Hacking by Numbers Reloaded - Black Ops

SensePost | August 4-5

On This Page


This course forms part of SensePost's new Hacking by Numbers Reloaded training series.

BlackOps is the penetration-testing course. This is not your average point and click pwnage course, but a course designed and developed based upon real-world field experience using real world tools and techniques.

The students will be instructed on how to generate an appropriate payload, gain remote access (bypassing inbound/outbound protection mechanisms), and persist on the target box or network. This course touches upon the latest tools and techniques aiding data harvesting, exfiltration, pivoting, privilege escalation, HIPS evasion, persistence, client-side attacks, and OSINT.

This year we’ve added additional modules that look at how you’d tackle large infrastructure penetration tests (seeing the wood through the trees), a monster section on stalking people using OSINT approaches, and a section on real-world malware techniques/types, AV bypassing, data harvesting and extrusion techniques used in the wild. Finally our last module is a no-holds barred module where you need to stalk, social engineer, exploit and exfiltrate data from a suspected bad guy using the techniques learned throughout the course.

For more information on SensePost courses at Black Hat, please visit: http://www.sensepost.com/blackhat

Day One
Non-Standard Targeting

• IPV6, mDNS/DNS, creative traceroute, rapid reconnaissanceCompromise

• Remote vulnerability identification exploitation and post exploitation SSL/MITM, WPAD, IPv6 attacks, smbrelaying, crypto attacks against obfuscated credentials.Privilege Escalation

• Going from local user to enterprise admin using exploits and standard OS tools.Persistence

• Ensuring post exploitation repeats access to resources.
Day TwoPivoting

• Bouncing through machines inside corporate LAN to get to the good stuff.Open Source Intelligence

• Finding your target:HIPS Evasion
• Hiding AVs and smart traffic filtering device such as FireEye.Client-side exploitation

• Compromising the receptionist’s PC, and using that as a pivot point.

The students will have the opportunity to dig in and play around with client side tools like; Andromeda, Alueron (KINS), vSkimmer, Wildlife exploit packs, file format attack vectors (pdf, doc), generate custom and advanced payloads with MASM and Metasploit Framework and more.

Each section follows with a practical whereby students are required to capture the flag using the techniques they have just learned. Standard BlackHat coffee and lunch breaks are followed.

BlackOps takes all the skills you’ve already acquired (maybe from out Bootcamp course, but it’s not a prerequisite) and puts them into action. We look at what you do once you’ve found vulnerability from a pre/post exploitation point of view and also how you’d get data out without tripping any alarms. It’s the final course before going into our hardest HBN course: Combat

Who Should Take This Course

BlackOps designed for network administrators, security professionals and IT security enthusiasts who have a need to acquaint themselves with the real-world offensive penetration testing techniques, tactics and tools.

Black Ops naturally follows directly from our Bootcamp courses and prepares students for HBN Combat - our ultimate hands-on course. Students need to ensure they have the necessary level of skill associated with previous experience as a penetration tester or similar hacking skills. Although prior participation in an HBN course is not a prerequisite, significant exposure to hacking training, tools and techniques is highly recommended.

Student Requirements

Students need to ensure they have the necessary level of skill. No hacking experience is required for this course, but a solid technical grounding is an absolute must. Students are expected to be versed in basic programming or scripting, networking and Internet technologies, 'nix and Windows operating systems, basic SQL and database technologies. No advanced skills are required, but students without a good, practical knowledge of these areas will fall behind in this fast-paced class. Students without the requisite technical skills are encouraged to consider our Hacking by Number Reloaded - Cadet course, which can be completed online prior to Black Hat USA.

What Students Should Bring

Enthusiasm and a desire to learn, hack, and have fun.

Students are required to bring their own laptop for this course with the ability to boot Kali Linux from a flash drive.

• at least 4GB ram
• 20 GB of free hard drive space
• wired and wireless network support
• USB 3.0 (although 2.0 will suffice)

What Students Will Be Provided With

We will provide a USB drive with all the tools used, course handbook and slides.


All of SensePost’s Hacking By Numbers trainers are working penetration testers or developers. What we perform for our clients often makes it into our HBN courses as modules. We love teaching and have been doing so for Black Hat for over a decade now. Our courses are hands on, fun to do and also show real-world scenarios that students will encounter.