Training

Education is the most powerful weapon which you can use to change the world

Having trained thousands of students on the art of network and application exploitation for the past decade, it's safe to say we enjoy teaching others how to own networks and applications. Our courses are developed from the work we perform for clients, so that you get a better understanding of how to exploit real-world scenarios.

Infrastructure

Infrastructure

Targeting and owning internal networks is as popular as it has ever been. Internal networks are attractive to attackers as they are often the least secure of a companies infrastructure. This course mimics what attackers and criminals are doing - compromising networks and hunting down key players and information.

Course outline

Exploit and control common architecture and network deployments

This hands-on course looks at the methods and approaches attackers take when targeting organisations. Each student will have a fully functional network, simulating an organization, with a target rich environment geared towards hacking with no bounds. Your aim will be to think like an attacker and map out your target, find weaknesses and fully exploit trust relationships in place. Using scenarios along with presentations, this course is a healthy mix of thinking, strategies and the methodologies you might need for every step along the way. You will leave this course knowing what tools and techniques hackers use in the wild, and with a deep enough understanding to defend your organization against them.

Owning the network

Seeing the wood for the trees is key when targeting networks. Foot printing and fingerprinting your target is often overlooked. This module delves into the most efficient ways to enumerate targets, discover vulnerabilities and succesfully exploit them.

Course Syllabus

The training course will pay specific attention to the following topics:

  • Perform reconnaissance against your target
  • Footprinting and fingerprinting
  • Technical exploitation
  • You've found a way in, now what?
  • Attribution - hiding in the shadows
  • Post exploitation - Passwords, tokens, data and more
  • Moving Laterally - Compromising other hosts
  • Attacking active directory
  • Hunting down mission critical systems and key players
  • Cracking passwords and getting into corporate emails
  • Exfiltration techniques

SensePost Training Portal

We've developed a training portal for students to interact with the trainers, keep updated on content and also download all files, slides and tools delivered during the course. This portal is made available to all students, even when the course has finished. In addition, we've moved our training infrastructure into our own cloud, which means students get their own individual environments to test against, making use of VPN's and numerous targets. This gives a fully immersive experience of attacking real-world architecture and networks.

Who should take this course?

This course is ideal for those wanting to learn how attackers are gaining access to networks, penetration testers who are new to network penetration testing, and/or those who wish to brush up on effective ways to own companies from the net and internally.

The course is also ideal for administrators who want to defend against these attacks. The hands-on nature of the course ensures that you will be familiar enough with the tools and techniques that you'll be able to verify whether your organization is vulnerable, and how to defend yourself if you are

Location & Time

Will be discussed

Our courses are delivered publicly by our training partner Blackhat. For further information on the next public course, please visit Blackhat.com. If you wish to have In-house training, please get in touch with our sales team to discuss further.