Red Team Summit CFP now open! Register Here
Shopping Cart

No products in the cart.

Penetration Testing: Beyond the Basics with Tim Medin

Penetration Testing: Beyond the Basics with Tim Medin

Overview

  • Course Length: 16 hours
  • Support from expert instructors
  • Includes a certificate of completion
  • 12 months access to Cyber Range
Penetration Testing Beyond the Basics
Instructor:

Building on the foundational skills learned in the introductory course, this training will take you deeper into the world of penetration testing, equipping you with the skills and knowledge to conduct more complex, real-world engagements.

Want to learn Penetration Testing?

Have you already taken Introduction to Pentesting with John Strand from Antispyhon? This course is meant as a follow on to the class, where we go into even more depth on what it takes to deliver a high-value penetration test. This course begins with tips and tricks for enumerating hosts, then dives into valuable initial access techniques. From there the course teaches how to identify additional targets via situational awareness, and of course, how to pivot to those hosts using practical lateral movement techniques.

Do you have to take John’s class? No, but the expectation is that you have some experience with information security and IT.

In this course, we will focus on refining and expanding your penetration testing methodology, with an emphasis on advanced techniques, toolsets, and strategic thinking. You’ll gain hands-on experience in testing more intricate attack surfaces including Active Directory (AD), Kerberos, and Active Directory Certificate Services (AD CS).

Syllabus

  • Target Identification – You can’t exploit systems and services you don’t know exists. In this course you’ll learn tips and tricks to quickly and safely identify high value targets for deeper testing.
  • Initial Access – Initial Access (IA) comes in many forms. According to the latest Verizon Data Breach Investigation Report (VDBIR), Initial Access is gained through compromised passwords, phishing, and to a lesser degree, exploitation. We’ll cover all these techniques as part of a practical penetration test.
  • Situation Awareness – Once a system is compromised, a penetration tester needs to gain information from the system to learn about the target environment for further attacks. A lot of valuable information can be gained from the network once a single host has been exploited/compromised.
  • Pivoting and Lateral Movement – When a real-world bad guy gains access to a system, they do not stop. They are going to work to extend their reach. In this course, we’ll cover common ways for lateral movement to model real world attackers, and to find issues beyond the surface.
  • Windows Domain and Kerberos – Nearly every organization uses Active Directory (AD). No penetration testing course would be complete without a deep dive into identifying issues in AD, and abusing those issues for privilege escalation, lateral movement, and persistence.
  • Active Directory Certificate Services – Far too often, organizations implement Microsoft’s Active Directory Certificate Services (AD CS), but it isn’t setup security. You’ll get hands on experience using real-world techniques to escalate privileges using this far-too-common technique.

Red Team Summit (March 20th – March 21st, 2025)

  • March 20th – 9:00 AM to 6:00 PM EST
  • March 21st – 9:00 AM to 6:00 PM EST

Prerequisite: Completion of John Strand’s Intro to Penetration Testing course or equivalent hands-on experience with penetration testing fundamentals.

Audience Skill Level: Intermediate

Who Should Take this course: This is designed for professionals learning how attackers work and to understand common, high-impact techniques commonly used by real world attackers. Whether you are a system administrator or defender looking to learn offense, or an offensive person looking to strengthen you’re skill, this is the course for you!

System Requirements

Nothing, just a browser

Live Training

  • Collaborative interaction with Instructor and fellow students through the Antisyphon Discord class channel
  • Access to course slides for future reference
  • Tips, tools, and techniques that can be applied immediately upon returning to work
  • Strengthen your skills by solving challenges within the Antisyphon Cyber Range
  • Become part of a community driven to educate and share knowledge

Complete Package

Penetration Testing: Beyond the Basics with Tim Medin
Pay
$ 575.00
Includes certificate of participation, six months access to class recordings and twelve months access to Cyber Range.
Mar 20 – Mar 21
9am EDT – 6pm EDT
Red Team Summit
$ 575.00

Course Categories:

Pentesting, Red Team