: 9:00 am - 6:00 pm Vikram Salunke