Practice and application is critical to learning how to effectively conduct penetration tests. Adaptive Penetration Testing is an immersive penetration testing course that will provide practical experience and a solid framework for conducting in-depth security assessments. In this engaging course, participants will spend the majority of their time in practical lab scenarios, overcoming the real-world obstacles they will face in today’s enterprise environments. Participants will also delve into the techniques, tools, and methodologies successful penetration testers use to provide comprehensive and efficient security assessments in a variety of target environments.
While tools don’t make the tester, having the right tools for the job can often make or break the assessment. Veris Group has partnered with Strategic Cyber, LLC, founded by Raphael Mudge (the creator of Armitage), to provide participants with a powerful toolkit, the new advanced penetration testing suite Cobalt Strike (http://www.advancedpentest.com/). Cobalt Strike enables teams to conduct penetration tests efficiently and effectively against variable target environments. Participants will use Cobalt Strike throughout the course to overcome advanced obstacles and practice modern attack techniques and are invited to continue working with the toolkit after the conclusion of the course.
At the conclusion of the course, participants will be able to:
A custom version of the latest Backtrack image will be provided to students – all exercises will be able to be performed from this virtual machine. PDF Version of Slide Deck, Course Lab Write-ups
Jason Frank is a penetration testing lead with Veris Group, LLC where he supports Federal agencies, including the Department of Homeland Security (DHS) and the Department of Treasury, and multiple commercial customers. Jason specializes in leading penetration testing engagements while developing and maturing penetration testing programs. In addition, he creates network attack exercises that emulate IT infrastructure, common traffic, and network hosts for customers to practice and apply their skillsets. Jason has developed and led multiple teams in classroom and conference Capture-the-Flag events, which challenged participants in areas such as technical knowledge expertise, logic exercises and system defense techniques. Jason holds a Bachelor of Science in Information Science and Technology from the Pennsylvania State University. Finally, Jason is an Offensive Security Certified Professional (OSCP), GIAC Certified Penetration Tester (GPEN) and web application penetration tester (GWAPT).
Matthew Maley is a Security Engineer at Veris Group, LLC where he leads technical security assessments and assists with secure engineering for various Federal Agencies and commercial clients. He specializes in web application and mobile device penetration testing and vulnerability assessment, as well as assisting customers with the development of secure implementation guidance for emerging mobile technologies, remote access, and communications solutions. Matt also performs security assessments (vulnerability assessments and penetration testing) of cloud environments in support of Federal Risk and Authorization Management Program (FedRAMP) certification efforts. Matt holds Bachelor’s degree in Information Sciences and Technology and Minor in Security and Risk Analysis from the Pennsylvania State University. In addition, Matt is a GIAC Certified Web Application Penetration Tester (GWAPT).
