Basic Infrastructure Hacking

NotSoSecure | July 22-23 & July 24-25



Overview

This courses familiarizes the attendees with a wealth of hacking tools and techniques. The course starts from the very basic and gradually build up to the level where attendees can not only use the tools and techniques to hack various components involved in infrastructure hacking, but also walk away with a solid understanding of the concepts on which these tools work.

The course outline summarizes the topics which will be covered.

Day 1:
  • TCP/IP basics
  • The Art of Port scanning
  • Target Enumeration
  • Brute-forcing
  • Metasploit Basics
  • Hacking recent Unix Vulnerabilities
  • Hacking Databases
  • Hacking Application Servers

Day 2
  • Hacking third party applications (Wordpress, Joomla, Drupal)
  • Windows Enumeration
  • Hacking recent Windows Vulnerabilities.
  • Hacking Third party software (browser, pdf, java)
  • Post Exploitation: Dumping Secrets.
  • Hacking Windows Domains.

Who Should Take this Course

System Administrators, SOC analysts, entry level/intermediate level penetration testers, network engineers, security enthusiasts and anyone who wants to take their skills to next level


Student Requirements

The only requirement for this class is that you must bring your own laptop and have admin/root access on it. During the class, we will give you VPN access to our state-of-art hacklab which is hosted in our datacenter in UK. Once you are connected to the lab, you will find all the relevant tools/VMs there. We also provide a dedicated Kali VM to each attendee on the hacklab. So, you don't need to bring any VMs with you. All you need is admin access to install the VPN client and once connected, you are good to go!

Also, note that we will use an Ethernet/wired network for this class. If your laptop does not have that, please carry the right adaptor to ensure you can connect to the wired network.

What Students Should Bring

Bring your own laptop and have admin/root access on it. Also, note that we will use an Ethernet/wired network for this class. If your laptop does not have that, please carry the right adapter to ensure you can connect to the wired network.

What Students Will Be Provided With

Access to a hacking lab not just during the course but for 30 days after the class too. This gives them plenty of time to practice the concepts taught in the class. Numerous scripts and tools will also be provided during the training, along with student hand-outs.

Trainers

Will Hunt is an information security enthusiast who has worked in IT security for the past 9 years. He is an Associate Director at NotSoSecure (www.notsosecure.com), a specialist IT security company delivering high-end IT security consultancy and training. Prior to this he was a pentester, developing and delivering technical and non-technical training for a leading IT security firm. Before pentesting Will was an experienced digital forensics consultant and trainer. He runs the blog stealthsploit.com and has identified and responsibly disclosed vulnerabilities in various software.

Neelu Tripathy is working as senior information security consultant with NotSoSecure. She started as a developer and has been working on vulnerability assessments and penetration tests for web applications and networks. She performs threat modelling and design reviews for financial and banking applications and has a fair idea of the challenges and design solutions for the same. She has a rich background of projects where she worked for building and execution of various threat cases, bending business logic, executing social engineering scenarios, spear phishing, building exploits, red teaming, wireless pentesting, etc. She loves to use her analytical skills to participate in various research activities and innovation. Apart from security assessments, she has conducted assignments such as secure code reviews, red team attacks, data extrusions, network and power audits for various domains such as finance, banking, travel, telecom and so on.