On This Page

Advanced Infrastructure Hacking - 2017 Edition: 4 Day

Notsosecure | July 22-25


Whether you are penetration testing, Red Teaming or trying to get a better understanding of managing vulnerabilities in your environment, understanding advanced hacking techniques is critical. This course covers a wide variety of neat, new and ridiculous techniques to compromise modern Operating Systems and networking devices.

While prior pentest experience is not a strict requirement, familiarity with both Linux and Windows command line syntax will be greatly beneficial. The following is the syllabus for the class:

Day 1:

  • IPv4/IPv6 Basics
  • Host Discovery & Enumeration
  • Advanced OSINT & Asset Discovery
  • Mastering Metasploit
  • Hacking Application and CI Servers
  • Hacking Third party applications (Wordpress, Joomla)
  • Hacking Databases
  • Windows Enumeration and Configuration Issues

Day 2

  • Windows Desktop 'Breakout' and AppLocker Bypass Techniques (Win 10)
  • Local Privilege Escalation
  • A/V & AMSI Bypass techniques*
  • Offensive PowerShell Tools and Techniques
  • Post Exploitation Tips, Tools and Methodology
  • Active Directory Delegation Reviews and Pwnage (Win 2012 server)
  • Pass the Hash/Ticket.
  • Pivoting, Port Forwarding and Lateral Movement Techniques

Day 3:

  • Linux Vulnerabilities and Configuration Issues
  • User/Service Enumeration
  • NFS Hacks
  • SSH Hacks
  • X11 Vulnerabilities
  • Local Privilege Escalation
  • Kernel Exploits
  • Weak File Permissions
  • SUID/SGID Scripts
  • CRON Jobs
  • Inetd Services

Day 4:
  • Breaking Docker
  • Exploiting Insecure VPN Configuration
  • VLAN Hopping
  • Hacking VoIP
  • B33r 101

Who Should Take this Course

System Administrators, SOC analysts, Penetration testers, network engineers, security enthusiasts and anyone who wants to take their skills to next level.

While prior pentest experience is not a strict requirement, familiarity with both Linux and Windows command line syntax will be greatly beneficial. A further hands-on experience with common hacking tools such as Metasploit will also be beneficial, although, less advanced users can work their way up during the 30 days of complimentary lab access provided as part of the class.

Student Requirements

The only requirement for this class is that you must bring your own laptop and have admin/root access on it. During the class, we will give you VPN access to our state-of-art hacklab which is hosted in our data-center in the UK. Once you are connected to the lab, you will find all the relevant tools/VMs there. We also provide a dedicated Kali VM to each attendee on the hacklab. So, you don't need to bring any VMs with you. All you need is admin access to install the VPN client and once connected, you are good to go!

Also, note that we will use an Ethernet/wired network for this class. If your laptop does not have this capability, please carry the right adaptor to ensure you can connect to the wired network.

What Students Should Bring

same as above.

What Students Will Be Provided With

Access to a hacking lab not just during the course but for 30 days after the class too. This gives them plenty of time to practice the concepts taught in the class. The lab contains a wide variety of challenges from local privilege escalation to VLAN hopping etc. Numerous scripts and tools will also be provided during the training, along with student hand-outs.


Sumit "sid" Siddharth is the founder of NotSoSecure Ltd, a specialist IT security firm delivering high-end IT security consultancy and Training. Prior to NotSoSecure, he worked as Head of Penetration Testing for a leading IT security company in UK. He has more than 9 years of experience in Penetration Testing. Sid has authored a number of whitepapers and tools. He has been a Speaker/Trainer at many security conferences including numerous Black Hat, DEF CON, OWASP Appsec, HITB etc. Sid is also a co-author of the book SQL Injection: Attacks and Defence (2nd edition). Over the years, Sid has identified several critical flaws in leading software and helped fix these bugs. These include products from Microsoft, Oracle, Intel, Wordpress etc. He has trained several security consultants/penetration testers and helped them get better at their jobs.

Anant Shrivastava is an information security professional with 8+ yrs of corporate experience with expertise in Mobile, application and Linux Security. He has trained ~200 delegates at various conferences (Nullcon - 2015, g0s - 2013, c0c0n - 2013, Nullcon - 2012). He holds various industry recognized certifications such as SANS GWAPT (GIAC Certified Web Application Testing and RHCE (RedHat certified Engineer). Co-author for OWASP Testing guide version4. He is credited with multiple responsible public disclosures (referwww.osvdb.org/creditees/10234-anant-shrivastava). He has built a security solutions repository for WordPressCMS which contains open source code snippets to provide protection against known attack patterns (github.com/anantshri/wp-security). He is also a lead for a project named as Code Vigilant (www.codevigilant.com), which aims to identify security, issues in open source software's and currently holds 150+ vulnerability disclosures.