Class Abstract: In this 1 day class we will study more advanced penetration testing techniques, picking up where Penetration Testing with Metasploit left off. In the absence of low hanging fruit such as default passwords, vulnerable network service, and misconfigurations, how can we break into the environment? We will cover more advanced exploitation techniques such as client side attacks and social engineering. We will study techniques for bypassing anti-virus, firewalls, and intrusion detection systems with our attacks. This class will also cover post exploitation in depth. We will cover topics such as persistence, local privilege escalation, getting Windows domain administrative privileges, local information gathering, and using Powershell. This class will use the Metasploit framework as well as other tools as well as manual techniques.
When: TBA
Where: Online! The class will be held using GoToMeeting. There is a free client download for Windows and Mac. Like most useful things it isn’t supported on Linux unfortunately. You will able to see me, hear me, and see my screen as I demonstrate the hands-on material.