On This Page

Black Ops Hacking - Master level

SensePost | August 4-5 & August 6-7



Overview

Criminal markets have grown at an alarming rate. From financial fraud classes on offer in Brazil, to Russian botnet masters renting out expertise and infrastructure for those wishing to start a career in cybercrime, the tactics, techniques and procedures used by attackers today go beyond simply getting lucky with SQLi.

Our Master course is about leveraging the best techniques from both penetration testers and the underground to truly weaponize attendees. Blue team members will gain insight into the most sophisticated techniques currently being used. With extensive attack scenarios in exploiting all areas of the OSI layer, including 8th (the human) layer.

Each student will be provided with their own, private lab environment. The lab consists of a live target network, but unlike other training, you aren't connected to the LAN with all the targets a single hop away, this is an external engagement. The hands-on exercises will see you gaining a foothold through multiple techniques, including phishing. You will have to manually escalate privileges and exploit trust relationships. Lateral movement techniques will be used to pivot through a real-world network with egress restrictions. Once the entire network has been compromised, you will have the chance to deploying ransomware across the target organization and experience firsthand the effects of such a compromise.

What's new for 2018?

New techniques to obtain a foothold including phishing and the abuse of Microsoft Exchange Services. Expanded pivoting and lateral movement techniques, reaching deeper into a more restricted network. The inclusion of several new persistent access techniques for those red team engagements. Advanced usage of penetration testing tools such as Powershell Empire and Metasploit for complete control in sticky situations. DNS based data exfiltration and Command & Control techniques. Hands-on deployment of ransomware across the lab environment.

Who Should Take this Course

Black Ops Hacking is designed for experienced penetration testers, network administrators, red/blue teams, security professionals, and IT security enthusiasts who have a need to acquaint themselves with real-world offensive tactics, techniques and tools.

Student Requirements

Students need to ensure they have the necessary level of skill. Extensive hacking experience is not required for this course, but a solid technical grounding is an absolute must.

What Students Should Bring

Students should bring a laptop that is capable of running two VMWare images at the same time, we suggest at least 8Gb of Ram. For networking we will make use of the standard BlackHat classroom WiFi.

What Students Will Be Provided With

We have developed a training portal that will be made available to all students before they attend Black Hat. This portal allows you to register an account and gain access to the slides used and any prerequisite information we feel would help you get the best out of this course. All content for the course, including tools required and instructions to configure your environment, will be made available via the training portal before you start, which means less time setting up and more time for learning.

Access to this portal will not stop once the course has finished, allowing you to continue learning in the weeks/months after Black Hat.

Trainers

SensePost has been training at Black Hat since 2001. We pride ourselves on ensuring our content, our training environment and trainers are all epic in every way possible. From working penetration testers, responsible for numerous tools, talks and 0day releases. We have years of experience building environments tailored for learning, training is at the core of what we do.