bootcamps.pentesteracademy.com Open in urlscan Pro
34.86.36.208  Public Scan

Submitted URL: https://t.co/stXl7Udbup
Effective URL: https://bootcamps.pentesteracademy.com/course/ad-beginner-jan-23?utm_source=twitter&utm_medium=social&utm_campaign=bootcamp-ad_beginner...
Submission: On December 26 via manual from IN — Scanned from DE

Form analysis 3 forms found in the DOM

<form class="lead-form" data-node-type="lead-form" id="el_1602254884649_23">
  <div class="lw-cols one-row one-row-tl one-row-tp multiple-rows-sl multiple-rows-sp align-items-stretch">
    <div class="col no-padding span_5_of_12 span_5_of_12-tl span_4_of_12-tp span_6_of_12-sl mb-2rem-sl span_12_of_12-sp mb-2rem-sp flex-item flexible">
    </div>
    <div class="col no-padding span_5_of_12 span_5_of_12-tl span_4_of_12-tp span_6_of_12-sl mb-2rem-sl span_12_of_12-sp mb-2rem-sp flex-item flexible">
      <input type="email" class="full-height learnworlds-input learnworlds-element learnworlds-input-normal js-email-input learnworlds-input-outline-dark" data-node-type="input" placeholder="E-mail address" data-magic="input"
        id="el_1602254884649_24">
    </div>
    <div class="col no-padding span_2_of_12 span_2_of_12-tl span_4_of_12-tp span_12_of_12-sl span_12_of_12-sp flex-item flexible">
      <div class="learnworlds-button-wrapper lw-content-block learnworlds-element js-same-content-wrapper nowrap" data-node-type="buttonWrapper" id="el_1602254884649_25">
        <button class="learnworlds-button learnworlds-element js-same-content-child learnworlds-button-normal full-width learnworlds-button-solid-dark" data-node-type="button" id="el_1602254884649_26">
          <span data-node-type="text" data-magic="button-text" id="el_1602254884649_27">Notify me!</span>
        </button>
      </div>
    </div>
  </div>
  <div class="lead-form__optin-checkbox">
    <label class="checkbox-label with-flexible-parts lw-checkbox learnworlds-align-left">
      <input class="checkbox flexible-part js-optin-checkbox" type="checkbox">
      <div class="checkbox-box lw-border-color-fadeout80 flexible-part">
        <span class="learnworlds-icon learnworlds-heading3-small fas fa-check"></span>
      </div>
      <div class="flexible-part">
        <div class="learnworlds-main-text  learnworlds-main-text-normal learnworlds-element js-optin-checkbox-label">I would like to receive news, tips and tricks, and other promotional material</div>
      </div>
    </label>
  </div>
</form>

<form class="lead-form" data-node-type="lead-form" id="el_1602254884650_32">
  <div class="lw-cols one-row one-row-tl one-row-tp one-row-sl multiple-rows-sp with-input-cols input-btn-join align-items-stretch no-gutter">
    <div class="col no-padding span_2_of_12 span_2_of_12-tl span_2_of_12-tp span_2_of_12-sl span_12_of_12-sp flex-item flexible js-same-content-child va-c learnworlds-align-right" data-node-type="column" id="el_1602254884650_33">
    </div>
  </div>
  <div class="lead-form__optin-checkbox">
    <label class="checkbox-label with-flexible-parts lw-checkbox learnworlds-align-left">
      <input class="checkbox flexible-part js-optin-checkbox" type="checkbox">
      <div class="checkbox-box lw-border-color-fadeout80 flexible-part">
        <span class="learnworlds-icon learnworlds-heading3-small fas fa-check"></span>
      </div>
      <div class="flexible-part">
        <div class="learnworlds-main-text learnworlds-main-text-normal learnworlds-element js-optin-checkbox-label">I would like to receive news, tips and tricks, and other promotional material</div>
      </div>
    </label>
  </div>
</form>

POST

<form method="post" target="dummy" action="" autocomplete="off">
  <div class="error-wrapper p-5-10 mb-20 js-original-signin-error-wrapper" style="display:none">
    <p class="learnworlds-main-text no-margin-bottom learnworlds-main-text-very-small js-signin-error-msg"></p>
  </div>
  <div class="-form-login-inputs">
    <div class="mb-10 email-input-wrapper">
      <label class="landing-form-input-lbl learnworlds-main-text-small mb-5">What's your e-mail?</label>
      <input type="email" class="sign-input -email-input js-signin-input learnworlds-input no-margin-bottom learnworlds-input-small learnworlds-input-solid-light" name="email" placeholder="E-mail">
    </div>
    <div class="mb-20 pass-input-wrapper">
      <label class="landing-form-input-lbl learnworlds-main-text-small mb-5">Your password?</label>
      <input type="password" class="sign-input -pass-input js-signin-input learnworlds-input no-margin-bottom learnworlds-input-small learnworlds-input-solid-light" name="password" placeholder="Password">
    </div>
  </div>
  <div class="-form-login mb-30">
    <div id="submitLogin" class="-login-but form-button js-enterFocus w-full learnworlds-button-small learnworlds-button learnworlds-button-solid-brand">
      <div class="btn-loader a-i-c j-c-sb">
        <div class="btn-loader-part part1"></div>
        <div class="btn-loader-part part2"></div>
        <div class="btn-loader-part part3"></div>
      </div>
      <span class="btn-lbl">Login</span>
    </div>
  </div>
  <div class="-form-create-forgot flex a-i-c j-c-sb">
    <a href="javascript:void(0)" class="-create-account underline-hover learnworlds-main-text-very-small">Create&nbsp;<span class="outside-text">Account</span><span class="inside-text">a new account for free</span></a>
    <a href="javascript:void(0)" class="-forgot-pass learnworlds-main-text-very-small">Forgot your password?</a>
  </div>
</form>

