Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
Hacking Classes
75%75% Hands-on Learning in
Our Modern Hack Lab Updated Regularly to Include
Trending TechniquesWritten by BlackHat
Trainers: Available Globally
notsosecure.com
notsosecure.com@NotSoSecure Global Services Limited, 2018 All Rights Reserved
NotSoSecure Global Services Limited (Company Registration 09600047, VAT Registration 215919989) | Trading As NotSoSecure
Head Office: CB1 Business Centre, Twenty Station Road, Cambridge, CB1 2JD, UK Registered Office: Office 75 Springfield Road, Chelmsford, Essex, CM2 6JB, UK
[email protected] Tel: +44 1223 653193
THE ART OF HACKING
THE ART OF HACKING .........................................................................................................................PAGE 2
INFRASTRUCTURE HACKING ..............................................................................................................PAGE 4
WEB HACKING ......................................................................................................................................PAGE 6
OTHER SPECIALIST CLASSES
ADVANCED INFRASTRUCTURE HACKING .........................................................................................PAGE 8
ADVANCED WEB HACKING ............................................................................................................... PAGE 10
APPSEC FOR DEVELOPERS .............................................................................................................. PAGE 12
= +
Hacking Classes
INFRASTRUCTURE HACKING3 DAYS
WEB HACKING2 DAYS ADVANCED
INFRASTRUCTURE HACKING5 DAYS
INTERMEDIATEBEGINNER EXPERT
5 DAYSTHE ART OF HACKING
ADVANCED WEB HACKINGBLACK BELT EDITION
5 DAYS
Becoming an information security expert
2 3
nots
osec
ure.
com
Master the Art of Hacking by building your hands-on skills in a sophisticated hack-lab with material that is delivered on the world conference stage; certified, accredited, continually updated and available globally
The ideal introductory/intermediate training that brings together both infrastructure hacking and web
hacking into a 5-day “Art of Hacking” class designed to teach the fundamentals of what pen testing is
all about. This hands-on training was written to address the market need around the world for a real
hands-on, practical and hack-lab experience that focuses on what is really needed when conducting
a penetration test. Whilst a variety of tools are used, they are the key tools that should be in any
penetration tester’s kit bag. This, when combined with a sharp focus on methodology will give you what
is necessary to start or formalise your testing career.
5 DAY CLASS FOUNDATION TRACK
The Art of Hacking
One of the best classes I’ve taken in a long time. The content was on point and kept me engaged. I am new to Cyber Security after 25 years in App Development and I’m very pleased with what I have learned
Delegate, Black Hat USA
Written & continually developed by leading
Black Hat trainers
Key tools that build a must have pen tester kit
Updated regularly to include trending techniques
This class teaches the attendees a wealth of hacking techniques to compromise the security
of various operating systems, networking devices and web application components. The class
starts from the very basic, and builds up to the level where attendees can not only use the tools
and techniques to hack various components involved in infrastructure and web hacking, but
also walk away with a solid understanding of the concepts on which these tools are based. The
class comprises of 3 days of infrastructure hacking and 2 days of web hacking.
THE ART OF HACKING CLASS CONTENT
DAY 1Infrastructure basics• TCP/IP basics• The art of port scanning• Target enumeration• Brute-forcing• Metasploit basics• Password cracking
DAY 2Hacking Unix, databases and applications• Hacking recent Unix
vulnerabilities• Hacking databases• Hacking application servers• Hacking third party
applications (WordPress, Joomla, Drupal)
DAY 3Hacking Windows• Windows enumeration• Hacking recent Windows
vulnerabilities.• Hacking third party software
(Browser, PDF, Java)• Post exploitation: dumping
secrets• Hacking Windows domains
DAY 4Information gathering, profiling and cross-site scripting• Understanding HTTP protocol• Identifying the attack surface• Username enumeration• Information sisclosure• Issues with SSL/TLS• Cross-site scripting• Cross-site request forgery
DAY 5Injection, Flaws, Files and Hacks• SQL injection• XXE attacks• OS code injection• Local/remote file include• Cryptographic weakness• Business logic flaws• Insecure file uploads
INFRASTRUCTURE HACKING
WEB HACKING
WHO SHOULD TAKE THIS CLASS?System Administrators, Web Developers, SOC Analysts, Penetration Testers, Network Engineers, Security enthusiasts and anyone who wants to take their skills to the next level.
