Advanced Infrastructure Hacking

Displaying courses for Great Britain [Change]

Overview

For IT security professionals, staying up-to-date with the latest vulnerabilities and exploits is a real challenge. Knowing a vulnerability from a high level perspective is not enough. A good security professional must be able to demonstrate the impact of the vulnerability. To bridge the gap between understanding a vulnerability and to be able to fully exploit it.

During the 5 days event, delegates will be granted access to a state-of-the-art Hacklab and will be asked to enumerate, assess, exploit and then post exploit vulnerabilities to achieve various objectives within the Hacklab.

Objectives

Individuals taking the Advanced Infrastructure Hacking course will experience hands-on practical content that is extremely current and taught at the world's top conference stages. The course was written to address the need in the market for high-end training in the field of Infrastructure; inspired by daily on-site Penetration Testing and training in the community / conferences. The course enable students to practice topics such as exploit chaining, post-exploitation, combining low risk vulnerabilities to obtain high impact outcomes.

Benefits

The course examines and hacks a wealth of modern vulnerabilities aka (MS14-068, MS15-077). All labs are virtualised and there are dedicated VMs for each student.

Advanced Infrastructure Hacking course will familiarise you with a wealth of hacking techniques for common operating systems, networking devices and everything else in between. The course is ideal for those preparing for CREST CCT (ICE), CHECK (CTL), TIGER SST and other similar industry certifications and those who perform Penetration Testing on infrastructure as a day job and want to take their skills to different level. From hacking Domain Controllers with MS14_068 to GHOST local root; VLAN Hopping to VoIP Hacking, a wide variety of approaches to Infrastructure Hacking is covered.

Audience

  • Penetration Testers and Security Researchers
  • CSIRT & Red Team professionals
  • Security Operations Centre (SOC) analysts
  • Security/System/Network architects
  • Information Security Professionals

Prerequisites

Prior hands-on experience of common hacking/enumeration tools such as Nmap, Metasploit etc., is recommended for the class. QA Certified Ethical Hacker (CEH) certification is strongly recommended as a pre-requisite to this advanced hacking course.

Syllabus

The course is based on the following modules:

Hacking Networks, Databases

1.1 TCP/IP & Network Enumeration
1.2 Port scanning
1.3 TCP/UDP scanning
1.4 Windows/Linux enumeration
1.5 The Art of brute-forcing
1.6 Insecure SNMP Configuration
1.7 Database Exploitation (Oracle, Postgres, Mysql)
1.8 Hacking Application servers (Websphere)
1.9 Exploiting SSL vulnerabilities such as heartbleed
1.10 Exploiting remote systems via Shellshock
1.11 Exploiting Java and PHP serialization bugs

Advanced Windows Hacking

2.1 Windows Vulnerabilities
2.2 Mastering Metasploit
2.3 Latest remote exploits
2.4 Pivoting within internal network
2.5 Local privilege escalation
2.6 Custom payloads
2.7 Post-exploitation

Hacking Windows Domains

3.1 Compromising Windows Domain
3.2 Pass the hash
3.3 Pass the ticket
3.4 Breaking Kerberos
3.5 Third party exploits (browser, java, pdf)

Advanced Linux Hacking

4.1 Linux Vulnerabilities
4.2 Finger
4.3 Rservices
4.4 NFS Hacks
4.5 SSH hacks
4.6 X11 vulnerabilities
4.7 Local Privilege escalation
4.8 Kernel exploits
4.9 Weak file permissions
4.10 SUID/SGID scripts
4.12 Inetd services

Hacking VLANs, VoIP, Switches & Routers

5.1 VLAN Hopping
5.2 Hacking VoIP
5.3 Exploiting insecure VPN configuration
5.4 Switch/Router vulnerabilities

Training provider

Teaching mode: Classroom - Instructor Led
Duration: 5 days
Gooroo has partnered with the global leaders in IT training to give you access to quality training, personalised to you, targeted at increasing your job opportunities and salary.

Our pricing

We do not display pricing as Gooroo members qualify for special discounts not available elsewhere. You must enquire through Gooroo to get this benefit.

New courses are happening all the time

Our partner's expert training consultant will provide you with the times and all the details you need. Enquire today.

Top skills covered in this course

White hat
Great Britain
This skill has an average salary of
£48,443
and is mentioned in
0.07%
of job ads in this area.
Java
Great Britain
This skill has an average salary of
£61,720
and is mentioned in
3.53%
of job ads in this area.
Linux
Great Britain
This skill has an average salary of
£53,683
and is mentioned in
2.12%
of job ads in this area.
Oracle Database
Great Britain
This skill has an average salary of
£52,213
and is mentioned in
1.76%
of job ads in this area.