Advanced Penetration Testing (APT):
Pentesting High Security Environments
Our friends at LearnSecurityOnline have put together a pretty cool new course that goes way beyond the basics of ethical hacking. This will be an instructor-led course taught by Joe McCray himself in Greenbelt, Maryland from May 17th - 21st 2010. For those of you that don't know Joe, he not only owns LSO but also performs pen tests for a living. He has spoken at numerous conferences and is a respected professional. You can also get to know him better with the upcoming interview on EH-Net by Jason Haddix.
There are 2 options, course only or all-inclusive (with flight, hotel and breakfast). There are plans to have several more of these highly hands-on courses in several locations around the globe.
View the short description below, but if you decide to go, please let LSO know that you heard about it from us, EH-Net. Or you could simply use the 2 links below:
Advanced Penetration Testing (APT): Pentesting High Security Environments course is a five-day intensive that focuses attacking and defending highly secured environments such as 3-letter agencies, DoD, financial organizations, federal organizations, and large companies.
This is NOT your normal Ethical Hacking course. You won't be attacking unpatched Windows 2000 Servers, and you won't be learning a bunch of outdated tools like most Ethical Hacking courses.
In APT, you will be learning how to attack new operating systems such as Windows Vista, Windows 7, Windows Server 2008, and the latest Linux servers. All of these servers will be patched, and hardened. Both Network and Host-based Intrusion Detection/Preventions systems (IDS/IPS) will be in place as well. The learning curve is high, but the rewards are astronomical.
The course starts with attacking heavily protected environments from the outside and dealing with things like Load Balancing, Deep Packet Inspection, and Network-Based IDS/IPS. Next is attacking web applications and dealing with common application security measures in PHP/ASP.NET, and Web Application Firewalls.
Then the course moves on to attacking from the LAN, dealing with NAC solutions, locked down workstations/GPOs, and Host-Based IDS/IPS. Then finally the last section of the course covers gaining control of Active Directory.
Pentesting High Security Environments is NOT a death by powerpoint course. Over 80% of class is hands-on hacking labs.
Students that are Network/System Administrators with three or more years experience working in environments such as financial institutions, DoD networks, or similar high security environments will benefit greatly from this course. It is however primarily designed for Network/Web Application Penetration testers that are looking for the little tips and tricks that will help them better attack high security environments.
For more info, please see the course outline:
http://www.trainace.com/courses/apt/Forgive the repeated request, but please let LSO know that you heard about this from EH-Net by either using the specific purchase links above or by telling them personally.Thanks and let us know what you think of the course,
Don
Networking : certificationkits
Hadnagy : [Article]-An Insider`s Look at the Social-Engineer.Org SE CtF at DEFCON
Editor-In-Chief : Free Webcast: Don't Pick the Lock, Steal the Key - PW Auditing with Metasploit
Links to cool sites. : Ninja-Sec Challenge You !
Tools : Nmap 6 Released
