top of page
BruCON-2022-102 (1).png

Hacking Enterprises – 2025 Red Edition

3-day in-person course

Our 2025 revision is a major update – a new lab built from the ground up with new and exciting content! Hacking Enterprises is the natural counterpart to our popular Defending Enterprises course.


In this multi-layered offensive engagement, you will fully compromise a simulated enterprise in this immersive hands-on course that covers a multitude of TTP's. Using modern techniques and focusing on exploiting configuration weaknesses rather than throwing traditional exploits, your logical thinking and creativity will definitely be put to the test!


During this realistic threat emulation, you’ll perform OSINT reconnaissance to identify initial access vectors for a fictional organisation. Later, you’ll phish your way in where you’ll identify multiple networks, some easily accessible, others not so. Targeting modern operating systems including Windows Server 2025 within an enterprise VDI environment, you’ll implant and establish C2, but manual techniques will always be emphasised so you’re equipped with the knowledge to work without reliance on frameworks.


With real-world challenges, you’ll perform hands-on exercises including exploitative phishing against simulated users, tackle IPv6, perform proxying, pivoting and tunnelling, subvert AMSI, AV and AWL, credential harvesting, passphrase cracking, lateral movement, MSSQL and ADCS abuse, abusing domain trusts, performing Microsoft Azure attacks, persistence and much more!

Agenda


Day 1

  • MITRE ATT&CK framework

  • Offensive OSINT

  • IPv6 discovery, enumeration and exploitation

  • Pivoting, routing, tunnelling and SOCKS proxies

  • Linux living off the land and post exploitation

  • P@ssw0rd cracking – custom character-set attacks

  • Exploitative phishing against our simulated enterprise users


Day 2

  • C2 infrastructure and beacon deployment

  • Living off the land in Windows

  • P@ssphras3 cracking

  • Situational awareness and domain recon

  • Windows exploitation and privilege escalation techniques

  • Windows Defender/AMSI and UAC bypasses

  • Credential harvesting


Day 3

  • RDP hijacking

  • Bypassing AWL

  • Active Directory Certificate Services (AD CS) abuse

  • MSSQL linked server discovery, execution and exploitation

  • Lateral movement for domain trust exploitation

  • Azure IMDS exploitation for secret stealing


We realise that training courses are limited for time and therefore students are also provided with the following:

  • 14-day extended LAB access after the course finishes

  • 14-day access to a CTF platform including challenges not discussed/seen during training!

  • Discord support channel access where our security consultants are available

Target Audience

 

This training is suited to a variety of students, including:

  • Penetration testers / Red Team operators

  • SOC analysts

  • Security professionals

  • IT Support, administrative and network personnel


Training level


Beginner/ Intermediate

Pre-requisites


  • A firm familiarity of Windows and Linux command line syntax

  • Understanding of networking concepts

  • Previous pentesting and/or SOC experience is advantageous, but not required


Students should bring

  • Students will need to bring a laptop to which they have administrative/root access, running either Windows, Linux or Mac operating systems

  • Students will need to have access to RDP, SSH and OpenVPN clients on their laptop

Trainer Bio


Will (@Stealthsploit) has been in infosec for over 15 years, co-founded In.security in 2018 and as a pentester has helped secure many organisations through technical security services and training. Will's delivered hacking courses globally at several conferences including Black Hat and has spoken at several conferences and events, as well as helping run Password Village at DEFCON. Will also assists the UK government in various technical, educational and advisory capacities. Before Will was a security consultant he was an experienced digital forensics consultant and trainer.

Owen (@rebootuser) is a co-founder of In.security, a specialist cyber security consultancy offering technical and training services based in the UK. He has a strong background in networking and IT infrastructure, with well over two decades of experience in technical security roles. Owen has provided technical training to a variety of audiences at bespoke events as well as Black Hat, Wild West Hackin' Fest, NolaCon, 44CON, TROOPERS, BruCON and Hack in Paris. He keeps projects at https://github.com/rebootuser.

bottom of page