Hack1/Hack2: Hacking Workshop

Computer abuse and cybercrime pose a threat to IT networks every day. They mostly happen very unobtrusively and are not noticed until damage has occurred. They therefore represent a serious threat. In order to enable companies to better protect their IT environment against dangers of this kind, we have developed the Hack1 and Hack2 workshops. During these workshops, we will examine the topic of IT security from the perspective of a perpetrator or a hacker. This can then help the workshop participants to better protect networks in their own area of responsibility. Although both parts can be attended independently of one another, workshop 2 builds on workshop 1.

Workshop 1

Topics

Information sources

  • Identification of accessible systems, Search for indications of potential attack targets

Standard security tools and their use

  • Port scanner, Sniffer

Machine-in-the-middle (MitM) attacks

  • Especially in local networks, machine-in-the-middle attacks can be used to read encrypted traffic or listen to VoIP telephone calls. Attack scenarios will be implemented and protection mechanisms will be discussed during the workshop.

Password security under Linux and Windows, and in Windows networks

  • Using different cracking techniques, we will estimate the security offered by a password policy.

Exploitation of security gaps

  • Procedure adopted by an attacker to exploit vulnerabilities (use of exploits, trojanization of the target system)

Duration

Two days

Workshop 2

Topics

Metasploit Framework

  • Introduction to and handling of different modules

Security in Windows networks

  • Escalation of user privileges on Windows systems as well as in the Windows network and even the rights of a domain administrator
  • Understanding of typical procedures such as pass-the-hash
  • Extraction of plaintext passwords and takeover of user sessions

Vulnerability scanners

  • Functionality, configuration and handling of a security scanner

Tunneling

  • Use of harmless protocols for hidden transmission of data
  • Redirection of network traffic through compromised systems to bypass firewalls or obtain remote access

Duration

Two days

DO NOT HESITATE TO GET IN TOUCH +49 (0)7071 - 40 78 56-0 or anfrage@syss.de | OUTSIDE REGULAR OFFICE Hours CALL +49 (0)7071 - 40 78 56-99

As a framework contract customer please dial the provided on-call service number

DO NOT HESITATE TO GET IN TOUCH +49 (0)7071 - 40 78 56-0 or anfrage@syss.de

OUTSIDE REGULAR OFFICE Hours CALL +49 (0)7071 - 40 78 56-99

As a framework contract customer please dial the provided on-call service number

GET IN TOUCH

+49 (0)7071 - 40 78 56-0 or anfrage@syss.de

OUTSIDE REGULAR OFFICE Hours

+49 (0)7071 - 40 78 56-99

As a framework contract customer please dial the provided on-call service number