applied security conferences and training: CanSecWest | PacSec | EUSecWest |

Security Masters Dojo

Advanced and intermediate security training and technology enhancement for information security professionals.

CanSecWest: Security Masters Dojo Vancouver

Pentesting and Exploiting Highly Secured Enterprise Networks

Register for the March 10-13, 4-day course

Instructor(s):
Vikram Salunke @vikramsalunke20

Description

Pentesting and Exploiting Highly Secured Enterprise Networks is an action-packed, hands-on class, giving attendees a chance to perform real-world exploitation on Enterprise network scenarios, accompanied with practical lab exercises in a CTF-style format. The course goes far beyond simple exploitation of low-hanging fruit, and shows pentesters how to perform the abilities of an advanced attacker; finding flaws in a secured networks and calculating the business risk associated with these flaws.

This training is intended for senior/experienced pentesters. Just running a vulnerability scanner and submitting it as your report provides no real benefit to a company. This course goes far beyond your traditional pentesting courses. Real-world Enterprise networks are much more complex in nature, needing your special attention in choosing the techniques and tools that you use in order to infiltrate. A senior penetration tester must succeed where others fail. A senior pentester doesn't give up when a particular exploit is not working - they try to analyse the exploit and make modifications as necessary. They should think outside-of-the-box and come up with solutions to complex problems. They must have knowledge of all domains, and skills that range from network attacks, web attacks, scripting to system exploitation.

This training is a result of years of pentesting experience compromising some of the most highly secured networks, combined into one practical and hands-on class. This course provides in-depth knowledge of the most powerful attack vectors and provides labs to perform these attacks in numerous hands-on scenarios.

Because automation of tools is essential due to time constraints, we have included a module on Python to automate the testing of systems, services, and applications. Multiple python Modules, libraries, and debugging tools have already been written to help simplify and automate fuzzing and research. In order to reach the next level in penetration testing, one must embrace the idea of adding programming into their penetration testing toolkit. Once this power is obtained, tools can be written and shared, allowing you to build up an arsenal for reconnaissance, scanning, fuzzing, and exploitation.

Metasploit and other 3rd party tools are easily detectable by modern security solutions and they have fingerprinted quite well, so it is not possible to have an emulate modern powerful adversary using these tools - there is need for custom code. When we are using custom code that is target specific, there is no mass deployment so antivirus vendors doesn't have signature for those. Building custom scripts will also help in bypassing firewall, IDS/IPS and to evade AV. Custom script will help in post exploitation such as list patches, list users, list AD accounts in active directory, pull passwords with mimikatz, bypass UAC etc. When you are attacking, it is useful to load code into remote process and have it execute within that process' context. So for this we will use DLL injection and we will write DLL injector using Python and this will help us to evade firewalls.

As a pentester you need to be familiar with how to edit, modify and execute shellcodes and be able to understand how exploits work. There are a few scripts online which can cause harm to your system, so you need to how that script works. Metasploit's XOR, shikata_ga_gai encoders are quite well detectable by AntiVirus so we will write our own custom encoders to evade Antivirus and we will use polymorphic engines which is quite difficult to detect and fingerprint.

We will build Command and Control (C2), because network intrusion may be detected and the compromised system can be patched, or some exploits only work once, to survive the reboot. C2 will be Stealth to avoid detection by IDS, persistence to survive reboot, encryption for secure communication and minimising possibility of firewall interference.

This training has been taken by 1000+ security professionals and red team members worldwide to advance their pentesting and exploitation skills, and we have received extremely positive feedback.

The lab has real-world remote Enterprise networks, including different flavours of operating system such as windows and linux. The lab contains real world Firewalls, IDP/IPS, DMZ, Load Balancers, Web Application Firewalls, Active Directory etc. This course is for you if you want to pentest and exploit highly secured Enterprise networks using cutting edge techniques. The training includes 50+ labs and 30+ challenges inspired by real world vulnerabilities and case studies. After the training, attendees will get 1-month remote lab access free, with an additional 20 challenges, 5+ hours of HD videos of training walkthrough, and pre-access to videos on basic Assembly Language and Python Scripting which will help them in class.

Key Learning Objectives:

Training Outline:

Day 1: Day 2: Day 3: Day 4:

Attendee requirements for this training:

Pre-requisites:

Who should attend this training: