Training Objectives

Security systems are evolving and becoming more complex, and so are hacking techniques. Every successful compromise of the network infrastructure has to evade multiple layers of security in a perfect sequence. Imagine yourself in an environment with diverse operating systems, servers, and applications with legacy as well as in-house developed products and security solutions such as firewalls, AV, etc. How do you plan to go ahead and pwn them all?

Learn to exploit and compromise targets where Metasploit will not work by default. Look inside the exploit code, and tweak them to make it work against your targets. Perform a wide array of tricks to discover, enumerate, and pwn services, systems, and domain controllers. Move around in an enterprise network with Active Directory. Analyse and exploit enterprise software components.

NOTE: This is an advanced training program. The participants are expected to be familiar with network services vulnerability assessment and penetration testing, including basic ideas about vulnerabilities and their exploitation techniques.

Training level: Advanced

Training Outlines

Day-1

Exploiting network service to gain a foothold
- Discover network services
- Try exploitation with public tools
- Customize public exploit to gain access
Pivoting Lab
- Pivoting using Meterpreter and SOCKS Tunnel
- Proxychains, Sliver, Chisel
- Discovering and exploiting internal network
Hacking the Evil Corp
- Discover apps and services
- Exploit configuration weaknesses for information gathering
- AV Evasion

Day-2

Windows Domain Exploitation
- Network discovery and gaining entry to the domain
- Credential extraction from memory
- Active Directory enumeration
- Kerberos attacks
  - Pass the Ticket
  - Kerberoasting
Domain privilege escalation
Lateral Movement
- PsExec / PSSession with Hash / Ticket (PtH / PtT)
- Golden Tickets
- DCSync

Day-3

More Lateral Movement
- ACL Abuse
- Delegation
  - Unconstrained
  - Constrained
  - Resource Based Constrained Delegation
Enterprise services exploitation
- Symantec BackupExec
- Symantec Messaging
- Gateway Microsoft Exchange

What to Bring?

A laptop with administrator privileges
Minimum 50 GB of free hard disk space
Minimum 4 GB RAM for virtual machines
A laptop should have ethernet and wifi capability (Adapters for Ethernet Connectivity).
VM Player or VMWare Workstation installed
Administrative rights on the laptop to disable AV.
GitHub ID

Training Prerequisite

Experience with vulnerability assessment and penetration testing
Familiarity with web application security vulnerabilities
Basic knowledge of TCP / IP network protocol
Familiarity with virtualization tools like VMware / VirtualBox

Who Should Attend

Penetration Tester
Security Analyst
Security Engineer

What to Expect?

Exposure to infrastructure penetration testing tools and techniques
Exploiting enterprise network
Live real-life scenarios
Multi vector attacks
Exploiting configuration vulnerabilities

What attendees will get

There will be a lab manual provided at the end of the course, which can be used as a cheat sheet in real-life engagements.

What not to expect?

The labs used during the course are not provided/accessible after the training.

TRAINING