Cyber Security Expert Hacking Foundation (5 days)
Cyber security and hacking know how for information security officers and penetration testers (in German language)
Our 5-day "Expert Hacking Foundation" seminar, gives you a unique insight into the motives, tactics, techniques and procedures (TTP) of attackers in an intensive workshop. The course delves deep into all current topics and leaves nothing to be desired. You should already have a basic knowledge of Windows system administration, TCP/IP-based networks and web applications in order to gain maximum benefits from this seminar. Programming knowledge is helpful but not required.
Your Benefit
IT systems and IT infrastructures are under threat in many different ways. It's no longer sufficient to keep an eye on firewalls and virus protection. Modern malware cleverly disguises itself from virus scanners. Networks are attacked and sniffed. Vulnerabilities in Windows servers and web applications are ruthlessly exploited. Insecure or incorrectly configured wireless LAN networks serve as a gateway past the firewall. As a defender, you must recognize and close all weaknesses. An attacker, on the other side, only has to find a single open vulnerability and can cause a great deal of damage.
The course focuses on providing important technical background details on hacking tools and exploits. In addition to the tactics and procedures of current attacks, you learn how to use common hacking tools and many different techniques to test the security of your systems and improve protective measures.
Target
This course is aimed at
- system administrators
- network administrators
- web administrations
- information security officers
- information security consultants
in companies that want to look into information security risks from the attacker's perspective to protect their servers and their company against attacks even better.
Course Dates
Our next course dates:
26.08. - 30.08.2024 | Hybrid: classroom in Munich and virtual classroom (VCL) | 4.034,10 € incl. VAT |
14.10. - 18.10.2024 | Hybrid: classroom in Munich and virtual classroom (VCL) | 4.034,10 € incl. VAT |
09.12. - 13.12.2024 | Hybrid: classroom in Munich and virtual classroom (VCL) | 4.034,10 € incl. VAT |
Please contact us.
Agenda
Day 1
- Legal assessment of hacking
- Criminal assessment of hacking
- German criminal code § 202c and self protection
- International law
- Methodology and motives of attackers
- Motives of different attackers
- Hacking Methodology
- Tactics, technics and procedures (TTPs) of attackers
- Hacking cycle
- Cyber kill chain
- MITRE ATT&ACK
- CVE and CVSS
- Most common vulnerabilities and programming issues
- OWASP TOP 10 vulnerabilities
- Lab:
- Evaluation of vulnerabilies with CVE and CVSS
- Attribution of attacks with MITRE ATT&CK
- Searching for exploits for existing vulnerabilities
- Accessing the Darknet with the TOR-Browser
- Linux Hacking Distributions
- Kali Linux
- Lab:
- Optional installation of Kali Linux
- Information Gathering (Footprinting)
- Reconnaissance with publicly accessible information
- Sensitive data in search engines
- Google dorks
- Lab:
- Identification of possible victims through DNS
- Lookup of IP addresses in the RIPE database
- Usage of crafted Google and Bing search requests to gather information
- Usage of online services to gather information (Netcraft, Robtex)
Day 2
- Port scanning
- Different scanning techniques
- Portscanning and fingerprinting
- Portscanning with Nmap
- Scanning with ike-scan and SNMPscan
- Lab:
- Sweep scanning with Nmap
- TCP portscanning with Nmap
- UDP portscanning with Nmap
- Using different scanning options (e.g. -O -A -F)
- Alternatives to Nmap (SuperScan, Unicorn Scanner)
- Traceroute with Nping
- Vulnerability Scanning
- Vulnerability Scanning with Nessus
- Analysis of the scanner results and service specific vulnerabilties
- Lab:
- Installation of Nessus
- Configuration of Nessus scan profiles
- Vulnerability scanning with Nessus
- Analysis of the results
- Technical background of exploits
- Buffer overflows and protection mechanisms
- Race conditions
- Exploits and exploit frameworks
- Web pages with exploits (Exploit DB et. al.)
