• NULLCON Online Training
  • November 2020
  • Advanced Infrastructure Security Assessment

Advanced Infrastructure Security Assessment

Omair

register Now
Omair

Trainer Name: Omair
Title: Advanced Infrastructure Security Assessment
Duration: 4 Days
Dates: 07th - 10th November 2020
Time: 10:00 AM to 2:00 PM IST
Delivery Mode: via Zoom.us and Discord Platform



Course Content

  • Exploiting network service to gain foothold
    • Discover network services
    • Try exploitation with public tools
    • Customize public exploit to gain access
  • Pivoting Lab
    • Pivoting using Meterpreter and SOCKS Tunnel
    • Proxy Chains
    • Discovering and exploiting internal network
  • Hacking the Evil Corp
    • Discover apps and services
    • Exploit configuration weaknesses for information gathering Exploit workstations
    • Exploit custom services
  • Windows Domain Exploitation
    • Network discovery and gaining entry to domain
    • Credential extraction from memory
    • Active Directory enumeration
    • Kerberos attacks
      • Pass the Ticket
      • Kerberoasting
  • Domain privilege escalation
  • Lateral Movement
    • PsExec / WMIExec with Hash / Ticket (PtH / PtT)
    • Golden Tickets
  • Enterprise services exploitation
    • Symantec BackupExec
    • Symantec Messaging
    • Gateway Microsoft Exchange
    • Oracle Database Server

Prerequisites

  • Experience with vulnerability assessment and penetration testing
  • Familiarity with web application security vulnerabilities
  • Basic knowledge of TCP / IP network protocol
  • Familiarity with virtualization tools like VMware / VirtualBox

What To Expect

  • Exposure to infrastructure penetration testing tools and techniques
  • Exploiting enterprise network
  • Live real-life scenarios
  • Multi vector attacks
  • Exploiting configuration vulnerabilities
  • Capture the Flag (CTF) to test skills

What To Bring

  • A laptop with administrator privileges
  • Minimum 50 GB of free hard disk space
  • Minimum 4 GB RAM for virtual machines
  • Laptop should have a ethernet and wifi capability
  • VM Player or VMWare Workstation installed

About Trainer

Omair has over eight years of experience in penetration testing, vulnerability assessment and network security. He has been responsible for maintaining a secure network for mission critical applications. His area of work includes Vulnerability Assessment, Security Audits, Penetration Test, Source Code Reviews and Trainings.

He was led penetration tester for various clients in the telecom, retail, government and banking sector based in India, Saudi, Morocco, Mauritius, UAE, Kuwait, Oman and Bahrain with a team size varying from 5-8 members.

He has also published security advisories pertaining to various vulnerabilities in commonly used software like Excel, Real Player, Internet Explorer and Chrome. His area of expertise includes Vulnerability Research, Reverse Engineering and Fuzzing. Some of the latest CVE’s reported by him CVE-2015-1240, CVE-2015- 1668, CVE-2015-0043, CVE-2015-0042, CVE-2014-4128, CVE-2014-6354, CVE-2014-4145, CVE-2014- 4050, CVE-2014-1772, CVE-2014-0313, and CVE-2014-0263.

Omair has various industry certification under his name.

  • OSCP Offensive Security Certified Professional
  • CEH Certified Ethical Hacker
  • RHCE Red Hat Certified Engineer
  • VCP VMware Certified Professional
  • JNCIS-JES Juniper Networks Certified Internet Specialist, Enhanced Services
  • JNCIA-EX Juniper Networks Certified Internet Associate, Enterprise
  • IBM Certified System Expert - System x Blade Centre Technical Switching Support V5
  • IBM IBM System x Technical Principles V9
  • HP Accredited Platform Specialist - Proliant ML / DL Servers

Copyright © 2019-20 | Nullcon India | International Security Conference | All Rights Reserved