Cyber Security & ANTI-HACKING WorkshopHACKICInnovator ClassIC-HACK8.2<p>The aim of the course is to impart technical and organizational knowledge in the field of IT security so that participants can make sensible decisions in their daily work to improve IT security efficiently and sustainably. Numerous practical exercises will enable you to recognize and ward off attacks or to close or reduce existing security gaps.</p><ul>
<li>Experience with the operation and administration of IT systems</li><li>Basic IT security knowledge</li></ul><p>This beginner's course is aimed at IT security officers, IT administrators (client, server, network), programmers, IT engineers and Security Operation Center (SOC) operators as well as anyone who wants to view security risks from the perspective of the attacker and thus develop solution scenarios.</p><ul>
<li>Basics of cyber security</li><li>Current trends</li><li>Initial infection</li><li>Infrastructure security</li><li>Linux attacks</li><li>Windows attacks</li><li>Post-exploitation</li><li>Active Directory</li><li>Post Exploitation</li><li>Defense in Depth</li><li>Ransomware</li><li>Ask me Anything</li><li>Web Security</li><li>Denial of Service</li><li>Network Security</li></ul><h5>Cybersecurity basics</h5><ul>
<li>What is hacking?</li><li>What is IT security?</li><li>Attackers, motivation and tactics</li><li>General definitions and metrics</li><li>Attack techniques and tactics according to Mitre Att&ck</li></ul><h5>Current trends</h5><ul>
<li>Current metrics</li><li>Proven attack techniques</li><li>Cybersecurity trends and current threat situation</li></ul><h5>Initial infection</h5><ul>
<li>Types of social engineering</li><li>Password-based attacks</li><li>Advantages and disadvantages of password policies</li><li>Phishing and bypassing MFA / 2FA</li><li>M365 attacks</li><li>Adversary-in-the-browser attack</li><li>Browser-in-the-browser attack</li><li>Recognizing and preventing phishing</li><li>Email-based attacks</li><li>Browser-based attacks</li><li>Attacks with peripheral devices</li><li>Exploit vs. social engineering</li><li>Physical attacks</li></ul><h5>Infrastructure security</h5><ul>
<li>Introduction of the attack chain</li><li>Enumeration and footprinting</li><li>Discovery and port scanning</li><li>Off-line cracking</li><li>Reverse and bind shells</li><li>Evaluation of vulnerabilities</li><li>Command injections, webshells and SSRF</li><li>Introduction to Metasploit</li></ul><h5>Linux Security</h5><ul>
<li>Linux basics</li><li>Linux Exploitation</li><li>Lateral movement and pivoting</li><li>Privilege Escalation</li><li>Post-exploitation</li><li>Case Studies</li></ul><h5>Windows Security</h5><ul>
<li>Windows basics</li><li>Windows Credential System</li><li>NG Firewall Invasion</li><li>Pivoting</li><li>Memory Corruptions</li><li>Exploit Mitigations</li><li>Meterpreter advanced</li><li>Keylogging</li><li>Client-Side Exploitation</li><li>Sysinternals Suite</li><li>Library hijacking</li></ul><h5>Active Directory Security</h5><ul>
<li>Active Directory basics</li><li>Coercion attacks</li><li>Passing on the hash (PTH)</li><li>Passing on the ticket (PTT)</li><li>Golden tickets, silver tickets</li><li>Impersonation</li><li>Kerberoasting</li><li>Over-pass the Hash / Pass the Key</li><li>Skeleton key</li><li>Machine account quota</li><li>AdminSDHolder</li><li>Enterprise access model</li><li>Privileged Access Workstations</li></ul><h5>Evasion</h5><ul>
<li>Native Malware, Powershell Malware, .NET Malware</li><li>A/V evasion</li><li>Exfiltration and C+C</li></ul><h5>Post-exploitation</h5><ul>
<li>Native and meterpreter commands for post-exploitation</li><li>Living-off-the-land attacks</li><li>Fileless malware</li><li>Lateral Movemenent (RDP, WMI, WinRM, DCOM RPC)</li></ul><h5>Defense in Depth</h5><ul>
