Real Network Penetration Testing
An enterprise network pentest simulation brought to you by Real Hax.
Date: April 13 & 14 2023
On-Site (In Person)
Welcome to this intensive two-day network penetration testing course. This hands-on training will provide you with an in-depth understanding of the four phases of a network penetration test and equip you with the skills and knowledge needed to successfully execute a professional-grade engagement. See the abstract video here https://vimeo.com/789154564
Day 1 (You’re gonna need a bigger boat)
On day one, you will begin by attacking a pre-configured virtual network environment modeled after a modern enterprise. This environment consists of workstations and servers running various Linux and Windows operating systems. You will utilize your newly acquired skills to identify and enumerate network services, uncover and attack exploitable weaknesses, and perform privilege escalation techniques on both Windows and Linux systems. Once compromised, targets will reveal access to Newley available systems which you will penetrate to further your foothold within the enterprise environment.
Day 2 (I know kung fu)
Day two will focus on setting up a Command and Control (c2) infrastructure, deploying phone-home agents on multiple targets, and uncovering a path to Domain/Network-level admin on the target enterprise environment. You will also learn how to create a professional-grade report, that includes the eight components of a solid pentest deliverable.
By the end of this training, you will have a comprehensive understanding of the challenges professional penetration testers face and the tactics, techniques, and procedures (TTPs) needed to overcome them. You will leave feeling empowered and well-equipped to tackle even the toughest of engagements.
Who Should Attend
This course is designed for anyone who wants to learn how a motivated and skilled attacker can take complete control of an enterprise's IT infrastructure.
What You Need
To participate, you will need a modern laptop with solid a WiFi adapter, as well as comfort and competency using Windows/Linux command line interfaces.
Every student will have their own dedicated lab environment hosted in “the cloud”, which can be accessed through RDP over the Internet (It’s not as scary as it sounds #YOLO).
Royce Davis, Principal Red Team Engineer
Seasoned consultant, team leader, and Information Security expert with a decade of professional experience. Authored and presented industry-recognized tools, techniques and methodologies to large audiences at top-tier security venues across the country.
Specializing in opportunistic network-level penetration testing, red team engagements, and web application ethical hacking. Single-handedly orchestrated hundreds of penetration tests helping to secure many of the largest companies in the world while also obtaining certifications from Offensive Security and the SANS institute. Co-founder of Pentestgeek.com and author of The Art of Network Penetration Testing