DeepSec 2018 Training: Advanced Infrastructure Hacking – Anant Shrivastava
Whether you are penetration testing, Red Teaming or trying to get a better understanding of managing vulnerabilities in your environment, understanding advanced hacking techniques is critical. This course covers a wide variety of neat, new and ridiculous techniques to compromise modern Operating Systems and networking devices.
We asked Anant a few more questions about his training.
Please tell us the top 5 facts about your training.
- Constantly evolving course: Every year each iteration has something new added to it. (Minimum 25%, maximum 50% of the course gets an upgrade every year).
- Developed by Practitioners: The course is developed by regular pentesters deriving challenges from real life pen-testing scenarios. All of our trainers are full time pentesters and part time trainers.
- Covers a whole breadth of infrastructure: From IPv4/v6 to databases, to OSINT, Windows, Linux, and Cloud platforms; from understanding OS to restricted shell breakout AppLocker, and rbash, to name a few. We also cover active directory attacks and delegations extensively. And there is still more to it than that: We also cover specialised topics like Container breakout, docker and kubernetes, VLAN, VOIP, VPN, and cloud pen-testing, AWS, GCP, and Azure.
- Free 1 Month Lab Access: We believe that practice makes things easier to remember. That is why every participant gets free access to our Hacklab for one month even after the class is over.
- Focus on Techniques and not just tools: We don’t just ask you to type commands in metasploit and be done with it. In fact during our entire class we use metasploit for not more than 6-7 exercises (15-20% of the time). Our major focus is on understanding the technique and how it can be applied in environments.
How did you come up with it? Was there something like an initial spark that set your mind on creating this course?
Our Advanced Infrastructure Hacking Training was developed out of the need for a course which covers a wide range of techniques for pentesters. As much as specialization is required the field also needs generalized skills in all areas. This course tries to fill that gap by giving people a wide range of skills.
Why do you think this is an important topic?
Infrastructure is the core of Information Technology. It will change its shape and form but will remain the core of this field. Hence training on the nitty-gritties of it will always be required.
Is there something you want everybody to know – some good advice for our readers maybe?
Penetration testing is an extremely broad, varied and complex practice, with so many potential avenues that will need to be explored in any given environment. Whether you are an experienced pentester, just starting out, moving roles, only dabbling, a developer looking to understand vulnerabilities better, or any combination of the above or others, you will know, or very quickly realise, two truths:
First, learning techniques might be relevant to specific scenarios, but developing technique is essential to becoming a good pentester.
And second, from this day until the day you’ll retire, you must never stop learning.
At the heart of every concept of all of our courses lies the goal of understanding more – not just the steps to exploit given vulnerabilities, but the processes behind them. We have tried to take all this and build the course around this concept. Hence, if you match any of the traits described above this would be a most suitably course for you.
A prediction for the future – what do you think will be the next innovations or future downfalls when it comes to your field of expertise / the topic of your training in particular?
Infrastructure is already witnessing a major trend towards cloud. Most of what’s used to be servers are now cloud services, with more and more responsibilities handled by cloud service providers. This increases the security landscape but also the risks, cause most of the background will remain opaque to tenants and hence mistakes can lead to devastating effects. Not just data, but also money can be directly affected. As for what the future holds, we see a major uptick in cloud adoption leading to all sorts of insecure configurations left wide open on the internet and a more stringent need for professionals with an understanding of Information security. Advanced Infrastructure Hacking is our attempt to bridge that gap.
==============
Course Outline
==============
Note: This is a fast paced version of the original 4 day class, cut down to 2 days. To fit the entire training material within 2 days, some of the exercises have been replaced by demos which will be shown by the instructor. Students will receive FREE 1 month lab access to practice each exercise after the class.
While prior pentest experience is not a strict requirement, familiarity with both Linux and Windows command line syntax will be greatly beneficial. The following is the syllabus for the class:
Day 1:
* IPv4/IPv6 Basics
* Host Discovery & Enumeration
* OSINT & Asset Discovery
* Hacking Application and CI Servers
* Oracle Database Exploitation
* Windows Vulnerabilities and Configuration Issues
* Windows Desktop ‘Breakout’ and AppLocker Bypass Techniques
* A/V & AMSI Bypass Techniques
* Offensive PowerShell Tools and Techniques
* Local Privilege Escalation
* Post Exploitation Tips, Tools and Methodology
* An Introduction into Active Directory Delegation
* Pivoting, Port Forwarding and Lateral Movement Techniques
Day 2:
* Linux Vulnerabilities and Configuration Issues
* User/Service Enumeration
* File Share Hacks
* SSH Hacks
* Restricted Shells Breakouts
* Breaking Hardened Webservers
* Local Privilege Escalation
* MongoDB, TTY, Reverse tunneling
* Post Exploitation
* VLAN Hopping
* Docker breakout
* Kubernetes vulnerabilities
* Hacking VoIP
* Exploiting Insecure VPN Configurations
Anant Shrivastava is an information security professional with 9+ years of corporate experience and expertise in Network, Mobile, Application and Linux Security. He is the Regional Director for the Asia Pacific Area for NotSoSecure Global Services and has trained about 600 delegates at various conferences (Blackhat all 3 editions, Nullcon, g0s, c0c0n, ruxcon). Anant also leads the Open Source project Android Tamer and CodeVigilant. His work can be found at anantshri.info