Pentesting and Exploiting Corporate Infrastructure
This training is Hands-on training on pentesting and exploiting corporate infrastructure. Training starts with the basics of networking and then moves into scanning, enumeration, exploitation and post exploitation.
Training includes recent vulnerabilities such as Shellshock, Heartbleed, POODLE etc. There will be lot of popping of shells during attack. The lab contains multiple vulnerable applications on various platforms such as Windows and Linux.
The covers includes multiple vulnerabilities ranging from services such as FTP, SSH etc. and web application vulnerabilities such as LFI, RFI, Remote Code Execution which will allow attacker to compromise the machine and ultimately move onto next network. Private networks are hiding behind firewalls, so you will learn how to exploit and attack machines in the private network using public facing servers.
There is a section of Python Scripting so attendees will learn basic to code basic python scripts to perform attacks and we will use metasploit for some complex attacking scenario. There is session on shellcoding which includes writing your own shellcode and customize available shellcodes for fun and profit. The training follows a CTF approach to compromise the machines. This training contains over 50 labs and 30+ challenges which are inspired by real world vulnerabilities and case studies.
Training Outline:
- Introduction
- Information gathering
- Network Scanning
- Port Scanning
- Enumeration
- Python Scripting
- Learn basics of python scripting
- Buffer Overflow
- Shellcoding
- Write you first shellcode
- Customise shellcode for fun and profit!
- Denial-of-Service attack
- Man-in-the-Middle attack
- Post Exploitation
- Privilege Escalation
- Metasploit
- Pentesting Linux
- Identifying Vulnerable Programs
- Service Misconfigurations
- Weak File Permissions
- Pentesting Windows
- Software Misconfigurations
- UAC Bypass
- Using PowerShell in Post Exploitation Scenario
- Pentesting Routers
- Default Credentials
- Attacking SNMP
- Attacking Web Admin Interface
- Antivirus Evasion
- Firewall Evasion
- Port Forwarding and Tunneling
- DLL Hijacking
- Stripping Manifest Files
- Dumping DLL Exports
- Server Side Exploitation
- Client Side Attacks
- Password Attacks
- Web Application Attacks
- Cross Site Scripting
- Reflected XSS, Stored XSS, DOM-based XSS
- From XSS to a Fully Compromised Remote System
- SQL Injection
- Union-based SQL Injection, Error-based SQL Injection, Blind SQL Injection
- From SQL Injection to shell and to a Fully Compromised Remote System
- Path Traversal
- Local File Inclusion
- Remote File Inclusion
- Remote Code Execution
- Arbitrary File Upload
- Command Injection
- Webshells
- Meterpreter session on the box
- Cross Site Scripting
- Hacking CMS - WordPress, Drupal, Joomla
- Hacking Databases - MySql, Sql Server, Oracle, Postgres
- Hacking MongoDB
- Insecure System Configuration
- distcc
- FTP
- NTP
- VNC
- SNMP
- WebDav
- Samba
- SMTP Vulnerability
- SSH Vulnerability
- SSL 2.0 Vulnerability
- Shellshock vulnerability
- Heartbleed vulnerability
- PODDLE Vulnerability
- JSON Web Token
- and many more…
Lab:
- Lab contains multiple networks and in those networks multiple vulnerable machines
- The lab network contains a large number of machines which range in difficulty
- Private networks are not directly routable from the Public networks but public network is routable from all other networks. So to attacks private networks first you have to compromise public network machines
- Private networks are hiding behind firewalls
- Vulnerable machines based on real world examples and case studies
Upon the completion of this training, attendees will:
- This training brings attendees into a world of pentesting and exploiting corporate networks
- They can successfully perform vulnerability assessment and exploitation on network and applications both client-side attacks and server-side attacks
- Attendees will learn how to exploit and attack machines in the private network using public facing servers
- They can write simple Python scripts/tools and modify public available exploit code as per requirement in pentest process
- They can customise shellcode for fun and profit!
- They will learn Antivirus evasion, UAC bypassing and firewall bypassing using tunneling techniques
Attendees will be provided with:
- Multiple vulnerable machines and applications in the whole network
- Hosted VMs for testing and training labs
- Over 50 labs and 30+ challenges to solve
- Training materials – presentation materials and lab examples
- Custom tools and scripts
- Additional reading materials
Attendee requirements for this training:
- Modern laptop with wired or wireless networking capabilities
- VMware Workstation / Fusion installed
Pre-requisites:
This course requires following pre-requisites:
- Basic Networking knowledge
- Basic Linux Skills
- Scripting knowledge in Python (Optional)
Who should attend this training?
- Penetration Testers
- Security Consultants
- Web Developers
- QA testers
- Web Application Tester
- System administrators
- IT Security professionals with a technical background
- IT managers
- System architects
- Bug Bounty Hunters
Why is your material different?
- Labs contains multiple networks and in those networks multiple vulnerable machines. Private networks are not directly routable from the Public networks but public network is routable from all other networks. So to attacks private networks first you have to compromise public network machines.
- There will be lot of popping of shells during attack. Lab contains multiple vulnerable applications on various platforms such as Windows and Linux.
- Training includes multiple vulnerabilities ranging from services such as FTP, SSH etc. to web application vulnerabilities such as LFI, RFI, Remote Code Execution which will allow attacker to compromise the machine and ultimately move onto next network.
- Training includes basic python scripting, usage of metasploit, firewall bypassing, antivirus evasion and modification of shellcode for fun and profit!
- There are over 50 labs and 30+ challenges which are inspired by real world vulnerabilities and case studies.
Training Days – 4 Days
Bio:
Vikram is the Information Security Researcher, Consultant and Founder at Vmaskers. Vmaskers provide network, wireless, web, Android and iOS applications penetration testing services and training for corporates. His main responsibilities are to look after application security, lead security automation and provide training. He has also developed several internal security tools for the organization to handle the security issues. Vmaskers provide training for organisation’s internal team that includes developers and penetration testers to improve quality of the applications. He has also discovered serious web application security flaws in many unique product giants all over the world. He enjoys finding and exploiting software vulnerabilities via reverse engineering, source code auditing, fuzzing. He researches primarily focused Web App, Android, iOS App Pentesting. He is responsible for Pentesting, Code Review and Security Certification of Hybrid Mobile Applications. Responsible for breaking and fixing business critical Web Applications, Web Services, and client facing applications built with HTML5 and JS. He has previously trained in CHCon and will be training in OWASP Morocco.