CanSecWest: Security Masters Dojo Vancouver
Advanced Penetration Testing with MetasploitRegister for March 8-9 Course
Picking up where introductory Penetration with Metasploit left off, this course goes beyond learning the pentesting methodology to discover and exploit low hanging fruit such as missing Windows patches and default passwords. In this course we will drive deeper into finding vulnerabilities when your vulnerability scanners are coming up with no findings. We will look at client side attacks, social engineering campaigns, and web application attack vectors. We will delve deep into post exploitation techniques such as pivoting and lateral movement, local information gathering, and persistence. We will also spend some time avoiding detection such as bypassing antivirus and perimeter filtering. This course will use the Metasploit Framework extensively as well as several supporting tools in Kali Linux. We will also learn the basics of writing our own exploits manually and porting publicly available exploits to meet our needs rather than relying soley on exploits in Metasploit and other exploitation tools.
PREREQUISITE WARNING Each class has prerequisites for software loads and a laptop is mandatory. These individual class guides will list material the students are expected have knowledge about coming in and software tools that need to be pre-installed before attending so you get the maximum benefit from the focused intermediate or advanced level course. Please pay particular attention to the prerequisites, as the material listed there will not be reviewed in the courses, and will be necessary to get the maximum benefit out of these educational programs.
- Turning local user exploitation into Domain Administrator privileges.
- Backdooring a binary for a social engineering attack that avoids detection by host based anti-virus.
- Writing an exploit for a vulnerability by hand
- Dealing with port filtering, non routable networks, and content inspection filtering
- Learn techniques for what to do after you get access to a system.
- Learn how to avoid detection by commonly deployed malware and intrusion detection methods
- Learn how to discover vulnerabilities when vulnerability scans are coming up clean
- Learn how to write basic exploits by hand rather than relying on a tool.
- Gain additional familiarity with pentesting tools, techniques, and methodologies
PrerequisitesThis class will assume basic pentesting knowledge and basic Metasploit syntax. Time will be spent at the beginning of class reviewing these concepts briefly, but we will quickly dive in to more advanced material. If you are unsure of your level of preparation this introductory self-pace on demand online course will more than prepare you for this course: http://www.bulbsecurity.com/online-security-training/virtual-live/penetration-testing-level-1-pentesting-with-metasploit-on-demand/. If you are familiar with the basics of that course outline you should be ready to dive into this more challenging, intensive course.
What to bring
- Laptop with enough RAM and CPU power to run 2 virtual machines simultaneously
- VMware virtualization product (Fusion, Workstation, Player). Trial versions are fine.
- Windows XP SP3 unpatched and Windows 7 SP1 fully patched. Trial versions are fine as long as they don't expire during the class. ISOs and Vms can be found in a variety of locations. If you have trouble locating an ISO or trial version contact the instructor for guidance.
- Registered students will be contacted prior to the course with instructions for additional setup steps for these Windows VMs.
- Kali Linux virtual machine from kali.org
Students Will Be Presented With
- Windows virtual machines setup guide
- Vulnerable software to exploit
- Additional targets in a CTF lab such as domain controllers and web application servers
- Day 1:
- Review of basics of pentesting and using tools such as Metasploit
- Client side attacks
- Social engineering
- Web application attack vectors
- Exploiting networking devices
- Post exploitation
- Post exploitation continued
- Avoiding Detection
- Exploit development
- Attacking mobile devices
- Lab time with additional targets *