penetration testing extreme v2 launch · 2020. 6. 24. · testing the most hands-on ... tactical...
TRANSCRIPT
Penetration Testing eXtreme v2 Launch
Penetration Testing eXtreme v2 Launch
Mobile Application Security and Penetration Testing
The most hands-on Mobile Penetration testing course on the market
Threat Hunter / Threat hunting team Skills
Bougioukas Dimitrios
- Director, IT Security Training Services @ eLearnSecurity
- Author & IT Security Research Lead @ eLearnSecurity
- Expert on EU CERT/CSIRT Technical Training (Incident
Response, Tactical Analytics, SOC 3.0 & SOAR) @ ENISA
Interests:
- Cyber Program Management / Transformation
- Advanced Adversary Simulation & Dark Ops
- Tactical & Strategic Threat Intel
- Purple Team Tactics
whoami
❑
❑
❑
Mobile Application Security and Penetration Testing
The most hands-on Mobile Penetration testing course on the market
Threat Hunter / Threat hunting team Skills
Maximizing the chances of securing and infosec position (PTXv2 & Job proficiency )
Penetration Testing Fundamentals
Red-teaming/Adversary Simulation
(a.k.a Advanced Network Pentesting)
The 4 stages of becoming a complete network penetration tester
Infra & Web App Penetration Testing
Stage 1
Stage 2
Stage 3
Stage 4
Computer Science Basics
Mobile Application Security and Penetration Testing
The most hands-on Mobile Penetration testing course on the market
Threat Hunter / Threat hunting team Skills
Maximizing the chances of securing and infosec position (PTXv2 & Job proficiency )
Penetration Testing Fundamentals
PTS course
Red-teaming/Adversary Simulation (a.k.a Advanced
Network Pentesting)
PTX course
Infra & Web App Penetration Testing
PTP/WAPT courses
Stage 1
Stage 2
Stage 3
Stage 4
Computer Science Basics
❑ Red-team Manager / Lead❑ Advanced Penetration Testers / Red Team
Member❑ Senior Cyber Operators or Analysts}
❑ Penetration Testers❑ Cyber Operators or Analysts❑ IT Sec Personnel}
Comprehensive Training &
Hands-on Practice
Defe
nse M
atu
rity
Level
The 4 stages of becoming a complete network penetration tester
Mobile Application Security and Penetration Testing
The most hands-on Mobile Penetration testing course on the market
Threat Hunter / Threat hunting team Skills
1
1
0
1
0
0
1
1
0
1
1
1
0
1
0
1
0
1
1
0
1
1
1
0
0
1
1
1
0
1
0
1
0
1
0
1
1
0
1
1
0
1
0
0
0
1
0
1
1
0
1
0
0
0
0
1
0
1
0
0
1
0
0
0
1
0
0
1
0
1
1
0
0
1
0
0
0
1
0
0
0
0
1
0
0
1
0
0
0
0
1
0
0
1
1
1
0
1
0
1
1
1
0
0
0
0
1
1
1
1
1
1
0
1
1
0
0
1
0
1
0
1
1
1
0
0
0
1
1
0
0
1
1
0
1
1
0
0
0
1
1
1
0
1
0
0
1
1
0
1
0
0
1
1
0
1
1
1
0
1
0
1
0
1
1
0
1
1
1
0
0
1
0
0
1
0
0
0
0
1
0
0
0
0
0
1
1. Additional & Updated Material
o Nearly double the number of slides (from ~1.3k
to ~2.1k slides)
o Introduce and cover the latest in C# and .NET
tradecraft
o Additional in-depth coverage of all AD attacks
and the associated toolkits
o Addresses all student weak points that have been
spotted over the last three years
2. Red-teaming Active Directory Labs
o Three (3) fully-featured and dedicated Active Directory labs (~280 lab manual PDF pages)
o 100+ hands-on red teaming challenges spread across 11+ attack scenarios
o Heterogeneous networks (Linux domain-joined machines included)
o Gaining initial foothold or spreading the compromise through vulnerable perimeters (web apps)
o Manual penetration testing using a Windows box against a hardened network
o Infra that can be reused for your own experiments
3 . Multiple Collaborators = Multiple
Attack Perspectives
4. Evasion & Custom Payloads
o Custom loaders/stagers/implants
o Payload encryption
o .NET assembly obfuscation and injection
o Shellcode injection
o PPID spoofing
o Re-weaponizing AMSI bypasses
o Unloading Sysmon
o Disarming ETW
o Userland API unhooking and much more
Congratulations!
LAUNCH OFFER EXAMPLE
AND ANOTHER THING
CISO UnderrepresentedTuesday June 30, 2020 @ 1:00 PM EDT
https://www.ethicalhacker.net/eh-net-tv/eh-net-live/webinar-ciso-underrepresented/
USA – Italy – Beyond…
THANK YOU!