Train in the Trenches

This is an instructor-led course that will teach students to recognize potential exploitation paths through a series of structured labs that simulate common attacks performed by penetration testers. Through a series of step-by-step simulated attacks, the instructor provides students insight into the attack methodology, possible outcomes, and suggested mitigation steps. The training is perfect for Network Administrators, Security Analysts, and IT Managers to be proactive in monitoring, identifying, and mitigating malicious activity in a typical network.

Exploitation scenarios:

• Wireless HID Device Attacks
• Cross-Site Scripting
• Hash Cracking
• Hash Relay Attacks
• Session Cookie Manipulation
• Attacking WordPress
• MFP Printer Attacks
• Reverse Command Shells
• Windows Privilege Escalation
• Configuration Vulnerabilities
• Process Injection
• Maintaining Persistence
• Linux Privilege Escalation
• FreeNAS Privilege Escalation

Dedicated virtual lab:

• Windows Active Directory
• Windows Server 2019 Member Servers
• Windows 10 Workstations
• Ubuntu Linux Desktop and Servers
• FreeNAS Server
• Firebird Database
• MS SQL Server 2017 Database
• MS Exchange 2016 with Outlook Web Access
• PfSense Firewall to simulate attacks from the Internet

Tools used:

• Metasploit Framework
• Hashcat, Pypykatz, Wifite, Dirb
• Bloodhound, Responder, Mitm6, NTLMRelayx, Secretsdump
• Burp Suite
• Microsoft PsTools
• DBG Custom Tools

Instructor: Ryan Primeau

Cost: $2,750.00 + applicable taxes

Upcoming Dates: September 24-26, 2024 & October 29-31, 2024

There is a limited number of seats available for each training session to maintain the quality of the session.

You will learn in a dedicated virtual lab that resembles a real-world network, which includes Active Directory and common server and workstation configurations. We start by learning common exploitation techniques using Kali Linux and common administration tools, followed by implementing effective countermeasures to defend against these common attacks, tools, and techniques. Finally, you will apply operating system and Active Directory hardening techniques, mitigate legacy software risks, and design tolerant networks that are resistant to present and future threats.

Dedicated virtual lab:

• Windows 10 Workstation
• Windows Server
• Microsoft Windows SQL Server
• Microsoft Exchange Server
• Active Directory
• Open Source Firewall
• Open Source Proxy Server
• Open Source Intrusion Detection
• Log Collection & Analysis
• Kali Linux

Hardening scenarios:

• Common Exploitation Techniques
• Windows Event Auditing
• Active Directory Group Policies
• Account & Password Security
• Host Firewall Configuration
• Software Restriction Policy
• Oracle Java Deployment Ruleset
• Proxy Server & Firewall
• Log Monitoring and Alerting
• SNORT intrusion detection

Final Lab:

Students will take what they have learned during the course and apply it to a test network that mirrors the main virtual lab. This will include running automated attacks to test the implementation of:

• Network intrusion detection, logging, and alerting
• Core hardening concepts for Windows hosts

Instructor: Matthew Brown

Cost: $3275.00 + applicable taxes or
$1500.00 + applicable taxes (Self-paced training)

Upcoming Dates: September 17-20, 2024 & October 22-25, 2024

There is a limited number of seats available for each training session to maintain the quality of the session.