Infrastructure Pentesting: Hackers Perspective or Notes from the Field

by CQURE Experts Paula Januszkiewicz and Artur Wojtkowski

The CyberBytes are virtual trainings developed to provide practical skills required of cybersecurity professionals. Take the CyberByte from world-class cybersecurity pros and stand up to the pace of fast-changing cybersecurity landscape.





After investing in cybersecurity to protect their systems and data from the possibility of a cyberattack, many companies want to make sure their security countermeasures are effective by conducting a penetration test.

But who can they trust to evaluate the effectiveness of security countermeasures? Considering the oft-quoted statistic that around 80% of all cyberattacks are the result of human error, it’s not surprising many people believe that the success of a penetration test lies largely in the skill and experience of the testers.

Now, you have the opportunity to prove that you have the skills and experience they need when you complete our advanced cybersecurity training: “Infrastructure Pentesting: Hackers Perspective or Notes From the Field.”

This advanced training, which requires a foundational understanding of Powercat and Inveigh tools, is a recorded training extracted from our AWSC 2020 edition. In less than three hours, this training based on real-world scenarios will equip you with the skills and know-how to conduct effective pentest and vulnerability management.

We highly recommend this advanced training to penetration testers and any cybersecurity expert eager to develop their skill set and advance their career.

How is this training different?

Short and Intense

Time is precious, that’s why we squeezed the best from the topic into a format designed to feed you with knowledge in short time. Effective solution designed to maximize learning.

Level: Advanced

Going deep and straight to the advanced stuff. Brace yourself as our pace is quite intense. Expect a bit of steam coming out of your ears as we’ll be covering: pentesting methodology, DNS, OSINT framework, Shellcode examples, masking techniques, Service enumeration, Spoofing and MITM examples and much more!

Hands-on Training

The training is extensively hands-on as it has been designed by passionate practitioners and obsessive researchers from CQURE Team.

World-Class Experts

We’re bringing you Paula Januszkiewicz and Artur Wojtkowski as your teachers.

Training Formula

Intense Deep-dive

New format for busy professionals that enables you to skill up in a specific area quickly.

Action Packed

You’ll learn about pentesting methodology, DNS, OSINT framework, Shellcode examples, masking techniques, Service enumeration, Spoofing and MITM examples and much more!

Lifetime Access

You’ll get an unlimited access to all the materials.

Extra Materials

We’ve prepared slides and video recording for students to keep.

Real-World Scenarios Demos Included

Get real-world experience from a hackers perspective! Get a demonstration of real infrastructure attacks through 7 types of penetration testing methodology and the 4 levels of vulnerability management.

Discount for Other Courses

By joining the training, you’ll automatically receive a 10% discount for any on-demand online course of your choice by CQURE Academy  to keep the learning momentum going for you. Spend it wisely!

Training Syllabus

Module 1

Infrastructure Pentesting: Hackers Perspective or Notes from the Field


This training will teach you how real IT infrastructure attacks are performed nowadays. We will explain the tools and methods used by attackers and how social engineering is used to make employees perform activities that are dangerous to the company’s IT infrastructure. This training is based on real world scenarios.


Topics covered:

  1. Pentesting methodology
  2. DNS
  3. OSINT framework
  4. Shellcode examples
  5. Masking techniques
  6. Service enumeration
  7. Password attacks
  8. Spoofing / MITM examples
  9. Example persistency methods

Please note that this training is one of the modules of the Advanced Windows Security Course 2019. And it is recommended for cybersecurity specialists and requires a foundational understanding of Powercat and Inveigh tools.

Your teacher

Paula Januszkiewicz


Paula is a Microsoft Security Trusted Advisor, IT Security Auditor and Penetration Tester.

On top of that, she’s an Enterprise Security MVP and trainer (MCT). She shares her expertise on Windows Security through online writing and speaking at conferences (she already checked off TechEd North America, TechEd Europe, TechEd Middle East, RSA, TechDays, CyberCrime — to name but a few). She proudly holds the role of the Security Architect in IDesign and manages her own company CQURE.

Artur Wojtkowski


Artur Wojtkowski is CQURE’s Expert with over 13 years of experience gained in many industries, mainly in the telecommunication, banking and insurance sector. He has excellent skills in the area of infrastructure, web and mobile application penetration testing.

During his career, his tasks also included: performing social engineering tests, security code review, performance testing, security management in telecommunication companies, ISO 27001 implementation, administration of SIEM and PKI systems. Member of (ISC)2 and (ISC)2 Poland.

Holder of the certificates: OSCP, OSCE, CISSP.

Who Is It For

Intermediate to Advanced
Windows Security Professionals

If you want to level up in a specific area fast, this training is for you. We promise to challenge your ways of thinking and executing.

Cybersecurity Specialists

You are cybersecurity specialists with understanding of Powercat and Inveigh tools.

Brave Newbies

If you are a newbie bear in mind that the training WILL NOT cover the basics — so it might be a bit challenging for you. The cool thing is that you will be granted lifetime access to the materials so you can learn the topic in your own pace whenever you want.


  • Access to almost 3-hour recorded practical lesson including demo of real
    infrastructure attacks
  • Training materials to download
  • The virtual training covers: pentesting methodology, DNS, OSINT framework, Shellcode examples, masking techniques, service enumeration, password attacks, Spoofing / MITM examples, persistency methods and more.
  • One year of access to video recording and training materials for you to keep and get back to whenever needed.

Infrastructure Pentesting: Hackers Perspective or Notes from the Field