4 5
nots
osec
ure.
com
Introduction into infrastructure testing
Gain practical experience with tools that will last you well into the future
Learn core infrastructure techniques
Leave with the basis to take your testing knowledge forward into more advanced infrastructure topics
This is an entry-level infrastructure security and testing class and is a pre-requisite for our Advanced
Infrastructure Hacking class. This class familiarises the attendees with the basics of network hacking. A
number of tools and techniques will be taught during this 3-day class, If you would like to step into the
world of ethical hacking / pen testing this is the right class for you.
3 DAY CLASS FOUNDATION TRACK
InfrastructureHacking
This class familiarises the attendees with a wealth of hacking tools and techniques. The class
starts from the very basic and gradually builds up to the level where attendees not only use the
tools and techniques to hack various components involved in infrastructure hacking, but also
walk away with a solid understanding of the concepts on which these tools work.
INFRASTRUCTURE HACKING CLASS CONTENT
DAY 1Infrastructure basics• TCP/IP basics• The art of port scanning• Target enumeration• Brute-forcing• Metasploit basics• Password cracking
DAY 2Hacking Unix, databases and applications• Hacking recent Unix
vulnerabilities• Hacking databases• Hacking application servers• Hacking third party
applications (WordPress, Joomla, Drupal)
DAY 3Hacking Windows• Windows enumeration• Hacking recent windows
vulnerabilities.• Hacking third party software
(Browser, PDF, Java)• Post exploitation: dumping
secrets• Hacking windows domains
WHO SHOULD TAKE THIS CLASS?System Administrators, Web Developers, SOC Analysts, Penetration Testers, Network Engineers, Security enthusiasts and anyone who wants to take their skills to the next level.
Very organized and clearly presented. Great having hands-on experience with individuals ready to assist needed
Delegate, Black Hat USA
Infrastructure Hacking is the first part of the Art of Hacking Class.
6 7
nots
osec
ure.
com
Introduction into web application hacking
Practical in focus, teaching how web application security flaws are discovered
Covers leading industry standards and approaches
Builds the foundation to progress your knowledge and move into more advanced web application topics
This is an entry-level web application security testing class and is a pre-requisite for our Advanced
Web Hacking class. This class familiarises the attendees with the basics of web and application
hacking. A number of tools and techniques will be taught during the 2 day class. If you would like to
step into the world of ethical hacking / pen testing with a focus on web applications, then this is the
right class for you.
2 DAY CLASS FOUNDATION TRACK
WebHacking
This class familiarises the attendees with a wealth of tools and techniques needed to breach
the security of web applications. The class starts from the very basic, and gradually builds up to
a level where attendees can not only use the tools and techniques to hack various components
involved in web application hacking, but also walk away with a solid understanding of the
concepts on which these tools are based. The class also covers the industry standards such
as OWASP Top 10, PCI DSS and contains numerous real life examples to help the attendees
understand the true impact of these vulnerabilities.
DAY 1
Information gathering, profiling and cross-site scripting• Understanding HTTP protocol• Identifying the attack surface• Username enumeration• Information disclosure• Issues with SSL/TLS• Cross-site scripting• Cross-site request forgery
DAY 2
Injection, flaws, files and hacks• SQL injection• XXE attacks• OS code injection• Local/remote file include• Cryptographic weakness• Business logic flaws• Insecure file uploads
WEB HACKING CLASS CONTENT
WHO SHOULD TAKE THIS CLASS?System Administrators, Web Developers, SOC Analysts, Penetration Testers, Network Engineers, Security enthusiasts and anyone who wants to take their skills to the next level.
Web Hacking is the second part of the Art of Hacking Class.
8 9
nots
osec
ure.
com
5 DAY CLASS ADVANCED TRACK
Advanced Infrastructure Hacking
Whether you are penetration testing, red teaming, or hoping to gain a better understanding of
managing vulnerabilities in your environment, understanding advanced hacking techniques for
infrastructure devices and systems is critical.
This Advanced Infrastructure Hacking class will get the attendees familiarised with a wealth of
hacking techniques for common operating systems and networking devices. While prior pen
testing experience is not a strict requirement, a prior use of common hacking tools such as
Metasploit is recommended for this class.