<li>Windows hardening</li><li>Active Directory Hardening</li><li>The Kill Chain</li><li>Network defense</li><li>Basics of ISMS</li><li>Advanced network defense</li><li>Threat modeling and protecting crown jewels</li><li>Setting up and operating security operation centers</li><li>Incident response policies</li><li>Threat intelligence</li></ul><h5>Ransomware defense</h5><ul>
<li>Backup strategy</li><li>RPO and RTO</li><li>Recovery strategy</li><li>Ransomware protection</li><li>To pay or not to pay?</li><li>Decryption considerations</li><li>Tools</li></ul><h5>Web security</h5><ul>
<li>Introduction to web applications, services and http</li><li>OWASP TOP 10</li><li>Dealing with browser developer tools</li><li>Web vulnerabilities on the server side (SSRF, command injections, deserialization, SQLi, file inclusion)</li><li>Browser-supported web vulnerabilities (XSS, XSRF, etc)</li><li>Vulnerabilities in web services</li></ul><h5>Ask me Anything with trainer</h5><ul>
<li>Open question and answer session</li><li>Discussion of current projects</li><li>Deepening</li></ul><h5>Network security</h5><ul>
<li>Introduction to Wireshark and Scapy</li><li>Different types of MiTM attacks</li><li>Sniffing and injection</li><li>Switching security</li><li>Microsegementation</li><li>Wifi security main threats</li><li>Attacks on TCP/IP stack</li><li>TCP, UDP, IPv4/ IPv6 threats</li><li>Network access control</li></ul><h5>Secure communication</h5><ul>
<li>Encryption basics</li><li>Different cryptosuites</li><li>Public key infrastructures</li><li>Crypto-Hardening</li><li>Practical use of cryptography</li><li>Introduction to TLS/SSL</li><li>TLS/SSL attacks and defense</li><li>Hard disk encryption</li></ul><h5>Denial of service</h5><ul>
<li>Types of denial of service</li><li>Motives of the attackers</li><li>Memory corruption DoS</li><li>Focus on volume-based DDoS</li><li>Defense against denial of service</li><li>Incident response for DoS</li></ul><h4>Case studies and exercises</h4><h5>Basics</h5><ul>
<li>Setting up a phishing page</li><li>DNS reconnaissance</li><li>Port scanning</li><li>Exchange-Exploitation</li></ul><h5>Linux</h5><ul>
<li>Exploitation of a Linux server</li><li>Post-exploitation of the Linux server</li><li>Linux lateral movement</li><li>Heartbleed</li></ul><h5>Windows</h5><ul>
<li>Pivot to Windows</li><li>Lateral movement in Active Directory - Coercion attack</li><li>Kerberoasting</li><li>Post-Exploitation</li></ul><h5>Web</h5><ul>
<li>Web bruteforcing</li><li>XSS vulnerability</li><li>SQL Injection</li><li>Exploitation Wordpress RCE</li></ul><h5>Networking</h5><ul>
<li>Scapy basics</li><li>Analysis of MiTM attacks</li><li>Wireshark basics</li><li>VoIP interception of WebRTC traffic</li><li>TLS stripping with HSTS bypass</li></ul><h5>Demos</h5><ul>
<li>Attack on Keepass</li><li>Windows DLL hijacking</li><li>Examples from Virustotal and Any.run</li><li>Backdoor with MSFvenom</li><li>Targeted breaking of an A/V signature</li></ul>The aim of the course is to impart technical and organizational knowledge in the field of IT security so that participants can make sensible decisions in their daily work to improve IT security efficiently and sustainably. Numerous practical exercises will enable you to recognize and ward off attacks or to close or reduce existing security gaps.- Experience with the operation and administration of IT systems
- Basic IT security knowledgeThis beginner's course is aimed at IT security officers, IT administrators (client, server, network), programmers, IT engineers and Security Operation Center (SOC) operators as well as anyone who wants to view security risks from the perspective of the attacker and thus develop solution scenarios.- Basics of cyber security
- Current trends
- Initial infection
- Infrastructure security
- Linux attacks
- Windows attacks
- Post-exploitation
- Active Directory
- Post Exploitation
- Defense in Depth
- Ransomware
- Ask me Anything
- Web Security
- Denial of Service
- Network SecurityCybersecurity basics
- What is hacking?
- What is IT security?
