Hacking Enterprises – 2021 Edition w/ Will Hunt and Owen Shearing – (16 Hours)

Hacking Enterprises – 2021 Edition w/ Will Hunt and Owen Shearing
4 Sessions – 4 Hour Classes

Instructors: Will Hunt and Owen Shearing

Price: $1,350

Includes: Six months of complimentary access to the Cyber Range

This is an immersive hands-on course aimed at a technical audience. Over the week we will fully compromise a simulated enterprise covering a multitude of TTPs. The training is based around modern operating systems, using modern techniques and emphasising the exploitation of configuration weaknesses rather than throwing traditional exploits. This means logical thinking and creativity will definitely be put to the test.

Students will access a cloud-based LAB configured with multiple networks, some easily accessible, others not so. Course material and exercise content has been designed to reflect real-world challenges and students will perform numerous hands-on exercises including executing exploitative phishing campaigns against our simulated users to gain access to new networks, in turn bringing new challenges including IPv6 exploitation, subverting AMSI and AWL, passphrase cracking, pivoting, lateral movement, OOB persistence mechanisms and much more!

We also like to do things with a difference. You’ll be provided access to an in LAB Elastic instance, where logs from all targets get pushed and processed. This allows you, whether an attacker or defender, to understand the types of artefacts your attacks leave and how you might catch or be caught in the real world.


This training is suited to a variety of students, including:

  • Penetration testers / Red Team operators
  • SOC analysts
  • Security professionals
  • IT Support, administrative and network personnel


  • A firm familiarity of Windows and Linux command line syntax
  • Understanding of networking concepts
  • Previous pentesting and/or SOC experience is advantageous, but not required


  • Students will need a laptop to which they have administrative/root access, running either Windows, Linux or Mac operating systems
  • Students will need to have access to VNC, SSH and OpenVPN clients on their laptop (these can be installed at the start of the training)


We realise that training courses are limited for time and therefore students are also provided with the following:
  • Completion certificate
  • 14-day extended LAB access after the course finishes
  • 14-day access to a CTF platform with subnets/hosts not seen during training!
  • Discord support channel access where our security consultants are available


Will Hunt
Will (@Stealthsploit) co-founded In.security in 2018. Will’s been in infosec for over a decade and has
helped secure many organisations through technical security services and training. Will’s delivered
hacking courses globally at several conferences including Black Hat and has spoken at various
conferences and events. Will also assists the UK government in various technical, educational and
advisory capacities. Before Will was a security consultant he was an experienced digital forensics
consultant and trainer.

Owen Shearing
Owen (@rebootuser) is a co-founder of In.security, a specialist cyber security consultancy offering
technical and training services based in the UK. He has a strong background in networking and IT
infrastructure, with well over a decade of experience in technical security roles. Owen has provided
technical training to a variety of audiences at bespoke events as well as Black Hat, Wild West Hackin’
Fest, NolaCon, 44CON and BruCON. He keeps projects at https://github.com/rebootuser.


Day 1 (4 hrs)

  • MITRE ATT&CK framework
  • Overview on using the in-LAB ELK stack
  • Offensive OSINT
  • Enumerating and exploiting IPv6 targets
  • Pivoting, routing, tunnelling and SOCKS proxies
  • Application enumeration and exploitation via pivots
  • Linux living off the land and post exploitation

Day 2 (4 hrs)

  • Kubernetes and container security
  • Exploitative phishing against our simulated enterprise users
  • Living off the land tricks and techniques in Windows
  • [email protected] and [email protected] cracking
  • Windows exploitation and privilege escalation techniques

Day 3 (4 hrs)

  • Windows Defender/AMSI and UAC bypasses
  • Situational awareness and domain reconnaissance
  • RDP hijacking

Day 4 (4 hrs)

  • Bypassing AWL (AppLocker, PowerShell CLM and Group Policy)
  • Extracting LAPS secrets
  • Lateral movement for domain trust exploitation
  • WMI Event Subscriptions for persistence
  • Out of Band (OOB) data exfiltration
  • Domain Fronting and C2

* Some exercise content may be in the form of a demo if/when time requires


Keep an eye on this page and the training schedule for details regarding when this course may run.

Join the Wild West Hackin’ Fest Discord server to stay updated on future training and webcasts: Join Our Server!