Course Overview
During this 5-day course in 35 hours of super intensive training you will gain crucial cybersecurity knowledge and skills in terms of Windows Infrastructure Advanced Penetration Testing. Moreover, you will be able to:
- Get the highest quality and unique learning experience – the class is limited to 10 participants by default.
- Get the opportunity to interact with our world-renowned Experts.
- Go through CQURE’s custom lab exercises and practice them after the course.
- Receive a lifelong certification after completing the course!
Who should attend
Security architects, Active Directory administrators, security administrators, security auditors, and other people responsible for implementing secure identity. To attend this training, attendees should have a good hands-on experience with Active Directory Domain Services (AD DS) administration.
Prerequisites
To participate in the course you need a stable internet connection. For best learning experience we also need you to have a webcam, headphones and a microphone. Open RDP port 3391 for the connection to the lab environment is needed as well. We will setup a secure Zoom classroom for every day of the course – we will send you a safe link to join the conference by e-mail.
Course Objectives
This is an international Live Virtual Class where you will be able to share the learning experience with a group of IT pros from around the world without leaving your home or office! The class is taught fully remotely in English by CQURE Cybersecurity Experts. In order to ensure the highest quality and unique learning experience, the course is limited to 12 participants by default, or supported by an assistant instructor if the number of delegates exceeds 12. During this course, you will have the opportunity to go through CQURE’s custom lab exercises, interact with our world-renowned Expert and receive a lifelong certification after completing the course!
Course Content
Module 1: Introduction to Windows Infrastructure Penetration Testing
- What is Penetration Testing?
- Cyber Kill Chain
- MITRE ATT&CK Matrix
- Testing methodologies
- Reporting
Module 2: Infrastructure Penetration Testing
- Modern company, systems and solutions
- Determining attack scope
- Discovering services
- Attacking services
- Vulnerable default configurations
Module 3: Windows Oriented Environment Enumeration
- Reconnaissance Techniques Specific to Windows
- Understanding Windows network architecture
- Enumerating Windows domains and workstations
- Identifying roles of different machines (Domain Controllers, File Servers, etc.)
- Utilizing Nmap for Windows-specific scans
- Accessing sensitive data
- Discovering live systems, open ports, and services with NetBIOS, SMB, and PowerShell
Module 4: Exploitation of Windows Service Vulnerabilities
- Review of Common Windows Security Configurations and Flaws
- Understanding and exploiting NTLM
- Understanding and exploiting Kerberos
- Manipulating SMB, RDP, and other protocols for control and data exfiltration
- Relaying and coercing attacks
- Most effective lateral movement techniques
Module 5: Post-Exploitation and Pivoting
- Post-Exploitation: Credential Dumping
- Introduction to PowerShell for Penetration Testing
- Advanced PowerShell scripting for custom exploits
- Advanced data exfiltration techniques
- Log tampering and event log management
Module 6: Microsoft enterprise services
- Exploiting PKI
- Exploiting MSSQL Severs
- Exploiting IIS
- Exploiting ADFS
Module 7: Azure and EntralD pivoting
- Cloud enumeration
- On-prem to cloud pivoting
- Cloud to on-premises pivoting
Module 8: Monitoring and Prevention Techniques
- Effective Windows environment monitoring
- Attack detection through IoA nad IoC
- Advanced Windows hardening
- Effective security frameworks implementation
English