Logo

NotSoSecure Advanced Infrastructure Hacking

What you'll learn

On this 5-day accelerated Advanced Infrastructure Hacking course, you'll learn adavnced penetration techniques to exploit common operating systems and networking devices.

You'll build hands-on skills, combining NotSoSecure's sophisticated hack-lab with our unique Lecture | Lab | Review technique, which immerses you in the curriculum and allows you to fully grasp the advanced hacking techniques for infrastructure systems, helping you manage the vulnerabilities of your systems.

Your expert Firebrand instructor will take you through every aspect of network hacking, from hacking domain controllers to local root, VLAN Hopping and VoIP hacking.

You'll explore a range of networking hacking tools and techniques including:

  • IPv4 and IPv6 Refresher
  • OSINT, DVCS Exploitation
  • Database Servers
  • Windows, AD and Linux exploitation techniques
  • Container breakout
  • VPN, VoLP, VLAN exploitation

On this course, you'll get 24/7 lab access and access to NotSoSecure custom built systems with specially designed hacking challenges built to stimulate creative and innovative thinking.

This course is ideal if you're a System Administrator, SOC Analyst, Penetration Tester, Network Engineer, security enthusiast or simply want to advance your knowledge in infrastructure hacking.

Curriculum

58 modules
  • Module 1: IPv4/IPv6 Scanning, OSINT
    • Advanced topics in network scanning
    • Understanding & exploiting IPv6 Targets
    • Advanced OSINT Data gathering
  • Module 2: Web Technologies
    • Exploiting DVCS (git)
    • Owning Continuous Integration (CI) servers
    • Deserialization Attacks (Java, Python, Node, PHP)
    • Dishonourable Mentions (SSL/TLS, Shellshock)
  • Module 3: Hacking Database Servers
    • Mysql
    • Postgres
    • Oracle
    • MongoDB
  • Module 4: Windows Exploitation
    • Windows Enumeration and Configuration Issues
    • Windows Desktop ā€˜Breakout’ and AppLocker Bypass Techniques (Win 10)
    • Local Privilege Escalation
    • A/V & AMSI Bypass techniques
    • Offensive PowerShell Tools and Techniques
    • GPO based exploit
    • Constrained and Unconstrained delegation attack
    • Post Exploitation Tips, Tools and Methodology
  • Module 5: AD Exploitation
    • Active Directory Delegation Reviews and Pwnage (Win 2012 server)
    • Pass the Hash/Ticket Pivoting and WinRM Certificates
    • Pivoting, Port Forwarding and Lateral Movement Techniques
    • Persistence and backdooring techniques (Golden Ticket, DCSync, LOLBAS)
  • Module 6: Linux Exploitation
    • Linux Vulnerabilities and Configuration Issues
    • Treasure hunting via enumeration
    • File Share/SSH Hacks
    • X11 Vulnerabilities
    • Restricted Shells Breakouts
    • Breaking Hardened Web Servers
    • Local Privilege Escalation
    • MongoDB exploitation
    • TTY hacks, Pivoting
    • Gaining root via misconfigurations
    • Kernel Exploitation
    • Post Exploitation and credentials harvesting
  • Module 7: Container Breakout
    • Breaking and Abusing Docker
    • Kubernetes Vulnerabilities
  • Module 8: VPN Exploitation
    • Exploiting Insecure VPN Configuration
  • Module 9: VoIP Attack
    • VOIP Enumeration
    • VOIP Exploitation
  • Module 10: VLAN Attacks
    • VLAN Concepts
    • VLAN Hopping Attacks
  • Module 11: Cloud Hacking
    • AWS/Azure/GCP specific attacks
    • Storage Misconfigurations
    • Credentials, API’s and token Abuse
    • IaaS, PaaS, SaaS, CaaS and Serverless exploitation
    • Azure AD attacks

Prerequisites

Although you don't need pen testing experience, some experience in using common hacking tools such as Metasploit is recommended.

Before attending this course, you should complete the Infrastructure Hacking course, as this course builds on the principles introduced in Infrastructure Hacking.

Exam info

Course Dates

Sorry, there are currently no dates available for this course. Please submit an enquiry and one of our team will contact you about potential future dates or alternative options.

FAQs

4 question

Yes, we do provide courses suitable for beginners. However, Firebrand's accelerated courses aren't easy and it's essential that you are interested and actively pursuing a career in IT.

Traditional training providers usually run their courses from 9am to 5pm. At Firebrand Training we maximise the number of learning hours to minimise the number of training days, so you’ll be back to your job as quickly as possible. You don’t waste time travelling to several courses and finding an exam centre after that.

Firebrand's accelerated courses are constantly reviewed. We ask our delegates for feedback after every course. We are official partners with leading vendors and therefore, we're provided with certification changes and updates, which we can then implement in our course delivery at a very early stage. This feedback is then analysed in view of changes or discrepancies. We will then address the topics mentioned and have a panel of subject matter experts provide us with valuable suggestions for improvement and solutions.

If you need to learn new skills and you want to be able to put them into practice quickly, then Firebrand is the right training company for you.

Our unique accelerated training method means that we are your fastest way to learn. By delivering training for up to 12 hours per day, seven days per week, with exam centres on-site, we ensure that you are trained and certified quicker than anywhere else, having spent less time out of the office away from the day job.

Can't find the answer you're looking for?

Our expert learning advisors are ready to help. Whether you need course recommendations, have technical queries, or want to discuss your learning goals, we're just a message away.

Train your team

Since 2001 we've trained 134,561 employees from thousands of large and small organisations, saving them more than one million hours in training time.

Learn More