This course was exactly as described. It delivered good, solid information on the current state of infrastructure hacking at the rapid pace promised. This was a great way to get back into this area after years away from it.
Delegate, Black Hat USA
CREST CCT EXAM
EXAM PREPERATION
OPTIONAL : PURCHASE EXTRA LAB TIME
ADVANCED INFRASTRUCTURE HACKING
5 DAYS
CCT INF CREST CERTIFIED
INFRASTRUCTURE TESTER
DAY 1IPv4 and IPv6 refresherAdvanced topics in network scanningUnderstanding and exploiting IPv6 targetsOSINT, DVCS exploitationAdvanced OSINT data gatheringExploiting git and continuous integration (CI) servers.Database serversMySQLPostgresOracleRecent vulnerabilitiesHeart-Bleed and Shell-ShockPHP serialization exploitWeb-sphere Java exploits
DAY 2Windows exploitationDomain and user enumerationAppLocker / GPO restriction bypassLocal privilege escalationPost exploitation #1 (AMSI bypass & Mimikatz)Post exploitation #2 (LSASecrets)
DAY 3AD exploitationActive directory delegation issuesWOW64Pivoting and WinRMPersistence (Golden Ticket and DCSync)Lateral movement using WMIC
DAY 4Linux exploitationPort scanning and enumerationFS + SSHPrivilege escalationRservicesApacheX11 services
DAY 5Container breakoutDocker breakoutVPN exploitationVPNVoIP exploitationVoIP enumerationVoIP exploitationVLAN exploitationVLAN conceptsVLAN hopping attacks.
WHO SHOULD TAKE THIS CLASS?The class is ideal for those preparing for CREST CCT (ICE), CHECK (CTL), TIGER SST and other similar industry certifications, as well as those who perform penetration testing on infrastructure as a day job and wish to add to their existing skill set.
Latest exploits, highly relevant
Teaching a wide variety of offensive hacking techniques
Written by real pen testers with a world conference reputation (BlackHat, AppSec, OWASP, Defcon etc)
This Advanced Infrastructure Hacking class is designed for those who wish to push their knowledge. The
fast-paced class teaches the audience a wealth of hacking techniques to compromise various operating
systems and networking devices. The class will cover advanced penetration techniques to achieve
exploitation and will familiarise you with hacking of common operating systems, networking devices and
much more. From hacking domain controllers to local root, VLAN hopping to VoIP hacking, we have got
everything covered.
10 11
nots
osec
ure.
com
3 DAY CLASS ADVANCED TRACK
Whoever works with or against the security of modern web applications will enjoy and benefit from this class. This is not a beginner class and attendees are expected to have a good prior understanding of the OWASP top 10 issues to gain maximum value from the class. Further to this, the class does not cover all AppSec topics and focuses only on advanced identification and exploitation techniques of the vulnerabilities shown on the right.
Advanced Web Hacking – Black Belt Edition, is available for private groups. Delivered as on-site training around the world particularly in the UK, EU and USA for numbers up to 16 students. A list of on-site pre-requisites is available upon request.
AUTHENTICATION BYPASS Token Hijacking attacks SQL column truncation attack Logical Bypass / Boundary Conditions
SAML / OAUTH 2.0 / AUTH-0 / JWT ATTACKSJWT Token Brute-Force attacksSAML Authentication and Authorization BypassXXE through SAMLAdvanced XXE Exploitation over OOB channelsPASSWORD RESET ATTACKSCookie SwapHost Header Validation BypassCase study of popular password reset fails.
BREAKING CRYPTOKnown Plaintext Attack (Faulty Password Reset)Path Traversal using Padding OracleHash length extension attacks
BUSINESS LOGIC FLAWS / AUTHORIZATION FLAWSMass AssignmentInvite/Promo Code BypassReplay Attack
SQL INJECTION2nd order injectionOut-of-Band exploitationSQLi through cryptoNoSQL Injection
OS code exec via powershell.Advanced topics in SQli
REMOTE CODE EXECUTION (RCE)Java Serialisation AttackNode.js RCEPHP object injectionRCE through XXE (with blind XXE)RCE through XSLTRails’ Remote Code ExecutionRuby/ERB template injectionExploiting code injection over OOB channel
SERVER SIDE REQUEST FORGERY (SSRF)SSRF to query internal networkSSRF to code exec
UNRESTRICTED FILE UPLOADMalicious File ExtensionsCircumventing File validation checksWeb shells for modern platforms
MISCELLANEOUS TOPICSHTTP Parameter Pollution (HPP)XXE in file parsingA Collection of weird and wonderful XSS and CSRF attacks.
