Scroll Top

Hacking Enterprises – 2024 Red Edition

Course Description

Updated for 2024, our Hacking Enterprises training is the natural counterpart to our popular Defending Enterprises course.

In this multi-layered offensive engagement, you will fully compromise a simulated enterprise in this immersive hands-on course that covers a multitude of TTP’s. Targeting modern operating systems including Windows 11, you’ll use modern techniques and focus on exploiting configuration weaknesses rather than throwing traditional exploits. Logical thinking and creativity will definitely be put to the test!

You will work to get initial access in a fictional organisation where multiple networks exist, some easily accessible, others not so. You’ll implant and establish C2, but manual techniques will always be emphasised so you’re equipped with the knowledge to work without reliance on frameworks.

Course content has been designed to reflect real-world challenges and you’ll perform numerous hands-on exercises including executing exploitative phishing campaigns against our simulated users for initial access, finding new networks that in turn bring new challenges including IPv6 exploitation, subverting AMSI and AWL, credential harvesting, passphrase cracking, pivoting, lateral movement, ADCS abuse, userland and privileged persistence via OOB channels and much more!

Our training favours hands-on over theory, with 70% hands-on and 30% theory. We have 17 hands-on exercises ranging from 15-45 mins each.

We realise that training courses are limited for time and therefore students are also provided with the following:

  • 14-day extended LAB access after the course finishes
  • 14-day access to a CTF platform with subnets/hosts not seen during training!
  • Discord support channel access where our security consultants are available

Course contents

Day 1

  • MITRE ATT&CK framework 
  • Overview on using the in-LAB SIEM 
  • Offensive OSINT 
  • IPv6 discovery, enumeration and exploitation 
  • Pivoting, routing, tunnelling and SOCKS proxies 
  • Application enumeration and exploitation via pivots 
  • Linux living off the land and post exploitation 
  • C2 infrastructure and beacon deployment
  • Exploitative phishing against our simulated enterprise users 

Day 2

  • Living off the land tricks and techniques in Windows 
  • P@ssw0rd and p@ssphras3 cracking 
  • Windows exploitation and privilege escalation techniques 
  • Windows Defender/AMSI and UAC bypasses 
  • Credential harvesting
  • Situational awareness and domain reconnaissance

Day 3:

  • Bypassing AWL (AppLocker, PowerShell CLM and Group Policy)
  • Extracting LAPS secrets
  • Active Directory Certificate Services (AD CS) abuse
  • Lateral movement for domain trust exploitation
  • WMI Event Subscriptions for persistence
  • Out of Band (OOB) data exfiltration
  • Domain Fronting

Target audience

This training is suited to a variety of students, including:

  • Penetration testers / Red Team operators
  • SOC analysts
  • Security professionals
  • IT Support, administrative and network personnel

why attend

We teach practical hands-on knowledge and skills that can be used in the field, not classroom theory to pass an exam. Our Windows clients are kept up to date (Windows 11) and have up to date malware definitions, so we’ll be covering techniques that work today rather than ones that worked years ago. Our in-lab SIEM also allows students to view the evidence and logs of their self-generated attacks, providing deeper insight into how their movements may be logged.


  • A firm familiarity of Windows and Linux command line syntax
  • Understanding of networking concepts
  • Previous pentesting and/or SOC experience is advantageous, but not required

Hardware/Software Requirements

  • Students will need to bring a laptop to which they have administrative/root access, running either Windows, Linux or Mac operating systems
  • Students will need to have access to VNC, RDP, SSH and OpenVPN clients on their laptop

Trainers Biography

Will Hunt has been in infosec for over 15 years, co-founded in 2018 and as a pentester has helped secure many organisations through technical security services and training. Will’s delivered hacking courses globally at several conferences including Black Hat and has spoken at several conferences and events. Will also assists the UK government in various technical, educational and advisory capacities. Before Will was a security consultant he was an experienced digital forensics consultant and trainer.

Twitter : @Stealthsploit

Owen Shearing is a co-founder of, a specialist cyber security consultancy offering technical and training services based in the UK. He has a strong background in networking and IT infrastructure, with well over a decade of experience in technical security roles. Owen has provided technical training to a variety of audiences at bespoke events as well as Black Hat, Wild West Hackin’Fest, NolaCon, 44CON, TROOPERS, BruCON and Hack in Paris. He keeps projects att

Twitter : @rebootuser

Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.