- Exploit frameworks
- Working with Metasploit
- Post exploitation with Metasploit
- Lab:
- Using the output of Nmap and Nessus to find and prepare exploits
- Usage of exploits to break into Windows 10
- Usage of post exploitation modules in Meterpreter
- SAM extraction with Mimikatz
- Password cracking with John the Ripper and Cain&Abel
Day 3
- Social Engineering
- Introduction to Social Engineering
- Lab:
- Social engineering with Gophish
- Viruses, trojans and malware
- Creating viruses and trojans
- Client-side exploits
- Botnets
- Vulnerabilities in malware scanners
- Lab:
- Testing suspicious programs with Virustotal.com
- Ceating and camouflaging malware, based on Netbus
- Modifying malware to deceive anti-virus scanners
- Creating trojans from harmless software with msfvenom
- Embedding malware in PDF
- Embedding the Meterpreter as macro in a word document
- Hacking Hardware
- Hardware keyloggers
- Malicious USB sticks
- Lab (only in classroom courses):
- Hardware keyloggers
- Rubber Ducky
- Attacking Windows
- Enumeration of Windows users and services
- Vulnerabilities in secondary name services and NetBIOS
- Extracting passwords and lateral movement (with Mimikatz)
- Cleaning up and installing backdoors
- Lab:
- Windows enumeration with SuperScan
- Extracting the LSA cache with Cain&Abel
- Extracing the SAM and logon passwords with Mimikatz
- Cracking password hashes
- Attacking Windows server services
- Exploitation of misconfigured services and applications
- Attacks agains Microsoft SQL server
- attacks against Active Directory domain controllers (DSInternals, BloodHound)
- Pass-the-hash attacks
- Offline attacks
- Lab:
- Offline attack against Active Directory with DSInternals
- Pass-the-hash attack with Metasploit
- AD security analysis with BloodHound
Day 4
- Attacking networks
- ARP spoofing
- Man-in-the-middle attacks
- Eavesdropping of passwords
- Password cracking
- Lab:
- ARP spoofing with Cain&Abel
- ARP spoofing with Bettercap
- Sniffing with Cain&Abel and Wireshark
- DoS-/DDoS attacks
- Denial-of-service attacks
- Distributed denial-of-service attacks
- Amplification attacks
- Lab:
- Denial-of-service attack with Mausezahn
- Wireless LAN hacking
- WEP cracking
- WPA/WPA2 cracking
- Sercurity of WPA3
- Lab:
- WLAN analysis with Kismet
- Eavesdropping with airodump-ng
- Replay attacks with aireplay-ng
- WEP cracking with aircrack-ng
- WPA cracking with Hashdump
Day 5
- Attacking web applications
- Security analysis of web applications
- OWASP Top 10
- Secure TLS encryption
- SQL injection
- CommandiInjection
- Cross site scripting and cross site request forgery
- Lab:
- Attacks against web applications with the OWASP Zed Attack Proxy (ZAP)
- Fuzzing of fields in forms with OWASP Zed Attack Proxy (ZAP)
- Explication of attacks with DVWA
- Detection and exploitation of cross site scripting (XSS) vulnerabilities
- Detection and exploitation of SQL injection vulnerabilities
- Extraction of SQL databases with sqlmap
- Security analysis of Wordpress with WPscan
- Brute force attacks against web applications with Hydra
- Attacking mobile devices
- Mobile hacking
- Malicious apps
- Attacking Android
- Current news and trends
- Current risks and issues
- Looking into the future
Course Material and Practical Labs
Each participant receives the course material (~ 900 pages) completely with training presentation and supplementary explanations as well as the lab guide (~ 100 pages), both completely in German language. The training materials are continuously updated and corrected to reflect current topics.
All hacking tools are used in Labs in an environment with different virtual machines. In particular all the attacks discussed can also be actively tested and executed. The lab part of the seminar is approx. 50%.
Each participant will also receive a download link with all hacking tools so that they can try out attacks on their own systems.
Your Trainer
All seminars are conducted by experienced penetration testers who contribute their years of experience to this course.