Hacking Enterprises – 2020 Release
Developed and delivered by trainers who teach internationally at global security conferences such as Black Hat, our Hacking Enterprises training is an immersive hands-on experience designed to test, develop and extend your mindset and skills.
Hacking Enterprises is delivered throughout the year at several security conferences across the globe and with our training partner in 2, 3, 4 and 5-day formats.
Do you need bespoke internal offensive security training for your team? If it’s defensive training you’re after, check out our Defending Enterprises training aimed at blue teams and SOC analysts. Contact us on [email protected] for further information.
Hacking Enterprises simulates a full-scale enterprise attack scenario, allowing attendees to tackle every stage of a complex multi-layered penetration test and teaches multiple ways to identify, enumerate, exploit and compromise an organisation. Deep theory and immersive practical exercises reinforce underlying knowledge with practical understanding and application.
Attacking the latest operating systems and using modern techniques, the training emphasises exploiting configuration weaknesses rather than throwing traditional exploits, putting logical thinking and creativity to the test.
The course covers the following topics, which you’ll encounter as you progress and unlock new networks, domains, trusts and more…
- MITRE ATT&CK framework primer
- Monitoring and alerting intro using our ELK stack
- Leveraging OSINT activities
- Enumerating and targeting IPv4 and IPv6 hosts
- Windows and Linux enumeration and living off the land
- Linux shells, post exploitation and privilege escalation
- Kubernetes and container security
- Phishing campaign creation and execution against our simulated users
- [email protected] and [email protected] cracking
- Windows exploitation and privilege escalation
- Bypassing Windows Defender/AMSI and UAC
- RDP hijacking
- Bypassing AWL (AppLocker, PowerShell CLM and Group Policy)
- Enumerating and extracting LAPS secrets
- Pivoting, lateral movement, routing, tunnelling and SOCKS proxies
- Abusing domain trusts
- Using WMI Event Subscriptions and Scheduled Tasks for persistence
- OOB data exfiltration using ICMP and DNS
- Domain fronting and C2
- CTF – putting newly learned skills to practice!
Check out our course preview below. After training completes you will receive a Hacking Enterprises completion certificate as well as lab and CTF time.
- 14-days lab access after training completes
- 14-days access to a CTF platform including subnets/hosts not seen during training
- Discord channel access
- Completion certificate
- A firm familiarity of Windows and Linux command line syntax
- Understanding of networking concepts
- Pentesting and/or SOC experience advantageous but not required
- Suited to system/network administrators, penetration testers and anyone working in a technical IT role
- You will need to bring a laptop with local administrator/root access
Details of all our scheduled courses can be found on our events calendar.