- Attackers, motivation and tactics
- General definitions and metrics
- Attack techniques and tactics according to Mitre Att&ck
Current trends
- Current metrics
- Proven attack techniques
- Cybersecurity trends and current threat situation
Initial infection
- Types of social engineering
- Password-based attacks
- Advantages and disadvantages of password policies
- Phishing and bypassing MFA / 2FA
- M365 attacks
- Adversary-in-the-browser attack
- Browser-in-the-browser attack
- Recognizing and preventing phishing
- Email-based attacks
- Browser-based attacks
- Attacks with peripheral devices
- Exploit vs. social engineering
- Physical attacks
Infrastructure security
- Introduction of the attack chain
- Enumeration and footprinting
- Discovery and port scanning
- Off-line cracking
- Reverse and bind shells
- Evaluation of vulnerabilities
- Command injections, webshells and SSRF
- Introduction to Metasploit
Linux Security
- Linux basics
- Linux Exploitation
- Lateral movement and pivoting
- Privilege Escalation
- Post-exploitation
- Case Studies
Windows Security
- Windows basics
- Windows Credential System
- NG Firewall Invasion
- Pivoting
- Memory Corruptions
- Exploit Mitigations
- Meterpreter advanced
- Keylogging
- Client-Side Exploitation
- Sysinternals Suite
- Library hijacking
Active Directory Security
- Active Directory basics
- Coercion attacks
- Passing on the hash (PTH)
- Passing on the ticket (PTT)
- Golden tickets, silver tickets
- Impersonation
- Kerberoasting
- Over-pass the Hash / Pass the Key
- Skeleton key
- Machine account quota
- AdminSDHolder
- Enterprise access model
- Privileged Access Workstations
Evasion
- Native Malware, Powershell Malware, .NET Malware
- A/V evasion
- Exfiltration and C+C
Post-exploitation
- Native and meterpreter commands for post-exploitation
- Living-off-the-land attacks
- Fileless malware
- Lateral Movemenent (RDP, WMI, WinRM, DCOM RPC)
Defense in Depth
- Windows hardening
- Active Directory Hardening
- The Kill Chain
- Network defense
- Basics of ISMS
- Advanced network defense
- Threat modeling and protecting crown jewels
- Setting up and operating security operation centers
- Incident response policies
- Threat intelligence
Ransomware defense
- Backup strategy
- RPO and RTO
- Recovery strategy
- Ransomware protection
- To pay or not to pay?
- Decryption considerations
- Tools
Web security
- Introduction to web applications, services and http
- OWASP TOP 10
- Dealing with browser developer tools
- Web vulnerabilities on the server side (SSRF, command injections, deserialization, SQLi, file inclusion)
- Browser-supported web vulnerabilities (XSS, XSRF, etc)
- Vulnerabilities in web services
Ask me Anything with trainer
- Open question and answer session
- Discussion of current projects
- Deepening
Network security
- Introduction to Wireshark and Scapy
- Different types of MiTM attacks
- Sniffing and injection
- Switching security
- Microsegementation
- Wifi security main threats
- Attacks on TCP/IP stack
- TCP, UDP, IPv4/ IPv6 threats
- Network access control
Secure communication
- Encryption basics
- Different cryptosuites
- Public key infrastructures
- Crypto-Hardening
- Practical use of cryptography
- Introduction to TLS/SSL
- TLS/SSL attacks and defense
- Hard disk encryption
Denial of service
- Types of denial of service
- Motives of the attackers
- Memory corruption DoS
- Focus on volume-based DDoS
- Defense against denial of service
- Incident response for DoS
Case studies and exercises
Basics
- Setting up a phishing page
- DNS reconnaissance
- Port scanning
- Exchange-Exploitation
Linux
- Exploitation of a Linux server
- Post-exploitation of the Linux server
- Linux lateral movement
- Heartbleed
Windows
- Pivot to Windows
- Lateral movement in Active Directory - Coercion attack
- Kerberoasting
- Post-Exploitation
Web
- Web bruteforcing
- XSS vulnerability
- SQL Injection
- Exploitation Wordpress RCE
Networking
- Scapy basics
- Analysis of MiTM attacks
- Wireshark basics
- VoIP interception of WebRTC traffic
- TLS stripping with HSTS bypass
Demos
- Attack on Keepass
- Windows DLL hijacking
- Examples from Virustotal and Any.run
- Backdoor with MSFvenom
- Targeted breaking of an A/V signature4 days3490.003490.003490.008990.002990.003490.003490.00