Advanced Infrastructure Hacking - 2019 Edition

Note: This is a fast paced version of the original 4 day class, cut down to 2 days. To fit the entire training material within 2 days, some of the exercises have been replaced by demos which will be shown by the instructor. Students will receive FREE 1 month lab access to practice each exercise after the class. Whether you are penetration testing, Red Teaming or trying to get a better understanding of managing vulnerabilities in your environment, understanding advanced hacking techniques is critical. This course covers a wide variety of neat, new and ridiculous techniques to compromise modern Operating Systems, networking devices and everything in-between. While prior pentest experience is not a strict requirement, familiarity with both Linux and Windows command line syntax will be greatly beneficial. The following is the syllabus for the class: Day 1: IPv4/IPv6 Basics Host Discovery & Enumeration OSINT & Asset Discovery Hacking Application and CI Servers Oracle Database Exploitation Windows Vulnerabilities and Configuration Issues Windows Desktop 'Breakout' and AppLocker Bypass Techniques A/V & AMSI Bypass Techniques Offensive PowerShell Tools and Techniques Local Privilege Escalation Post Exploitation Tips, Tools and Methodology Exploiting Active Directory 'Delegation' Pivoting, Port Forwarding and Lateral Movement Techniques* Day 2: Linux Vulnerabilities and Configuration Issues User/Service Enumeration File Share/SSH Hacks Restricted Shells Breakouts Breaking Hardened Webservers Local Privilege Escalation Kernel Exploits MongoDB, TTY, Reverse tunneling Post Exploitation VLAN Hopping Docker breakout Kubernetes vulnerabilities AWS/GCP/Azure specific attacks IaaS, PaaS, SaaS and Serverless exploitation Exploiting Insecure VPN Configurations B33r 10