ATTACK CHAININGCombining Client-side and Server-side attacks to steal internal secretsB33r 101
NotSoSecure is pleased to launch their much awaited advanced Web Hacking class. Much like the Advanced Infrastructure Hacking class, this class talks about a wealth of hacking techniques to compromise web applications, APIs and associated end-points. This class focus on specific areas of app-sec and on advanced vulnerability identification and exploitation techniques (especially server side flaws). The class allows attendees to practice some neat, new and ridiculous hacks which affected real life products and have found a mention in real bug-bounty programs. The vulnerabilities selected for the class either typically go undetected by modern scanners or the exploitation techniques are not so well known. Attendees can also benefit from a state-of-art Hacklab and we will be providing 30 days lab access after the class to allow attendees more practice time.
This fast-paced class, gives attendees an insight into Advanced Web Hacking, the team has built a state of the art hacklab and recreated security vulnerabilities based on real life Pen Tests and real bug bounties seen in the wild.
The AWH course has been excellent with 100% positive feedback.
We’ve appreciated ourselves how much work must have gone into the labs, they are very strong and reflect the real world, so we’ve been thrilled.
The trainers are great, very knowledgable and engaging.
Anonymous – April 2018
Advanced Web Hacking
12 13
nots
osec
ure.
com
2 DAY CLASS SPECIALIST TRACK
AppSec for Developers
Covers latest industry standards such as OWASP Top 10
Insight into latest security vulnerabilities (such as mass assignment bug in MVC frameworks)
Thorough guidance on security best practices (like HTTP header such as CSP, HSTS header etc.)
References to real world analogy for each vulnerability
Hands-on labs
Internet distribution of all course materials
Pen Testing as an activity tends to capture security vulnerabilities at the end of the SDLC and is often
too late to be able to influence fundamental changes in the way code is written.
This class was written because of the need for developers to develop code and applications in a
secure manner. It does not need to be more time consuming, but it is critical to introduce security
as a quality component into the development cycle. The class does not target any particular web
development platform, but does target the general insecure coding flaws developers make while
developing applications. The examples used in the class include web development technologies such
as ASP, .NET, JAVA and PHP.
WHO SHOULD TAKE THIS CLASS?This class is Ideal for: Software/Web Developers, PL/SQL Developers, Penetration Testers, Security Auditors, Administrators and DBAs and Security Managers.
A highly-practical class that targets Web Developers, Pen Testers, and anyone else who would
like to learn about writing secure code, or to audit code against security flaws. The class covers
a variety of best security practices and defense in-depth approaches, which developers should
be aware of while developing applications.
Students will be provided access to infrastructure on which they will identify vulnerable code
and associated remediation. While the class covers industry standards such as OWASP Top
10 and SANS top 25 security issues, it also talks about real world issues that don’t find a
mention in these lists. The class does not focus on any particular web development language
/ technology but instead on the core principles. Examples include PHP, .NET, classic ASP and
Java.10 and SANS top 25 security issues.
DAY 1Module 1. Application Security Basics
Module 2. Understanding HTTP protocol
Module 3. Security Misconfigurations
Module 4. Insufficient Logging and Monitoring
Module 5. Authentication Flaws
Module 6. Authorization Bypass
Module 7. Cross Site Scripting (XSS)
DAY 2Module 8. Cross Site Request Forgery (CSRF)
Module 9. SQL Injection
Module 10. XML External Entity (XXE) Attacks
Module 11. Insecure File Uploads
Module 12. Deserialization Vulnerabilities
Module 13. Client Side Security
Module 14. Source Code Review
Founded by world renowned penetration tester Sumit “Sid” Siddarth and well-known cyber security entrepreneur Dan Haagman, NotSoSecure is a specialist firm focused on hacking training and penetration testing. A global Black Hat training provider in US and Europe. We Hack. We Teach. Visit notsosecure.com for more information.