As different on-premise and cloud environments shapeshift and converge, the practice of infrastructure security is becoming more complex. Organisations and their security teams can no longer afford to understand the overarching attack surface at a high level. Nor can they rely on the same security practices that worked in the past. What’s needed is a thorough, contextual understanding of how and why your architecture and systems get targeted by threat actors, which are at risk, and what happens when those attacks succeed. Our Advanced Infrastructure Hacking course provides delegates with this knowledge and more, by giving them an up-to-date arsenal of advanced offensive testing and remediation skills.
Our syllabuses are revised regularly to reflect the latest in-the-wild hacks and whatever proof of concepts we’ve been developing through our own research. Because they remain so up to date with the threat landscape and security industry standard, many delegates return every 1-2 years to update their skills and get a refresh.
What’s in the syllabus
IPV4/IPV6 SCANNING AND OPEN-SOURCE INTELLIGENCE GATHERING (OSINT)
- IPv6 service discovery and enumeration
- Exploiting systems/services over IPv6
- Host discovery and enumeration
- Advanced OSINT and asset discovery
- Exploiting DVCS and CI-CD server
HACKING DATABASES
- PostgreSQL / MySQL
- Oracle
- NoSQL
WINDOWS EXPLOITATION
- Windows enumeration and configuration Issues
- Windows desktop breakout and AppLocker bypass techniques (Win 10)
- Local privilege escalation
- Windows Antivirus
- Offensive PowerShell /Offsec Development
- AMSI bypass Techniques
- AV Evasion Techniques
- Post-exploitation Tips, Tools, and Methodology
ACTIVE DIRECTORY ATTACKS
- Active Directory delegation reviews and pwnage (Win 2016 Server)
- Pass the hash/ticket
- Cross domain and forest attacks
- Pivoting, port forwarding, and lateral movement techniques
- Persistence and backdooring techniques (Golden and Diamond Ticket)
- Command and Control (C2) frameworks
LINUX
- Linux vulnerabilities and configuration issues
- Treasure hunting via enumeration
- File share/SSH Hacks
- X11 Vulnerabilities
- Restricted shells breakouts
- Breaking hardened web servers
- Local privilege escalation
- MongoDB exploitation
- TTY “Teletype” hacks and pivoting
- Gaining root access via misconfigurations
- Kernel exploitation
- Post exploitation
- Persistence techniques
CONTAINER BREAKOUT
- Kerberos authentication
- Breaking and abusing Docker
- Exploiting Kubernetes vulnerabilities
- Breaking out of Kubernetes containers
CLOUD HACKING
- AWS, MS Azure, and GCP specific attacks
- Storage misconfigurations
- Credentials, APIs, and token abuse
- Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS), Container as a Service (CaaS), and serverless exploitation
- Azure AD attacks
- Exploiting insecure VPN configuration
- VLAN hopping attacks
Note: our syllabuses are subject to change based on new vulnerabilities found and exploits released.
Course highlights
What delegates love:
- Our labs: probably the biggest selling point for our courses. Not only will you spend most of the course hacking hands-on in a lifelike web environment.
- Individual access: you’ll have your own infrastructure to play with, enabling you to hack at your own speed.
- Real-world learning: where many of the leading cybersecurity training courses are based on theory, our scenario-led, research-based approach ensures you learn how real threat actors think and behave.
- Specialist-led training: you’ll learn from highly skilled and experienced practicing penetration testers and red teamers.
- Up-to-date content: our syllabus remains so relevant and current, delegates come back year on year for more.
- Remediations included: you’ll learn how to fix as well as find vulnerabilities.
- Course topics: our cloud and AD modules are a favourite.
