Masterclass: Windows Infrastructure Pen-testing with Mike Jankowski-Lorek, Ph.D.

Open Virtual Class – Super Intensive Remote Training with Labs!
November 23rd – 25th, 2020 (9:00am – 4:00pm CEST Monday to Wednesday)

Register now

OPEN VIRTUAL CLASS

This is an international Open Virtual Class, which means you will share the learning experience in a group of IT pros from around the world! The class is taught in English by Dr. Mike Jankowski-Lorek, who is one of the core CQURE’s Cybersecurity Experts, and also CQURE’s Director of Consulting! Please Remember that this course is limited to 12 participants total to ensure the highest quality and unique learning experience! During this course you will have an opportunity to interact with the instructor and get Mike’s help with any problems you might encounter, just as if it was a regular class.

About the course:
You will enjoy it! The course teaches strategy and advanced techniques for performing internal infrastructure penetration testing in highly secure Windows infrastructure. Our course has been developed around professional penetration testing and security awareness in the business and IT fields. To make sure that all participants gain the necessary infrastructure security concepts and knowledge, our classes have an intensive hands-on labs format.

We have gathered knowledge from top worldwide known experts and combined their skills to prepare unique content allowing you to prepare for performing penetration testing or red team exercise for your organization.

Target audience:
Pen-testers, red teamers, Windows network administrators, security professionals, systems engineers, IT professionals, security consultants and other people responsible for implementing infrastructure security.

Materials:
Author’s unique tools, over 100 pages of exercises and presentations slides with notes.

Every exercise is supported with lab instructions and multiple tools, both traditional and specialized. CQURE trainers recommend students have some knowledge of security concepts, such as operating system services and architecture. However, all required concepts will be covered throughout the course.

Platform and Technical Requirements:
To participate in the course you need a Stable internet connection. For best learning experience we also need you to have a webcam, headphones and a microphone. Open RDP port 3391 for the connection to the Lab environment is needed as well. We will setup a secure Zoom classroom for every day of the course – we will send you a safe link to join the conference by e-mail.

Certification:
After finishing the course, you will be granted a CQURE Certificate of Completion. Please note that after completing the course you will also be eligible to claim CPE points!

COURSE SYLLABUS

Module 1

Module 1: Evolution of Hacking

  • a) Evolution of vulnerabilities
  • b) Persistent Threats
  • c) Malware evolution

Module 2

Module 2: Operating System Services Security Overview

  • a) Services Security
  • b) Active Directory Security

Module 3

Module 3: Operating System Internal Security

  • a) Permissions and Privileges
  • b) Password Security
  • c) Offline Attacks
  • d) Pass-The-Hash Attacks with custom CQURE Tools
  • e) DPAPI Attacks with custom CQURE Tools
  • f) Cached Logons Attacks with custom CQURE Tools
  • g) Exploiting a lack of access controls

Module 4

Module 4: Databases Security

  • a) SQL Server Service
  • b) Authentication Modes
  • c) Stored Procedures

Module 5

Module 5: Reconnaissance and Target Profiling

  • a) Network Scanning
  • b) Man-in-the-middle Attacks

Module 6

Module 6: Tampering with Communication (Wired and Wireless)

  • a) Wireless Protocols Security
  • b) NetBIOS Spoofing
  • c) ISMB Security

Module 7

Module 7: Malicious Files Execution

  • a) Anti-antimalware techniques
  • b) Non-exe Malware

Module 8

Module 8: Google Hacking

  • a) Open Source Intelligence
  • b) Possible Targets
  • c) Building Advanced Queries

Module 9

Module 9: HTTP Request Building

  • a) Cross Site Scripting
  • b) Injection Attacks
  • c) Information Leakage and Error Handling

Module 10

Module 10: Legal Issues

  • a) Paperwork
  • b) Reporting
  • c) Responsibility
Register now

Click here to browse the modules:

YOUR TEACHER

Mike Jankowski-Lorek, Ph.d.

Cybersecurity Expert, CQURE's Director of Consulting

Mike Jankowski-Lorek is a solution architect, developer, data scientist and security expert with more than 12-years’ experience in the field. He designs and implements solutions for Databases, Network & Management area, mainly for Microsoft platform for medium to enterprise level organizations. Mike holds multiple certifications, especially security, database and software development related. He is one of core Experts at CQURE and holds a PhD in Computer Science.

×