About The Training

Security systems are evolving and becoming more complex, and so are the hacking techniques. Every successful compromise of the network infrastructure has to evade multiple layers of security in a perfect sequence. Imagine yourself in an environment with diverse operating systems, servers, and applications with a legacy as well as in-house developed products and security solutions such as firewall, AV, etc. How do you plan to go ahead and pwn them all?

Learn to exploit and compromise targets where Metasploit will not work by default. Look inside exploit code, and tweak them to make it work against your targets. Perform a wide array of tricks to discover, enumerate and pwn services, systems, and domain controllers. Move around in an enterprise network with Active Directory. Analyze and exploit enterprise software components. Attack AI-based systems and leverage AI to your advantage in pentesting.

NOTE: This is an advanced training program. The participants are expected to be familiar with network services vulnerability assessment and penetration testing, including basic ideas about vulnerabilities and their exploitation techniques.

Advanced

Day-1&2

- Welcome & Knowledge sync
- Introduction & Lab setup
- Important keywords, methodologies & tools
- Leveraging AI for pentesting
- Exploiting hardened Web Apps
- Discovering endpoints
- WAF bypasses
- Advanced web hacking
- Manual exploit development & vulnerability chaining
- Evading network isolation
- Discovering backend systems
- Overcoming reverse shell/exfill obstacles
- Breaking security boundaries and gaining persistence
- Crossing isolation boundaries
- Obtaining higher privileges
- Gaining persistence

Day-2&3

- Active Directory
- Overview of AD
- Domain Controllers, FSMO roles, replication, service accounts, delegation, managed service accounts, etc.
- AD Reconnaissance
- LDAP queries, enumeration of users/groups, service accounts, ACLs, delegation rights, etc.
- Credential Extraction
- SAM, NTDS.dit, LSA Secrets, DPAPI, LSASS, in-memory, cached, process hooking, Credential Guard, etc.
- Lateral Movement
- Pass-the-Hash, Pass-the-Ticket, Kerberoasting, NTLM / SMB relay, DCSync, Golden Ticket, Silver Ticket, etc.
- Detection
- Logging, monitoring account changes, ACL modifications, service account password changes, etc.
- Hybrid
- Entra Reconnaissance
- Access Token Theft
- Sync

• A laptop with administrator privileges
• Minimum 50 GB of free hard disk space
• Minimum 8 GB RAM for virtual machines
• A laptop should have Wi-Fi capability
• Ability to connect USB Drives for transfer of VMs
• VM Player or VMWare Workstation or Oracle VirtualBox installed
• Administrative rights on the laptop to disable AV
• ARM/Apple Silicon (M) will be supported with x86/amd64 emulation which might be a bit slow

• Basic knowledge of TCP / IP network protocol
• Familiarity with virtualization tools like VMware / VirtualBox
• Experience with vulnerability assessment and penetration testing tools such as nmap, metasploit, Burp (or similar), netexec
• Familiarity with Web Application and basic Active Directory Security
• GitHub ID

• IT-Security practitioners (Penetration Tester, Security Analyst, Security Engineer)
• (Junior & Senior) Red-Teamers

• 3 intensive days of infrastructure penetration testing tools and techniques
• Practical exercises to strengthen your skills and deepen your knowledge
• Exploiting known and unknown vulnerabilities
• Developing custom exploits
• Real-world scenarios

• Slide-deck as cheat-sheet
• Access to repository with tasks and solutions

• This is not a beginner's course.
• Some labs used during the course will not be provided/accessible after the training.