Penetration testing often focuses on individual vulnerabilities and services, but the quickest ways to exploit are often hands on and brute force. This two-day course introduces a tactical approach that does not rely on exploiting known vulnerabilities. Using a combination of new tools and lesser-known techniques, attendees will learn how hackers compromise systems without depending on standard exploits. The class alternates between lectures and hands-on testing, providing attendees with an opportunity to try the techniques discussed. A virtual target network will be provided, along with all of the software needed to participate in the labs.

In the first half of the course, attendees will investigate a wide variety of information gathering and footprinting techniques, many of which are critical to a successful penetration test. The Metasploit Framework will be used as a development platform for building custom discovery tools.

In the second half of the course, the focus will shift from information discovery to information exploitation. Attendees will learn how to compromise common operating systems, and once in, how to gain access to the rest of the network.

This course is well-suited to penetration testers of any skill level and all security professionals who have a basic grasp of networking and software exploits. This course differs from a typical ethical hacking program in that the focus is on techniques that are not affected by patch levels. A portion of the class will be dedicated to building new tools, on the fly, to solve the challenges posed by a difficult penetration test.

Who should attend

* Penetration testers
* Security auditors
* Incident responders
* System administrators
* Network administrators

Prerequisites

* Students should bring a laptop capable of running the Metasploit Framework.
* Students should be familiar with Windows and at least one Unix-like environment (OS X, Linux, Solaris, etc).
* Students should have a general understanding of scripting languages such as Perl, Python, and Ruby.
* Students should be comfortable with common networking tasks, such as assigning an IP address and troubleshooting connectivity.

Recommendations

* Experience with the Metasploit Framework.
* Experience with network sniffers, such as Wireshark
* Experience programming in the Ruby language
* Experience with low-level IP networking tools (hping, nmap, etc)

Cost

* Subject to change depending on trainer availability. Inquire at training@attackresearch.com

This training is all about what you do AFTER you break in.

When penetration testing large environments, testers require the ability to maintain persistent access to systems they have exploited, leverage trusts to access other systems, and increase their foothold into the target. Post exploitation activities are some of the most labor intensive aspects of pen testing. These include password management, persistent host access, privilege escalation, trust relationships, acquiring GUI access, etc. Penetration testers acquire hashes, crack them, keep track of which passwords go with which usernames / systems and finally reuse this information to penetrate further systems. We will teach you all these techniques, how to automate some of them and more.

Who should attend

* Penetration testers
* Security auditors
* Incident responders
* System administrators
* Network administrators

Prerequisites

* Students should bring a laptop capable of running the Metasploit Framework and Windows. (VM's are fine)
* Students should be familiar with Windows
* Students should be comfortable with common networking tasks, such as assigning an IP address and troubleshooting connectivity.

Recommendations

* Experience with the Metasploit Framework.
* Experience with tools such as backdoors, rootkits and the windows command line.
* Experience pen-testing a plus

Cost

This course will cover techniques and tools for rapidly understanding a sample of malware. Rather than focusing on deep assembly and code reverse engineering (don't worry we will cover some of that) in this class we will impart a high speed capability for analysis. The goal here is to quickly go from zero knowledge about a suspicious file to knowing what its basic capabilities are and what your exposure and risk may be. We will guide you through the use of static and dynamic analysis tools, anti-anti-debugging techniques, network analysis and much more using tried and tested methods used in real world investigations by our instructors.

Who should attend

* Incident Responders
* Security Personnel
* System Administrators
* Network Administrators
* Reverse Engineers or those just starting in RE

Prerequisites

* Students should bring a laptop capable of running Microsoft Windows and should have VMWare Workstation and IDA Pro.
* Students should be familiar with Microsoft Windows Operating Systems
* Students should be familiar with malware concepts and capabilities.

Recommendations

* Experience with IDA Pro.
* Experience with C, Intel Assembly and a scripting language such as Perl or Ruby.
* Experience with reverse engineering a plus

Cost

This is a fun course! This class is all about breaking into computers. Many other classes approach this subject from the point of view of formalized audits or comprehensive and over analyzed methodologies, but not this course. We will walk you through a constantly changing set of tools and techniques used by real world hackers. We will develop realistic scenarios where you can play the part of a real attacker, (not a corporate auditor) plan and carry out your assault. This course will help students gain a realistic understanding of what the threats are and how attacks are actually done. This course has been developed based on years of experience in penetration testing as well as reverse engineering and tracking real attacks during incident response events.

Who should attend

* Penetration Testers
* Incident Responders
* Security Personnel
* System administrators
* Network administrators

Prerequisites

* Students should bring a laptop capable of running Microsoft Windows and linux. (VMs are fine)
* Students should be familiar with basic hacking techniques.
* Students should be familiar with malware concepts and capabilities.
* Students should have knowledge of several operating systems and protocols.

Recommendations

* Experience with the Metasploit Framework.
* Experience with C and a scripting language such as Perl or Ruby.
* Experience with real world attacks beneficial.

Cost