Education is the most powerful weapon used to change the world

Having trained thousands of students on the art of network and application exploitation for the past decade, it's safe to say we enjoy teaching others how to own networks and applications. Our courses are developed from the work we perform for clients, so that you get a better understanding of how to exploit real-world scenarios.

Enterprise Infrastructure Hacking

Enterprise Infrastructure Hacking

Internal networks are attractive to attackers as they are often the least secure component of a company’s infrastructure. This hands-on course mimics what attackers and criminals are doing – compromising networks, hunting down key accounts and business-critical information. The student will be trained in the methods and approaches taken when performing internal and external network penetration tests in a fully functional lab.

Course Details

This course is all about compromising companies through their infrastructure. It will take you on a journey from learning about an organisation right through to stealthy exploitation of their critical infrastructure. This is aimed at beginner penetration testers or technically minded people wanting to understand how to go about compromising their organisation to better defend it. This is a follow on from our Hands-On Hacking Fundamentals course.

The course has a narrative starting with understanding your target, moving through initial compromise, then post exploitation and lastly going after the crown jewels.

More specifically, it will cover topics such as:

  • Introduction to a hacking methodology, how to repeatably compromise organisations without merely relying on common tricks.
  • Organisation OSINT, understanding the business, how that is represented by their technology and how to examine it.
  • Finding targets and understanding what you are likely to get from pursuing them. How to identify common and uncommon paths to the internal network as well as poorly secured targets the IT team may not know about.
  • Discovering the technology and architecture used by the targets, and what attack approaches these require, as well as how to balance your time to optimise for compromise.
  • Identify vulnerabilities in protocols such as SMB and RDP and how to exploit them to obtain access to different systems.
  • Privilege escalation, PowerShell/C# local exploits, password cracking and more.
  • Collection and review of an Active Directory environment using Bloodhound. Usage of techniques such as Pass-the-Hash, Pass-the-Ticket, Discretionary Access Control Lists abuse and more.
  • An introduction to red teaming and the differences in approach.
  • A practical introduction to detecting actions performed in the previous phases.

Course Content

Exploit and control common architecture and network deployments

This hands-on course looks at the methods and approaches attackers take when targeting organisations. Each student will have a fully functional network, simulating an organization, with a target rich environment geared towards hacking with no bounds. Your aim will be to think like an attacker and map out your target, find weaknesses and fully exploit trust relationships in place. Using scenarios along with presentations, this course is a healthy mix of thinking, strategies and the methodologies you might need for every step along the way. You will leave this course knowing what tools and techniques hackers use in the wild, and with a deep enough understanding to defend your organization against them.

Owning the network

Seeing the wood for the trees is key when targeting networks. Foot printing and fingerprinting your target is often overlooked. This module delves into the most efficient ways to enumerate targets, discover vulnerabilities and succesfully exploit them.

Course Syllabus

The training course will pay specific attention to the following topics:

  • Perform reconnaissance against your target
  • Footprinting and fingerprinting
  • Technical exploitation
  • You've found a way in, now what?
  • Attribution - hiding in the shadows
  • Post exploitation - Passwords, tokens, data and more
  • Moving Laterally - Compromising other hosts
  • Attacking active directory
  • Hunting down mission critical systems and key players
  • Cracking passwords and getting into corporate emails
  • Exfiltration techniques

SensePost Training Portal

We've developed a training portal for students to interact with the trainers, keep updated on content and also download all files, slides and tools delivered during the course. This portal is made available to all students, even when the course has finished. In addition, we've moved our training infrastructure into our own cloud, which means students get their own individual environments to test against, making use of VPN's and numerous targets. This gives a fully immersive experience of attacking real-world architecture and networks.

Who should take this course?

This course is ideal for those wanting to learn how attackers are gaining access to networks, penetration testers who are new to network penetration testing, and/or those who wish to brush up on effective ways to own companies from the net and internally.

The course is also ideal for administrators who want to defend against these attacks. The hands-on nature of the course ensures that you will be familiar enough with the tools and techniques that you'll be able to verify whether your organization is vulnerable, and how to defend yourself if you are


If you wish to have training, please get in touch with our sales team to discuss further.