Duration
20.0 hours
Regular fee
$250
Objectives of the training
The objective of this course is to deepen the essential techniques of attack on systems in Microsoft and enterprise environments in order to identify and understand the means of defense to implement.Targeted audience
Computer scientistsPrerequisite
Knowledge of system/network and Microsoft environments is required. Knowledge of the different steps of a penetration test is also recommended.Trainers
Upcoming information
Course architecture
Preparing for the initial access phases
• Objectives
• Introduction and terminology
• Study of operating sequences
• Focus on load types
• Creating different types of loads for operation
• Triggering loads
• Automating the operation
• Demonstration - Creating and integrating a load (part 1)
• Demonstration - Creating and integrating a load (part 2)
Positioning external attacker
• Objectives of the module
• Introduction to external attacks
• Social Engineering
• Search for identifiers on leaks databases
Internal attacker positioning
• Objectives of the module
• Introduction to internal attacks
• Study of Microsoft authentication protocols - part 1
• Study of Microsoft authentication protocols - part 2
• LLMNR and NBT-NS Poisoning (NTLM relay)
• Demonstration - SMB relay attack via LLMNR and Netbios
• Lab Statement - Relay SMB attack via LLMNR and NBT-NS
• Common vulnerabilities and exploits
Post-exploitation phases
• Objectives of the module
• Post-exploitation enumeration
• Demonstration - Presentation of enumeration tools
• Identification of attack paths (BloodHound)
• Demo - BloodHound Overview
• Obtaining additional credentials
• Demo - Extracting stored credentials
• Lecture - Obtaining additional credentials
• Pivoting
• Demo - Post-compromise Pivoting
• Practical Learning Statement - Pivoting
• Vertical Privilege Escalation
• Demo - Service Unquoted and DLL Hijacking
• Practical Learning Statement - Vertical Privilege Escalation
• Horizontal Privilege Escalation
• Demo - Horizontal Privilege Escalation Technique
• Practical Learning Statement - Horizontal Privilege Escalation
• Focus on industrial system security
Persistence
• Module objectives
• Golden Ticket / Silver Ticket
• Skeleton Key / Admin SDHolder
• DC Sync / DCShadow
• DSRM
• Statement of work - External intrusion
• Objectives
• Introduction and terminology
• Study of operating sequences
• Focus on load types
• Creating different types of loads for operation
• Triggering loads
• Automating the operation
• Demonstration - Creating and integrating a load (part 1)
• Demonstration - Creating and integrating a load (part 2)
Positioning external attacker
• Objectives of the module
• Introduction to external attacks
• Social Engineering
• Search for identifiers on leaks databases
Internal attacker positioning
• Objectives of the module
• Introduction to internal attacks
• Study of Microsoft authentication protocols - part 1
• Study of Microsoft authentication protocols - part 2
• LLMNR and NBT-NS Poisoning (NTLM relay)
• Demonstration - SMB relay attack via LLMNR and Netbios
• Lab Statement - Relay SMB attack via LLMNR and NBT-NS
• Common vulnerabilities and exploits
Post-exploitation phases
• Objectives of the module
• Post-exploitation enumeration
• Demonstration - Presentation of enumeration tools
• Identification of attack paths (BloodHound)
• Demo - BloodHound Overview
• Obtaining additional credentials
• Demo - Extracting stored credentials
• Lecture - Obtaining additional credentials
• Pivoting
• Demo - Post-compromise Pivoting
• Practical Learning Statement - Pivoting
• Vertical Privilege Escalation
• Demo - Service Unquoted and DLL Hijacking
• Practical Learning Statement - Vertical Privilege Escalation
• Horizontal Privilege Escalation
• Demo - Horizontal Privilege Escalation Technique
• Practical Learning Statement - Horizontal Privilege Escalation
• Focus on industrial system security
Persistence
• Module objectives
• Golden Ticket / Silver Ticket
• Skeleton Key / Admin SDHolder
• DC Sync / DCShadow
• DSRM
• Statement of work - External intrusion
Private or personalized training
If you have more than 8 people to sign up for a particular course, it can be delivered as a private session right at your offices. Contact us for more details.
Request a quoteDuration
20.0 hours
Regular fee
$250
Private or personalized training
If you have more than 8 people to sign up for a particular course, it can be delivered as a private session right at your offices. Contact us for more details.
Request a quote