About the course
Security audit is becoming more and more difficult every year. Until recently, almost any server or website could be compromised using basic knowledge. Nowadays, most companies have several protection mechanisms and solutions in place that make compromise much more difficult.
The role of reconnaissance has become central to the penetration testing process. The more information you collect before actively interacting with a network, the more likely you will be to successfully compromise your target.
Thorough reconnaissance can provide all the information required to gain access to the network, even without exploiting any vulnerabilities.
The course teaches how to conduct thorough reconnaissance and how to apply its results.
We also look at the difference between attacking and defending approaches to security when considering infrastructure. In our experience, blue teams struggle to protect their network from intruders because they do not understand how hackers think. We strive to fill this gap.
Key topics covered:
- Reconnaissance approaches
- Importance of reconnaissance and its role in the attack chain
- Cyber kill-chain and MITRE ATT&CK models from the point of view of attackers
- Penetration testing process
- DNS enumeration
- SSL enumeration
- Domain and subdomain discovery
- Network discovery
- Asset discovery
- Virtual host enumeration
- Services discovery
- Fuzzing
- Cloud enumeration
- Custom wordlists compilation
Skills acquired:
- Understand the penetration testing process
- Understand approaches used by attackers and how attackers operate
- Conduct full-fledged reconnaissance
- Use reconnaissance results to ensure faster and easier exploitation
- Compile custom wordlists
- Assess infrastructure using an offensive approach to protect it against various threats
Target participants:
- IS professionals transitioning into penetration testing
- System/network administrators/engineers
- SOC/CERT/CSIRT employees
- Technical specialists with experience in IS
- Information security professionals
- Penetration testing enthusiasts
Requirements:
- A basic ability to use Linux terminal/command line
- Basic understanding of the following terms:
* domain/subdomain
* IPv4/IPv6/CIDR/ASN
* whois
* SSL certificate
* NS records
* DNS server
* GIT/SVN
Course program
Day 1
The first day starts with discussing how crucial reconnaissance is and its role in the modern attack chain. Next, we explore reconnaissance visualization for observing the attack surface.
After this we look at the high-level diagram of reconnaissance and give an overview of techniques. Important techniques are discussed along with core tools. To reinforce the knowledge gained, participants repeat the demonstrated process manually.
The first day concludes with a discussion about key processes that organizations should implement to protect themselves.
Day 2
On day two, we continue with the topic of discovery and enumeration. This time we focus on network discovery. We also cover asset discovery, cloud enumeration, and fuzzing.
Day 3
On day three, participants are divided into teams and compete with each other on attacking simulated infrastructure.
