Course Title: Hacking Enterprises
Instructors: Will Hunt and Owen Shearing
Includes: Live training, online lab environment, PDF of slides, PDF walkthroughs of all hands-on lab exercises, multiple PDF cheat sheets for quick reference, 14-day lab extended access after training ends, 14-day access to post-training CTF, Hak5 LAN Turtle and RTFM, Slack support channel access, completion certificate
This is an immersive hands-on course simulating a full scale multi-faceted penetration test. Over the two days, we will fully compromise a simulated enterprise covering a multitude of TTPs. The training uses modern operating systems and techniques, emphasising the exploitation of configuration weaknesses rather than throwing traditional exploits. This means logical thinking and creativity will definitely be put to the test.
Students will access a cloud-based LAB configured with multiple networks, some easily accessible, others not so. Course material and exercise content has been designed to reflect real-world challenges, and students will perform numerous hands-on exercises including using OSINT skills to retrieve useful data, perform host/service enumeration and exploitation as well as perform phishing attacks against our live in-LAB users to gain access to new networks, bringing new challenges and in the process teaching new sets of skills in post-exploitation, network reconnaissance, lateral movement and data exfiltration.
We also like to do things with a difference. You’ll be provided access to an in-LAB Elastic instance, where logs from all targets get pushed and processed. This allows you, whether an attacker or defender, to understand the types of artefacts your attacks leave and how you might catch or be caught in the real word.
We know two days isn’t a lot of time, so you’ll also get 14-days free lab time after class to continue practicing, Slack channel access, swag and a CTF containing hosts/subnets not seen during training!
- Students will learn how to approach and tackle a complex multi-faceted penetration test
- A non-linear training environment means students will learn multiple ways of achieving adversarial objectives
- Students will gain hands-on experience executing phishing campaigns against our simulated enterprise users
- Multiple isolated networks with varying degrees of access provide real-life experience of enumeration, situational awareness, pivoting, lateral movement and persistence within an enterprise
- Students will walk away understanding why they are carrying out a task in a certain way rather than blindly running tools because they work
WHO SHOULD TAKE THIS COURSE
- Penetration Testers / Red Teamers
- SOC Analysts
- IT Admin/Network Support Personnel
AUDIENCE SKILL LEVEL
This is a fast-paced intermediate level course. It is best suited for technical security-related roles with prior pentesting experience; however, individuals with more experience will still benefit greatly. The course is not suited to individuals who have never used/not comfortable with Windows/Linux command line use.
- Laptop (Windows/Mac/Linux) with administrative/root access
- VNC viewer, SSH and OpenVPN clients installed
- Internet access
WHAT A STUDENT SHOULD BRING
Students will need a laptop with software installed, as detailed under the “Student Requirements” heading. All lab material will be supplied via virtual delivery methods and, as the lab is cloud based, a stable Internet access should be available.
WHAT STUDENTS WILL BE PROVIDED WITH
Students will be provided with individual course setup instructions for their relevant infrastructure, PDFs of the course slides, walkthroughs of lab exercises and multiple cheat sheets for quick reference. Students will receive 14-days extended lab access after training ends including access to a CTF with hosts/subnets not seen during training. A completion certificate will be available, and students will receive a free hack pack containing a Hak5 LAN Turtle and RTFM and Slack support channel access.
Will Hunt (@Stealthsploit) is a cyber security consultant who has worked in IT security for over 12 years. He co-founded In.security, a specialist cyber security company delivering high-end consultancy and training services. He’s delivered hacking courses at Black Hat USA/EU, Wild West Hackin’ Fest, NolaCon, 44CON and others, and has spoken at various conferences and events. Will also assists the UK government in various technical, educational and advisory capacities. Before Will was a security consultant, he was an experienced digital forensics consultant and trainer.
Owen Shearing (@rebootuser) is a co-founder of In.security, a specialist cyber security consultancy offering technical and training services based in the UK. Owen has worked in IT for over 15 years, the latter 8 of which have been offensive security focused. He is a CREST CCT level security consultant with a strong background in networking and IT infrastructure, and he has provided technical training to a variety of audiences at bespoke events and various conferences including Black Hat Asia/USA/EU, Wild West Hackin’ Fest and NolaCon. He keeps projects at https://github.com/rebootuser.
Join the Wild West Hackin’ Fest Discord server to stay updated on future training and webcasts: Join Our Server!