Hacking in Practice 1 – Three-day training

Come and explore the mysterious world of hacking and its many nooks and corners. Sharing his knowledge with you on this exciting journey will be the co-founder of TandemSec and ethical hacker with many years of experience, Lukáš Antal.

You will learn

What is the easiest way to hack a bank? Is everything that looks like an ordinary USB drive really just a harmless USB drive? What is the easiest way to hack a password? Can you fake a caller ID? How do you map a network and pick your target? How to quietly compromise a Windows station and gradually escalate your privileges all the way up to the level of the domain administrator - the overlord of the Windows network? Can you break through WEP, WPA, WPA2, or even WPA3? Are Enterprise Wi-Fi networks more secure than the ones we have at home? How do you hack a Wi-Fi network using nothing but your phone?

All these and many other questions will be answered during the Hacking in Practice 1 course.

Designed for

  • • Network and system admins
  • • Programmers, developers, testers
  • • Ethical hacking and IT Security enthusiasts in general

Pre-requisite knowledge

  • • Windows and Linux systems at the user level
  • • Elementary knowledge of TCP/IP

Curriculum

The curriculum of this course is built around many years of experience as an ethical hacker and covers a variety of topics from different areas of computer security. The emphasis of this course is on sharing knowledge of real-life penetration testing, attacks, and its analysis.

  • Social Engineering
  • Social Engineering via USB drives (baiting)
  • USB RubberDucky – real attacks demonstration
  • BadUSB, USB Ninja, USB Killer – Offensive USB devices
  • Psychological manipulation for malware execution
  • Macroviruses and their uses in the present
  • DDE (Dynamic Data Execution)
  • MS Office vulnerability exploitation
  • Fake Windows shortcuts, Self-Extraction Archives
  • Demonstration of creating useable Trojan horse malware
  • Virustotal and its alternatives
  • Phisning, Spearphishing
  • Vishing, Faking Caller ID with SMS and calling
  • Social Engineering via telephone – audio of real attacks
  • HW Keyloggers and Videologgers, the easy way to passwords
  • LAN Turtle and Bash Bunny
  • How to defend
  • Hacking Windows and Active Directory
  • Passwords in Windows
  • LM/NTML hashes - Cracking a Pass the Hash
  • Hashcat – usage, demonstration, password analysis
  • LSA secrets – Password extraction
  • Cached Credentials – Domain password hashes extraction
  • LSASS – Plaintext passwords extraction
  • Mimikatz, WCE
  • Active Directory security
  • LLMNR, NBNS, mDNS Poisoing
  • SMB Relay
  • Kerberos security
  • Kerberoasting
  • Silver & Golden Ticket Attack
  • Methods of compromising domain admins
  • Demonstrations from the ethical hacking practice
  • Methods of defense
  • Hacking WiFi networks
  • Different wireless technologies
  • Hacking WiFi with a shared password
  • WEP - Packet Injection
  • WEP - Korek Chop Chop
  • WEP - Fragmentation Attack
  • WEP - Cafe Latte Attack
  • WPA - Beck-Tews Attack
  • WPA/WPA2 - Handshake Capture
  • WPA/WPA2 - KRACK
  • WPA3 - Dragonfly handshake vulnerabilities
  • WiFi Protected Setup (WPS)
  • Tools comparison
  • Rogue AP and its detection
  • Visitor WiFi with Captive Portal Hacking
  • WPA Enterprise hacking - PEAP (Domain account)
  • WPA Enterprise hacking - EAP-TLS (Certificates)
  • WPA Enterprise hacking - LEAP (Cisco)
  • Nethunter (Kali Linux for mobiles phones)
  • WiFi Denial of Service
  • Router and Access Point hacking
  • WiFi PineApple

Back to homepage