PÃ¥ dette kursus vil deltagerne tilegne sig viden ved at simulere et hackerangreb og evaluere sikkerheden for systemerne og netvÃ¦rksinfrastrukturen set fra et internt trusselsperspektiv. Kurset vil vÃ¦re baseret pÃ¥ praktiske testcases, da et interessant labmiljÃ¸ af sÃ¥rbare virtuelle maskiner, vÃ¦rktÃ¸jer og teknikker vil blive sat til rÃ¥dighed for deltagerne for pÃ¥ den mÃ¥de at fÃ¥ en fuld hands-on oplevelse. Dette sikrer en grundig forstÃ¥else af de teoretiske begreber og giver samtidig deltageren hands-on erfaring.
- Learn how to attack a corporate infrastructure.
- Understand and try some of the best attacks of last year, pass-the-hash and cypto vulnerabilities and rediscover how efficient old but good attacks like MitM and spoofing attacks work.
- Understand why your first idea of protection does work and see the benefit of defence in depth.
- Apply the methodology and techniques used by hackers to evaluate the security posture of the systems and exploit the weakest links.
- Understand the different methods that intruders use to gain unauthorized access to systems and learn how to prevent them. The course will cover all the phases of a typical penetration test, following the methodology of:
- Reconnaissance and information gathering
- Footprinting and scanning
- Vulnerability assessment
- Post-exploitation Capture the flag (CTF)
This session represents the culmination of the training course, where the students will apply the skills mastered in the course in a full-day, hands-on workshop. The students will conduct an actual penetration test of a sample target environment. FortConsult will provide the scope and rules of engagement, and the students will work in teams to achieve the goal of finding out whether the target organization/application is at risk. The course will focus on attacking a Windows environment from the inside. Also we will shortly cover network devices and Linux.