Learning objectives
The participants know the most prevalent security issues in typical company networks. They learn about the most important IT security principles, attacker tools and methodologies and are able to gain hands-on experience and train their skills in realistic attack scenarios. The participants understand how attackers proceed, what tricks they use and which vulnerabilities are commonly exploited. They are able to check their company independently for weak spots and can introduce and apply the corresponding countermeasures. In this course, network and system administrators learn how to protect and defend their infrastructure against realistic attacks according to current standards and best practices.
Highlights
- Information Gathering (OSINT, Attack Surface Discovery)
- Network Discovery (Host- and Service Discovery, nmap)
- Vulnerability Management (Scanning, CWE, CVSS, Zero-Days)
- Exploitation and Remote Code Execution (Shells, Metasploit, Exploit-DB)
- Local Privilege Escalation on Windows and Linux
- Active Directory Security (Theory, PingCastle)
- Active Directory Privilege Escalation and Lateral Movement (BloodHound)
- Windows Credentials (Theory, Dumping, Cracking)
- Windows Access Tokens (Theory, Abuse)
- NTLM Authentication (Pass the Hash, Responder, NTLM Relay)
- Kerberos (Theory, Kerberoasting, Delegation)
- Active Directory Certificate Services (Theory, Attacks)
- MS SQL Server (Theory, Attacks)
- Command and Control Frameworks
Demarcation: This course primarily treats attacks on the network and system levels. Attacks on web applications are covered in the Web Application Security courses. Analysis and monitoring of logs will be treated in the courses on forensics and APT analysis.
The exercises will be done on the online learning platform Hacking-Lab as well as in a lab environment on Azure. Following the course, the Hacking-Lab environment is available to the participants for 30 days more.
Target group
- Security Officers
- Network Administrators/Engineers
- System Administrators (Unix/Linux/Windows)
- Firewall Administrators/Engineers
- Active Directory Engineers
Prerequisite
- Familiarity with command lines (Windows CMD/PowerShell, Linux Bash)
- Basic knowledge of network protocols (TCP/IP)
- Basic knowledge of Windows Networks/Domains