Kursleverandør: Glasspaper – Paula Januszkiewicz
In this workshop you will investigate the critical tasks for a high-quality penetration test. Well look at the most efficient ways to map a network and discover target systems and services. Once the systems are discovered, we will search for vulnerabilities and reduce false positives with manual vulnerability verification. At the end we will look at exploitation techniques, including the use of the authored and commercial tools. In the attack summary we will always go through the securing techniques.
But exploits are not the only way to get to systems! We will go through the operating systems’ build in problems and how they can be beneficial for hackers! One of the most important things to conduct the successful attack is to understand how the target works. To the bones! After that everything is clear and tool is just a matter of our need.
The course that covers all aspects of Windows infrastructure security from the hacker’s mind perspective!
Our goal is to show you and teach you what kind of mechanisms are allowing to get inside the infrastructure and how to get to operating systems. After the course you will gain penetration tester’s knowledge and tools. And to get more practice we offer one week more of labs online!
We really want you to go out from the class with the practical, ready-to-use knowledge what are the ways to get into the infrastructure.
This is a deep dive course. It is a must-go for enterprise administrators, security officers and architects. Delivered by one of the best people in the market in the security field – with practical knowledge from tons of successful projects, many years of real-world experience, great teaching skills and no mercy for misconfigurations or insecure solutions!
The course has a form of intense workshop and you MUST stay awake just not to miss a thing!
Author’s unique tools, over 150 pages of exercises, presentations slides with notes.
Module 1: Hacking Windows Platform
- Detecting unnecessary services
- Misusing service accounts
- Implementing rights, permissions and privileges
- Direct Kernel Object Modification
Module 2: Top 50 tools: the attackers best friends
- Practical walkthrough through tools
- Using tools against scenarios
Module 3: Modern Malware
- Techniques used by modern malware
- Advanced Persistent Threats
- Fooling common protection mechanisms
Module 4: Physical Access
- Misusing USB and other ports
- Offline Access techniques
- BitLocker unlocking
Module 5: Intercepting Communication
- Communicating through firewalls