> > > AIH Detailed outline

Advanced Infrastructure Hacking (AIH)

Course Description Schedule Course Outline

Detailed Course Outline

Day 1

Hacking Networks, Databases

“Lets begin – we start to warm up, get our minds into that of a hacker, scan, enumerate, crack passwords and exploit databases.”

  • 1.1 TCP/IP & Network Enumeration
  • 1.2 Port scanning
  • 1.3 TCP/UDP scanning
  • 1.4 Windows/Linux enumeration
  • 1.5 The Art of brute-forcing
  • 1.6 Insecure SNMP Configuration
  • 1.7 Database Exploitation (Oracle, Postgres, Mysql)
  • 1.8 Hacking Application servers (Websphere)
  • 1.9 Exploiting SSL vulnerabilities such as heartbleed
  • 1.10 Exploiting remote systems via Shellshock
  • 1.11 Exploiting Java and PHP serialization bugs
Day 2

Advanced Windows Hacking

“Turning our attention to Windows, we examine local and remote exploits, privilege escalation and hack Windows credentials.”

  • 2.1 Windows Vulnerabilities
  • 2.2 Mastering Metasploit
  • 2.3 Latest remote exploits
  • 2.4 Pivoting within internal network
  • 2.5 Local privilege escalation
  • 2.6 Custom payloads
  • 2.7 Post-exploitation
Day 3

Hacking Windows Domains

“We continue working on Windows on day 3 and dive into various ways to perform remove exploits including focusing on compromising the Domain Controllers.”

  • 3.1 Compromising Windows Domain
  • 3.2 Pass the hash
  • 3.3 Pass the ticket
  • 3.4 Breaking Kerberos
  • 3.5 Third party exploits (browser, java, pdf)
Day 4

Advanced Linux Hacking

“We dive into Unix vulnerabilities, both local and remote exploits, using permissions and services to our advantage.”

  • 4.1 Linux Vulnerabilities
  • 4.2 Finger
  • 4.3 Rservices
  • 4.4 NFS Hacks
  • 4.5 SSH hacks
  • 4.6 X11 vulnerabilities
  • 4.7 Local Privilege escalation
  • 4.8 Kernel exploits
  • 4.9 Weak file permissions
  • 4.10 SUID/SGID scripts
  • 4.12 Inetd services
Day 5

Hacking VLANs, VoIP, Switches & Routers

“Ever thought that VPNs, VoIP and VLANs are secure? We examine how such services are compromised and step out of the box.”

  • 5.1 VLAN Hopping
  • 5.2 Hacking VoIP
  • 5.3 Exploiting insecure VPN configuration
  • 5.4 Switch/Router vulnerabilities