This four-day course introduces a tactical approach that does not rely on exploiting known vulnerabilities. Using a combination of new tools and lesser-known techniques, participants will learn how hackers compromise Windows and Unix systems without depending on standard exploits. The class alternates between theory and hands-on testing, providing students with an opportunity to put their new skills to the test. Course content features the latest security practices including Windows 2016 and additional WMI-based techniques.
Learning Objectives
Windows
Introductory Concepts and Thinking Like an Attacker
Host Recon
Privilege Escalation
Key Decoding
Persistence
Network Recon
Lateral Movement
Unix
Leveraging Trusts & Lateral Movement
Kerberos Inherent Weaknesses
SSH Abuse
LD_PRELOAD Tricks
PAM Trojaning
X11 Attacks
A windows based virtual machine is provided for each student to connect to via the Remote Desktop Protocol (RDP).