About the course
Internal networks are attractive to attackers as they are often the least secure component of a company’s infrastructure. This hands-on course mimics what attackers and criminals are doing – compromising networks, hunting down key accounts and business-critical information. The student will be trained in the methods and approaches taken when performing internal and external network penetration tests in a fully functional lab.
Exploit and control common architecture and network deployments
This hands-on course looks at the methods and approaches attackers take when targeting organisations. Each student will have a fully functional network, simulating an organization, with a target rich environment geared towards hacking with no bounds. Your aim will be to think like an attacker and map out your target, find weaknesses and fully exploit trust relationships in place. Using scenarios along with presentations, this course is a healthy mix of thinking, strategies and the methodologies you might need for every step along the way. You will leave this course knowing what tools and techniques hackers use in the wild, and with a deep enough understanding to defend your organization against them.
Owning the network
Seeing the wood for the trees is key when targeting networks. Foot printing and fingerprinting your target is often overlooked. This module delves into the most efficient ways to enumerate targets, discover vulnerabilities and successfully exploit them.
The training course will pay specific attention to the following topics:
- Perform reconnaissance against your target
- Footprinting and fingerprinting
- Technical exploitation
- You've found a way in, now what?
- Attribution - hiding in the shadows
- Post exploitation - Passwords, tokens, data and more
- Moving Laterally - Compromising other hosts
- Attacking active directory
- Hunting down mission critical systems and key players
- Cracking passwords and getting into corporate emails
- Exfiltration techniques
SensePost Training Portal
We've developed a training portal for students to interact with the trainers, keep updated on content and also download all files, slides and tools delivered during the course. This portal is made available to all students, even when the course has finished. In addition, we've moved our training infrastructure into our own cloud, which means students get their own individual environments to test against, making use of VPN's and numerous targets. This gives a fully immersive experience of attacking real-world architecture and networks.
Who should take this course?
This course is ideal for those wanting to learn how attackers are gaining access to networks, penetration testers who are new to network penetration testing, and/or those who wish to brush up on effective ways to own companies from the net and internally.
The course is also ideal for administrators who want to defend against these attacks. The hands-on nature of the course ensures that you will be familiar enough with the tools and techniques that you'll be able to verify whether your organization is vulnerable, and how to defend yourself if you are
If you wish to have training, please get in touch with our sales team to discuss further.
|Start date||Location / delivery|
|02 Sep 2019||London|