About the course

The Summer Infrastructure Pentesting Bootcamp is an intensive, five-day training program running from August 19th to August 23rd, 2024, designed for cybersecurity professionals, IT professionals and IT geeks.
This hands-on course, offering 7.5 hours of daily training, focuses on advanced techniques in network defense, vulnerability hunting, and exploitation, specifically targeting Active Directory and Windows services. Ideal for penetration testers, security analysts, and IT administrators, the bootcamp provides practical experience with the latest cybersecurity tools and methodologies, ensuring participants can effectively enhance organizational security against sophisticated cyber threats.

Who is it for

• Penetration Tester: Experienced in performing authorized simulated attacks to identify vulnerabilities and seeking to deepen your skills in advanced network and system exploitation.
• Security Analyst: Responsible for monitoring, analyzing, and defending against security threats and looking to enhance your ability to identify and mitigate complex vulnerabilities.
• IT Professional: Managing and securing IT infrastructure, eager to learn cutting-edge techniques to protect your organization’s assets from sophisticated cyber attacks.
• Cybersecurity Professional: Focused on safeguarding organizational data and systems, aiming to stay ahead of the latest threats and improve your defensive strategies.
• Geeks with an IT Background: Excited to start an adventure in the cybersecurity pentesting field, ready to dive deep into hands-on learning and practical application of advanced pentesting techniques

Agenda

DAY 1: Mastering Reconnaissance and Enumeration

• Module 1. Reconnaissance Techniques
• Module 2: Operating system oriented environment enumeration

DAY 2: Mastering Hunting for Vulnerabilities

• Module 3: Hunting for Vulnerabilities

DAY 3: Mastering identity attacks and protocol flows

• Module 4: Attacks on NTLM: Execution and Mitigations
• Module 5: Attacks on Kerberos authentication: Execution and Mitigations
• Module 6: Attacks against Kerberos tickets: Execution and Mitigations

DAY 4: Advanced attacks on Active Directory and Entra ID

• Module 7: Advanced AD Attacks: Execution and Mitigations
• Module 8: Azure and Entra ID pivoting

DAY 5: Mastering Enterprise Exploitation, PostExploitation and Pivoting

• Module 9: Mastering Exploitation of Enterprise Services/li>
• Module 10: Mastering Persistence and Lateral Movement

Tečaj bo potekal online in v angleškem jeziku.

Predavatelji: Paula Januszkiewicz, Mike Jankowski-Lorek Ph.D., Michael Grafnetter, Marcin Kozłowski, Mateusz Ziebura

Erly bird ponudba, ki bo trajala do 2. avgusta 2024: 2.950,00 € + DDV Več o vsebini tečaja