0345 4506120

Cyber Arsenal for Red Teams

This course aims to teach that no threat is quite as impactful as physical access! Both experienced pentester and average defender alike will take both new tools and valuable insight away with them. A hands-on practical one day couse where you will learn by doing, building your tools and platform that you will take away with you. Practice in our safe environment against targets in a lab designed to support your development.

The course arms pentesters with the tools necessary to progress your assesment through physical access. We will equip you with the tools needed to perform various Human Interface Device (HID) attacks, Password hash capture from locked machines, SSL HSTS defeat, HTTP cache poisening and even Tempest intercept! You will also be given the chance to test your newly built attack and experement with your own attacks against targets in our safe environment.

This course also gives users, Security managers and Risk managers keen insight to how physical attacks are performed. What the impact is and how to mitigate and protect against them.

This course is designed for IT professionals and technical managers who want to understand physical attacks and how best to address them. The course will also be of benefit to IT systems analysts, designers and software developers.

  Reset

Learning Objectives

Delegates will learn how to:

  •   How to evaluate, reduce, monitor and secure the physical attack surface (PAS)
  •   Prepare, plan and conduct physical attack surface attacks
  •   About human interface device attacks (HID), practical generation and deploying payloads
  •   Insights surrounding common network attacks, Inc. wired, wireless and USB
  •   Understand and carry out common pen test tooling and automation techniques
  •   Create, build and deploy a network attack platform (to take away with you post course)
  •   Post exploitation tasks and instrumentation - practical cracking
  •   Discover the secrets of Tempest attacks, overcoming range limitations and build a Tempest VM Lab

Pre-Requisites

There are no specific pre-requisites for this course. However a general understanding of development practices and a broad understanding of current threats would be desired. There are group exercises, and instructor led ‘hands-on’ labs within each module of this course. Delegates can observe the instructor demonstrations or engage fully with each hands-on lab, subject to experience.

The intended audience for this course is primarily Project Managers, Business Analysts, Junior Developers and Designers. Plus anyone with an interest in building and maintaining secure systems lifecycle.

Note: This course is not designed for the experienced software developer and does not cover hands-on coding.

Course Content

Physical attacks

  •   What are physical attacks?
  •   Evaluating the physical attack surface
  •   Reducing the physical attack surface
  •   Monitoring the physical attack surface
  •   Securing the physical attack surface

Human Interface Device attacks (HID)

  • What are HID attacks, Why attack a HID?
  •   Equipment needed
  •   Payload Generation
  •   Payload Delivery
  •   Wireless HID Demo
  •   Live Demo
  •   Build HID Workshop
  •   Deploy HID Workshop

Network Interface attacks

  •   What are network attacks
  •   Ethernet, WiFi, USB
  •   Why Network attacks?
  •   Tool installation and automation
  •   Build network attack platform (NAP) workshop
  •   Deploying a netwok attack platform
  •   Post exploitation - cracking
  •   Pass The Hash and Kerberos Golden Ticket

Tempest intercept

  •   What is Tempest?
  •   Range
  •   Building Tempest VM Workshop
  •   Deploying Tempest
  •   Overcoming range limitations workshop

Privacy Notice

In order to provide you with the service requested we will need to retain and use your contact information in accordance with our Privacy Notice. If you choose to provide us with this information you explicitly consent to us using the information as necessary to provide the requested service to you. If you do not agree please do not proceed to request the service from us.

Marketing Permissions

Would you like to receive our newsletter and other information on products and services which we think will be of interest to you by email. We will always treat your information with care and in accordance with our Privacy Notice. You are free to withdraw this permission at any time.

 

Online Courses

You may prefer an online course if you are looking for a flexible and cost-effective solution. Online courses allow you to study at your own pace, at a time that suits you.

We have the following eLearning options available:

Our Customers Include