On This Page

Pentesting and Exploiting Highly Secured Enterprise Networks

Vikram Salunke | August 4-7



Overview

Pentesting and Exploiting Highly Secure Enterprise Networks is a course which goes far beyond your traditional pentesting courses. Real-world Enterprise Networks are much complex in nature, needing your special attention choosing the techniques and tools that you use in order to infiltrate.

This training is intended for senior/experienced pentesters. Just running a vulnerability scanner and submitting that as your report provides no real benefit to a company. This goes far beyond your traditional pentesting courses. Real-world Enterprise Networks are much complex in nature, needing your special attention choosing the techniques and tools that you use in order to infiltrate. A senior penetration tester must succeed when others fail. A senior pentester doesn't give up when particular exploit is not working, he tries to analyse the exploit and make some modification those are necessary. He should think outside of the box and come up with solutions to complex problems. He must have knowledge of all domains and his skill should range from network attacks, web attacks, scripting to system exploitation.

This training is a result of years of pentesting experience, compromising some of the highly secured networks combined into one practical and hands-on class. This course provides in-depth knowledge of the most powerful attack vectors and provides labs to perform these attacks in numerous hands-on scenarios.

Training has module on python scripting. Because automation of tools is essential due to time constraints also it is helps to automate the testing of systems, services, and applications. Multiple python Modules, libraries, and debugging tools have been already written to help simplify and automate fuzzing and research. In order to reach the next level in penetration testing, one must embrace the idea of adding programming into their penetration testing toolkit. Once obtaining this power, tools can be written and shared, allowing you to build up an arsenal for reconnaissance, scanning, fuzzing, and exploitation.

Metasploit and other 3rd party tools are easily detectable by modern security solutions and they have fingerprinted quite well and so it is not possible to have an emulate modern powerful adversary using these tools, so there is need for custom code. When we are using custom code those are target specific and there is no mass deployment so antivirus vendors doesn't have signature for those. Building custom scripts will also help in bypassing firewall, IDS/IPS and to evade AV. Custom script will help in post exploitation such as list patches, list users, list AD accounts in active directory, pull passwords with mimikatz, bypass UAC etc. When you are attacking, it is useful to load code into remote process and have it execute within that process' context. So for this we will use DLL injection and we will write DLL injector using Python and this will help us to evade firewalls.

As a pentester you need to be familiar with how to edit, modify and execute shellcodes and be able to understand how exploit works. There are few scripts on internet which causes harm to your system, so you need to how that script works. Metasploit's XOR, shikata_ga_gai encoders are quite well detectable by AntiVirus so we will write our own custom encoders to evade Antivirus and we will use polymorphic engines which is quite difficult to detect and fingerprint.

We will build Command and Control (C2) because network intrusion may be detected and compromised system can be patched, some exploits only work once, to survive the reboot. C2 will be Stealth to avoid detection by IDS, persistence to survive reboot, encryption for secure communication and minimising possibility of firewall interference.

This training has been taken by 1000+ security professionals and red team members worldwide to advance their pentesting and exploitation skills and we have received extremely positive feedback.

Lab has real world remote enterprise networks including different flavours of operating system such as windows and linux. Lab contains real world Firewalls, IDP/IPS, DMZ, Load Balancers, Web Application Firewalls, Active Directory etc. This course is for you if you want to pentest and exploit highly secured enterprise networks using cutting edge techniques. The training includes 50+ labs and 30+ challenges which are inspired by real world vulnerabilities and case studies. After the training attendees will get 1 month remote lab access free with additional 20 challenges and 5+ hours of HD videos of training walkthrough. Also before the 1 month of training, attendees will get videos on basic Assembly Language and Python Scripting which will help them in class.

Training Outline:

Day 1:

  • Advanced Enumeration
  • Adding custom Nmap scripts to your arsenal
  • Assessing Routers
  • Evaluating switches
  • Working with Virtual Switches Evasion
  • Attacking the Thin Clients
  • Capturing Traffic to uncover network secrets
  • Mimikatz to recover clear text passwords
  • Faster and smarter password cracking

Day 2:

  • Detecting Honeypot
  • Bypassing DMZ
  • Exploit routing protocol implementations
  • Bypass different types of Network Access Control (NAC) implementations
  • Bypassing Firewalls
  • Bypassing Intrusion (IDS/IPS)
  • Evading Antivirus
  • Bypassing Web Application Firewalls (WAF)

Day 3:

  • Client Side Exploitation
  • Advanced client side exploitation with BeEF
  • DLL Injection
  • Python Scripting
  • Bypass Linux service lockdown - AppArmor
  • Bypass Windows service lockdown - AppLocker
  • Windows Domain Attacks
  • Active Directory Domain Enumeration
  • Active Directory Exploitation
  • Kerberos Vulnerabilities

Day 4:

  • Attacking Domain Controller
  • Abusing Cross Domain Trusts
  • Bypassing Windows User Account Control (UAC)
  • WMI Attacks
  • Using Powershell to our advantage
  • Pentester's guide to Pivoting
  • Advanced methods for privilege escalation
  • Shellcoding
  • Build Command and Control (C2) infrastructure

Who Should Take this Course

  • Pentesters who want to take their skills to the next level
  • Security Professionals and Red teamers
  • Blue teamers who want to defend their environment
  • Network / System Admins

Student Requirements

  • Basic Networking knowledge
  • Basic Windows and Linux command-line Skills
  • Penetration Testing Experience
  • Basic Assembly Language knowledge (Videos will be provided 1 month before the training)
  • Scripting knowledge in Python (Videos will be provided 1 month before the training)

What Students Should Bring

  • Modern laptop with wireless networking capabilities and have admin/root access on it. (64-bit Machine)
  • Minimum 4 GB RAM installed
  • At least 40 GB HD Free
  • VMware Workstation / Fusion installed

What Students Will Be Provided With

  • 1 month free access to all the labs with additional 20 challenges
  • Over 50 labs and 30+ challenges to solve
  • Training materials – presentation materials and lab guide
  • Over 5+ hours of HD videos to practice your skills after the class
  • Custom tools and scripts
  • Additional reading materials

Trainers

Vikram is the founder of Vmaskers, and a professional pentester. He has led 100+ pentests over the past years, compromising highly sensitive and secured enterprise networks. His primary responsibilities in his recent job roles were to look after enterprise network security, manage security automation and build internal tools to fight security attacks. He has also discovered serious security flaws in many unique product giants all over the world. He has worked in various domains including Pentesting, Reverse Engineering, Fuzzing, Exploitation ,Source Code Auditing and Mobile application security research. He helps the community by uploading regular InfoSec videos on youtube (https://www.youtube.com/VikramSalunke). He has also previously spoken and trained at numerous security conferences all around the world including CHCon, OWASP AppSec Africa, CrikeyCon, CanSecWest, OWASP New Zealand Day, NolaCon, LayerOne, ShakaCon and will be training in OWASP AppSec California, Hack in The Box (HITB) etc.