Advanced Infrastructure Hacking
Virtual Learning:3,180€ + IVA
Duração:
5 dias
Próxima Data:
25 a 29 Aug 2025
Local:
Online
Descrição
Our Advanced Infrastructure Hacking course is designed for those who wish to push their knowledge. Whether you are Pen Testing, Red Teaming or trying to get a better understanding of managing vulnerabilities in your environment, understanding advanced hacking techniques is critical.
This course teaches the audience a wealth of advanced Pen Testing techniques, from the neat, to the new, to the ridiculous, to compromise modern Operating Systems, networking devices and Cloud environments. From hacking Domain Controllers to local root, to VLAN Hopping, to VoIP Hacking, to compromising Cloud account keys, we have got everything covered.
*PVP por participante. A realização do curso nas datas apresentadas está sujeita a um quórum mínimo de inscrições.
Destinatários
- Penetration testers and red teamers
- Security consultants and architects
- Network admins with security experience
- CSIRT/SOC teams/blue teamers
- Security/IT managers and team leads
-
Área: Cybersecurity
-
Certificação Associada: NSSAIH
Programa:
IPV4/IPV6 BASICS
- IPv6 service discovery and enumeration
- MiTM attacks
- Exploiting systems/services over IPv6
- Host discovery and enumeration
- Advanced OSINT and asset discovery
- Exploiting DVCS and CI-CD server (updated flow)
HACKING DATABASES
- PostgreSQL / MySQL
- Oracle
- NoSQL
WINDOWS EXPLOITATION
- Windows enumeration and configuration Issues
- Windows desktop breakout and AppLocker bypass techniques (Win 10)
- Local privilege escalation
- Offensive PowerShell /Offsec Development
- AMSI bypass Techniques
- AV Evasion Techniques
- Post-exploitation Tips, Tools, and Methodology
ACTIVE DIRECTORY(AD) ATTACKS
- Active Directory delegation reviews and pwnage (Win 2019 Server)
- Pass the hash/ticket (Updated)
- ADCS Misconfiguration
- Resource-based constrained delegation
- Cross domain and forest attacks
- Pivoting, port forwarding, and lateral movement techniques
- Persistence and backdooring techniques (Golden and Diamond Ticket)
- Command and Control (C2) frameworks (Updated)
LINUX EXPLOITATION
- Linux vulnerabilities and configuration issues
- Treasure hunting via enumeration
- Kerberos authentication
- File share/SSH Hacks
- Restricted shells breakouts
- Breaking hardened web servers
- Local privilege escalation
- MongoDB exploitation
- TTY “Teletype” hacks and pivoting
- Gaining root access via misconfigurations
- Kernel exploitation
- Post exploitation
- Persistence techniques (Linux capabilities)
CONTAINER BREAKOUT
- Breaking and Abusing Docker(updated)
- Exploiting Kubernetes vulnerabilities
- Breaking out of Kubernetes containers
CLOUD HACKING
- AWS, MS Azure, and GCP specific attacks
- Storage misconfigurations
- Credentials, APIs, and token abuse
- Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS), Container as a Service (CaaS), and serverless exploitation
- Azure AD attacks
- Exploiting insecure VPN configuration
- VLAN hopping attacks
Pré-requisitos:
Delegates must have the following to make the most of the course:
- Intermediate knowledge of infrastructure application security (at least 2 years’ experience)
- Common command line syntax competency
- Experience using virtual labs for pentesting and/or offensive research
Partilha: