Robert Houck - Threat Methodologies - $2325 ($2175 early registration)
Trainer bio:
Robert Houck is a Computer Scientist with vast technical experience in various subjects including AWS cloud, machine learning pipelines, system testing, standards verification, penetration testing, risk assessment, cyber security, and sensor fusion. He is an Intelligence Professional with over 16 years of technical experience including SIGINT analysis, target development, counter-terrorism, advanced technologies, collection management, customer relations, and report writing. Tested and effective leader in high stress environments. Approaches problem solving through fact-based decisions.
Trainer social media links:
@DeloitteUS on Twitter
#deloitte on Twitter
Full description of the training:
Deloitte’s Threat Methodology is a two (2)-day course which provides participants with an understanding of how an attacker approaches the exploitation process. Participants learn to research a target, create a plan of attack, utilize different tools and techniques commonly used by adversaries, and execute their plan to gain access to a remote network. Once on the network, participants learn the techniques adversaries use to hide from detection and gain access to multiple different private networks. Participants also learn how to weaponize a vulnerability and use an exploit to gain access to a network.
The Threat Methodology course provides participants with a baseline understanding of the tactics, techniques, and procedures an attacker uses to gain access to a network. These concepts are then expanded through labs and lectures to provide a deeper understanding of the methodology to participants from diverse backgrounds gain deeper understanding into how an attacker operates and moves in an environment and what network traffic is generated by such actions. A capstone event leverages the tactics, techniques, and procedures learned throughout the course to provide participants with a scenario where they gain access to a network and exfiltrate confidential company information.
*Students will receive 6 months of access to our virtual lab environment.
Short description of what the student will know how to do, after completing the class:
Threat Methodology is a 2-day course focusing on adversary approaches to the exploitation process. Participants will learn how to research a target, develop a plan of attack, and execute their plan to gain access to a remote network. The Threat Methodology course provides participants with a baseline understanding of the tactics, techniques, and procedures an attacker uses to gain access to a network. These concepts are then expanded through labs and lectures to provide a deeper understanding of the methodology to participants from diverse backgrounds gain deeper understanding into how an attacker operates and moves in an environment and what network traffic is generated by such actions.
*Students will receive 6 months of access to our virtual lab environment.
Outline of the class:
Adversary Attack Methodology
Review a common methodology attackers use to gain access to systems
Identify footprinting techniques
Identify active scanning techniques
Identify detailed network and host discovery methods
Use network visualization techniques to identify potential vulnerabilities
Identify techniques used to gain network access
Identify techniques used to gain elevated access to resources
Identify goals once access is gained
Adversary Attack Methodology: Footprinting
Identify the methodology and theory behind Open-Source Intelligence (OSINT) footprinting
Identify and use open-source tools used to perform OSINT footprinting
Harvest files and email addresses
Review Google hacking (Google dorking) basics
Develop a target profile
DNS queries
Maltego
Shodan
Footprinting (Hands-on Exercise)
Adversary Attack Methodology: Network Mapping
Identify the purpose of creating a network map
Use tools to create network maps
Network mapping (Hands-on Exercise)
Adversary Attack Methodology: Scanning
Use tools to identify systems on a network
Examine network traffic to discover systems
Adversary Attack Methodology: Enumeration
Use tools to identify open ports and services running on a system
Use tools to identify potential vulnerabilities
Nmap scripts
Exploit-db
Searchsploit
Fuzzing
Scanning (Hands-on Exercise)
Adversary Attack Methodology: Gaining Access
Identify the two primary categories of exploits
Identify the components of a remote exploit
Demonstrate the ability to gain access to a system using a remote exploit
Demonstrate the ability to generate custom resources to gain access to a system
Identify and demonstrate brute forcing and password cracking concepts
Identify social engineering and its different categories
Identify and demonstrate gaining access to a system using a user masquerade
Gaining Access – brute forcing credentials Scanning (Hands-on Exercise)
Adversary Attack Methodology: Gaining access – Metasploit Framework
Describe the advantages of using Metasploit
Use the search functionality to identify potential exploits
Identify Metasploit folder structure and content
Contrast shell, Meterpreter sessions
Discuss advantages and disadvantages of the reverse and bind payloads
Configure and use a multi/handler
Craft a payload using msfvenom
Investigate the functionality of Metasploit exploits, auxiliary, post, and server modules
Identify the concepts behind privilege escalation using local exploits and target profiling
Adversary Attack Methodology: Privilege Escalation
Privilege escalation considerations
Local privilege escalation
Misconfiguration
Shadow file
Windows
Unix
Privilege escalation (Hands-on Exercise)
Adversary Attack Methodology: Post Exploitation
Identify common techniques employed after exploitation
Identify and implement techniques to hide data on a target system
Identify and implement persistence on a target system
Identify DLL purpose and common attack techniques
Post exploitation (Hands-on Exercise)
Technical difficulty of the class (Beginner, Intermediate, Advanced):
Beginner-Intermediate
Suggested prerequisites for the class:
There are no prerequisites for this class.
Items students will need to provide:
Participants will need to bring their own device with a modern web browser / keyboard.
DATE: August 12th-13th, 2024
TIME: 8am to 5pm PDT
VENUE: Sahara Las Vegas
TRAINER: Robert Houck
- 16 hours of training with a certificate of completion.
- 2 coffee breaks are provided per day
- Note: Food is not included
Registration terms and conditions:
Trainings are refundable before July 1st, the processing fee is $250.
Trainings are non-refundable after July 10th, 2024.
Training tickets may be transferred. Please email us for specifics.
Failure to attend the Training without prior written notification, will be considered a No-Show. No refund will be given.
By purchasing this ticket you agree to abide by the DCT Code of Conduct and the registration terms and conditions listed above.