“To become the enemy, see yourself as the enemy of the enemy”
Kahepäevane jätkukoolitus Hands-on Hacking Essentials (HOHE) läbinutele. Sedapuhku võtame luubi alla ründaja vaate - püüame aru saada tema tegevustest ja käitumisest, püüame mõelda nii nagu ründaja. Ikka selleks, et suuta vastu seista veebipetturluse karmis maailmas.
Kestus: 24 ak tundi
Sihtrühm: IT- ja infoturbe spetsialistid, süsteemide administraatorid, IT helpdesk töötajad.
Eeldus: Hands-on Hacking Essentials (HOHE) kursuse läbimine
Koolitus toimub inglise keeles
Contents of the training
Hands-on Hacking Advanced (HOHA) is a follow-up to our Hands-on Hacking Essentials (HOHE) training. While HOHE is an eye-opening “shock therapy” training mostly for defenders, HOHA introduces more of the attacker and red teaming perspective. While the training still focuses mostly on the individual skills of participants, we will introduce red team team-working mode towards the end of the training with team servers and beacon servers.
While HOHE was intentionally built around totally freely available tools, HOHA is mostly built around Cobalt Strike (a commercial and red teaming oriented version of Armitage which we use in HOHE). Since Clarified Security team uses Cobalt Strike in red teaming for large-scale cyber exercises, mostly for client-side attacks, this training derives from these practical experiences and makes such training with red teaming twist available for wider audiences.
With HOHA course we build on our (pre-requisite) HOHE training and deliver 2 days of first-hand, pure hacking experience where a large „Network Takeover” scenario takes a center stage and teamworking mode sets in towards the end.
During the 2 day hands-on training experience the participants should build upon HOHE training in understanding of current attacker tool-sets, attack types and methods. By experiencing the attacker mindset and point of view via hands-on exercises the participants not only will use Cobalt Strike and other tools from a red team member perspective and should understand what it takes in terms of individual skills to be a read team member with a taste of team-working as well.
Technical requirements for the training
Good Internet connection - at least 10Mbps download speed via a network cable (RJ45 connector) for connecting the classroom to the training server in Tallinn via our VPN device. VPN device just needs to get an IP address via DHCP and have outgoing IPSEC traffic enabled to our training environment IP addresses. The participants will be using only VNC and SSH clients to connect to BackTrack virtual machines in the training environment via this VPN connection, thus only good download speed is essential. All Internet access and network intensive activity and takes place within the training server.
Participants' computers - any computer or laptop with any Operating System will do, as long as VNC and SSH clients are installed. The customer is expected to provide the LAN (switch + cables + power jacks) that can be connected to our VPN device that supplies IP addresses via DHCP. In case of laptops, we can provide our own WiFi Access Point for creating a LAN. Minimum 1024x768 monitor resolution is recommended.
Toimumise koht: Lõõtsa 8, 8. korrus (või tellija juures grupitellimuse puhul)
Koolitaja: Heliand Dema holds a B.Sc. degree in Computer Science from University of Indianapolis and a M.Sc. degree in Cyber Security from Tallinn University of Technology. He wrote his masters thesis about APT (Advanced Persistent Threat) along with a virtualized training scenario. His areas of expertise are OS, Networking, Client Side Attacks, Social Engineering, Red Teaming. Besides being the Red team Client Side leader for Locked Shields Cyber Exercise organized by NATO Cooperative Cyber Defence Centre of Excellence, Heliand has also played a remarkable role in developing scenarios for the exercise and is a co-developer and trainer for our HOHE course.