Penetration Testing & Network Exploitation Labs

Introduces students to host target analysis on Windows systems. Topics include basic through intermediate Windows Command Line skills, PowerShell cmdlets and the PowerShell attack framework called PowerPreter.

• Using DOS: Students will learn a variety of DOS command line commands to navigate the system, identify users, identify network configuration, search, modify & manipulate files as well as scripting in DOS.
• Using PowerShell: Students will receive an overview of PowerShell commands.
• Leveraging PowerShell: Students will learn how to use Windows Management Instrumentation to manage both host and remote systems as well as using PowerPreter to steal password hashes and perform port scans.

Introduces student to basic scanning and exploitation of systems on internal networks that replicate a real-world penetration test. Students learn how to map, discover and exploit web applications, which requires the tester to understand how they communicate and the role the server plays in the relationship. Students learn how to conduct reconnaissance against a web server, followed by mapping its architecture and challenged with discovering vulnerabilities and misconfigurations for follow-on exploitation.

• Scanning LAN Segment: Students use Nmap and Metasploit to identify all of the hosts on the network.
• Verifying Scan Data through Banner Grabbing: Students use netcat to validate the host OS and find open ports on a target host.
• Target Host Enumeration: Students use Metasploit to identify open ports on a target host.
• Exploiting Linux Hosts: Students use Metasploit to execute exploit code on a remote Linux host.
• Web Application Mapping, Discovery and Exploitation with BurpSuite & Nikto: Students use BurpSuite and Nikto to intercept web traffic, scan webservers behind firewalls and inject a PHP attack.
• Windows Restricted Desktop Escape & Exploitation: Students will break into a Windows 7 desktop computer using standard windows tools.

Students learn how to simulate an insider threat and escape restricted environments by abusing native services and functionality. Students then move to routed attacks against clients that have NAT devices, firewalls and DMZs deployed. They learn how to exploit a variety of web-facing services and gain access to the DMZ. Once in the DMZ they are asked to pillage the hosts and find additional information to assist in pivoting deeper into the network and into network segments that don’t touch the web directly.

• Scan Web Facing Target IP: Students will use the Metasploit console to scan for live hosts using nmap to identify firewalls, webservers and vulnerabilities.
• Web Application Scanning: Students will use nitko to scan and enumerate webserver applications.
• Web Application Spidering with BurpSuite: Students will use Burpsuite as an intercept proxy to penetrate web applications.
• SSH Exploitation: Students will learn how to establish a route from outside on the Internet with an attack host to a live internal victim computer and establish a compromised DMZ host to an internal LAN segment.
• Scan & Exploit Internal Segment: Students will learn how to extend their access from the internal LAN segment to the rest of the network and perform scans of the larger network.
• Covering Tracks: Students learn how to modify audit logs to cover their tracks.
• Final Challenges: Students are asked to demonstrate their skills by performing the techniques they learned on a new scenario.