Only 5 days
Classroom
21/10/2024 (Monday)
Overview
On this 5-day accelerated Advanced Infrastructure Hacking course, you'll learn adavnced penetration techniques to exploit common operating systems and networking devices.
You'll build hands-on skills, combining NotSoSecure's sophisticated hack-lab with our unique Lecture | Lab | Review technique, which immerses you in the curriculum and allows you to fully grasp the advanced hacking techniques for infrastructure systems, helping you manage the vulnerabilities of your systems.
Your expert Firebrand instructor will take you through every aspect of network hacking, from hacking domain controllers to local root, VLAN Hopping and VoIP hacking.
You'll explore a range of networking hacking tools and techniques including:
- IPv4 and IPv6 Refresher
- OSINT, DVCS Exploitation
- Database Servers
- Windows, AD and Linux exploitation techniques
- Container breakout
- VPN, VoLP, VLAN exploitation
On this course, you'll get 24/7 lab access and access to NotSoSecure custom built systems with specially designed hacking challenges built to stimulate creative and innovative thinking.
This course is ideal if you're a System Administrator, SOC Analyst, Penetration Tester, Network Engineer, security enthusiast or simply want to advance your knowledge in infrastructure hacking.
Curriculum
- Module 1: IPv4/IPv6 Scanning, OSINT
- Advanced topics in network scanning
- Understanding & exploiting IPv6 Targets
- Advanced OSINT Data gathering
- Module 2: Web Technologies
- Exploiting DVCS (git)
- Owning Continuous Integration (CI) servers
- Deserialization Attacks (Java, Python, Node, PHP)
- Dishonourable Mentions (SSL/TLS, Shellshock)
- Module 3: Hacking Database Servers
- Mysql
- Postgres
- Oracle
- MongoDB
- Module 4: Windows Exploitation
- Windows Enumeration and Configuration Issues
- Windows Desktop ‘Breakout’ and AppLocker Bypass Techniques (Win 10)
- Local Privilege Escalation
- A/V & AMSI Bypass techniques
- Offensive PowerShell Tools and Techniques
- GPO based exploit
- Constrained and Unconstrained delegation attack
- Post Exploitation Tips, Tools and Methodology
- Module 5: AD Exploitation
- Active Directory Delegation Reviews and Pwnage (Win 2012 server)
- Pass the Hash/Ticket Pivoting and WinRM Certificates
- Pivoting, Port Forwarding and Lateral Movement Techniques
- Persistence and backdooring techniques (Golden Ticket, DCSync, LOLBAS)
- Module 6: Linux Exploitation
- Linux Vulnerabilities and Configuration Issues
- Treasure hunting via enumeration
- File Share/SSH Hacks
- X11 Vulnerabilities
- Restricted Shells Breakouts
- Breaking Hardened Web Servers
- Local Privilege Escalation
- MongoDB exploitation
- TTY hacks, Pivoting
- Gaining root via misconfigurations
- Kernel Exploitation
- Post Exploitation and credentials harvesting
- Module 7: Container Breakout
- Breaking and Abusing Docker
- Kubernetes Vulnerabilities
- Module 8: VPN Exploitation
- Exploiting Insecure VPN Configuration
- Module 9: VoIP Attack
- VOIP Enumeration
- VOIP Exploitation
- Module 10: VLAN Attacks
- VLAN Concepts
- VLAN Hopping Attacks
- Module 11: Cloud Hacking
- AWS/Azure/GCP specific attacks
- Storage Misconfigurations
- Credentials, API’s and token Abuse
- IaaS, PaaS, SaaS, CaaS and Serverless exploitation
- Azure AD attacks
What's Included
On this course, you'll get:
- An up-to-date collection of the latest vulnerabilities.
- Hack lab access during and for 30 days after completing the course.
Prerequisites
Although you don't need pen testing experience, some experience in using common hacking tools such as Metasploit is recommended.
Before attending this course, you should complete the Infrastructure Hacking course, as this course builds on the principles introduced in Infrastructure Hacking.
Benefits
Seven reasons why you should sit your course with Firebrand Training
- Two options of training. Choose between residential classroom-based, or online courses
- You'll be certified fast. With us, you’ll be trained in record time
- Our course is all-inclusive. A one-off fee covers all course materials, exams**, accommodation* and meals*. No hidden extras.
- Pass the first time or train again for free. This is our guarantee. We’re confident you’ll pass your course the first time. But if not, come back within a year and only pay for accommodation, exams and incidental costs
- You’ll learn more. A day with a traditional training provider generally runs from 9 am – 5 pm, with a nice long break for lunch. With Firebrand Training you’ll get at least 12 hours/day of quality learning time, with your instructor
- You’ll learn faster. Chances are, you’ll have a different learning style to those around you. We combine visual, auditory and tactile styles to deliver the material in a way that ensures you will learn faster and more easily
- You’ll be studying with the best. We’ve been named in the Training Industry’s “Top 20 IT Training Companies of the Year” every year since 2010. As well as winning many more awards, we’ve trained and certified over 135,000 professionals
*For residential training only. Doesn't apply for online courses
**Some exceptions apply. Please refer to the Exam Track or speak with our experts
Think you are ready for the course? Take a FREE practice test to assess your knowledge! Free Practice Test