Hack1/Hack2: Hacking Workshop

Computer abuse and cybercrime pose a threat to IT networks every day. They mostly happen very unobtrusively and are not noticed until damage has occurred. They therefore represent a serious threat. In order to enable companies to better protect their IT environment against dangers of this kind, we have developed the Hack1 and Hack2 workshops. During these workshops, we will examine the topic of IT security from the perspective of a perpetrator or a "hacker". This can then help the workshop participants to better protect networks in their own area of responsibility. Although both parts can be attended independently of one another, workshop 2 builds on workshop 1.

Workshop 1


Information sources

  • Identification of accessible systems; Search for indications of potential attack targets

Standard security tools and their use

  • Port scanner, Sniffer

Man-in-the-middle (MitM) attacks

  • Especially in local networks, man-in-the-middle attacks can be used to read encrypted traffic or listen to VoIP telephone calls. Attack scenarios will be implemented and protection mechanisms will be discussed during the workshop.

Password security under Linux and Windows, and in Windows networks

  • Using different cracking techniques, we will estimate the security offered by a password policy.

Security gaps in the network

  • Procedure adopted by an attacker to exploit vulnerabilities in the network (use of exploits, trojanization of the target system)


Two days

Workshop 2


Metasploit Framework

  • Introduction to and handling of different modules

Security in Windows networks

  • Escalation of user privileges to the domain administrator, handling of Windows tokens

Security scanners

  • Functionality, configuration and handling of a security scanner


  • Use of harmless protocols for hidden transmission of data or external remote access


Two days