Text Content

 * Home
 * Latest Bootcamps
 * Certifications
 * Instructors
 * Team Enrollment
 * On-Demand Labs
 * Contact Us
 * Mailing List
 * FAQ
 * Sign in




ATTACKING AND DEFENDING ACTIVE DIRECTORY: BEGINNER'S EDITION [JAN 2023]

Our 4-week beginner bootcamp teaches you to attack and defend Enterprise Active
Directory environments. Covers AD enumeration, trust mapping, Kerberos based
attacks and more! Earn the Certified Red Team Professional (CRTP) certification.
View Syllabus

Enroll $499 $299
Inquire about team enrollment

Starts: 08 January 2023  Duration: 4 weeks
Recordings of live sessions included!

ENROLLMENT ENDS IN:


WHAT YOU'LL LEARN

This is a 4-week beginner-friendly bootcamp, designed to teach security
professionals how to identify and analyze threats in a modern Active Directory
environment. The bootcamp will cover topics like Active Directory (AD)
enumeration, trust mapping, domain privilege escalation, Kerberos based attacks,
SQL server trusts, defenses and bypasses of defenses.


The bootcamp will teach you how to attack and defend Enterprise Active Directory
environments and will give you an opportunity to become a Certified Red Team
Professional.



 * 4 LIVE SESSIONS


 * 3 HRS PER SESSION


 * 4 WEEKS ACCESS


 * 40 FLAGS TO BE COLLECTED


 * 22 LAB EXERCISES


 * 1 CRTP ATTEMPT


 * RECORDINGS OF LIVE SESSIONS

BUILD YOUR CYBERSECURITY CREDENTIALS


 * BECOME A CERTIFIED RED TEAM PROFESSIONAL (CRTP)

The CRTP is a major achievement for anyone who wants to show they have serious
skills in attacking and defending real-world enterprise Active Directory
environments. This certification on your CV prepares you for Red Team, Blue Team
and pentesting roles in enterprises across the globe – more than 90% of Fortune
1000 companies use Active Directory.


 * BOOTCAMP COMPLETION CERTIFICATE

Attendees will also get a course completion certificate after completing
Learning Objectives covered during the course.



LIVE SESSION SCHEDULE

Weekly 3 hr sessions start at 11:00am ET and end at 2:00pm ET.
08 January 2023
15 January 2023
22 January 2023
29 January 2023
Introduction to Active Directory, Enumeration and Local Privilege Escalation
Lateral Movement, Domain Privilege Escalation and Persistence
Domain Persistence, Dominance and Escalation to Enterprise Admins
Defenses, Monitoring and Bypassing Defenses


PREREQUISITES

1. A basic understanding of Active Directory
2. The ability to use command line tools on Windows

Enroll Now



COURSE REVIEWS

The bootcamp was awesome! I learned all sorts of Red Teaming techniques, tactics
and procedures that I have already applied and can't wait to apply in future
engagements. The bootcamp was the best training for the dollar that I have
received, and I anxiously look forward to attending additional offerings and
highly recommend the course.
Kenneth Nevers
Penetration tester and business owner, USA

Attacking and Defending Active Directory: Beginner's Edition Batch 1



BOOTCAMP SYLLABUS

Download PDF Syllabus
Write your awesome label here.



The course is split in four modules across four weeks:


MODULE I: ACTIVE DIRECTORY ENUMERATION AND LOCAL PRIVILEGE ESCALATION



 * Enumerate useful information like users, groups, group memberships,
   computers, user
   properties, trusts, ACLs etc. to map attack paths
 * Learn and practice different local privilege escalation techniques on a
   Windows machine
 * Hunt for local admin privileges on machines in the target domain using
   multiple methods
 * Abuse enterprise applications to execute complex attack paths that involve
   bypassing antivirus and pivoting to different machines


MODULE II: LATERAL MOVEMENT, DOMAIN PRIVILEGE ESCALATION AND PERSISTENCE



 * Learn to find credentials and sessions of high privileges domain accounts
   like Domain Administrators, extracting their credentials and then using
   credential replay attacks to escalate privileges, all of this with just using
   built-in protocols for pivoting
 * Learn to extract credentials from a restricted environment where application
   whitelisting is enforced. Abuse derivative local admin privileges and pivot
   to other machines to escalate privileges to domain level
 * Understand the classic Kerberoast and its variants to escalate privileges
 * Understand and exploit delegation issues
 * Learn how to abuse privileges of Protected Groups to escalate privileges
 * Abuse Kerberos functionality to persist with DA privileges. Forge tickets to
   execute attacks like Golden ticket and Silver ticket to persist
 * Subvert the authentication on the domain level with Skeleton key and custom
   SSP
 * Abuse the DC safe mode Administrator for persistence
 * Abuse the protection mechanism like AdminSDHolder for persistence


MODULE III: DOMAIN PERSISTENCE, DOMINANCE AND ESCALATION TO ENTERPRISE ADMINS



 * Abuse minimal rights required for attacks like DCSync by modifying ACLs of
   domain
   objects
 * Learn to modify the host security descriptors of the domain controller to
   persist and
   execute commands without needing DA privileges
 * Learn to elevate privileges from Domain Admin of a child domain to Enterprise
   Admins on the forest root by abusing Trust keys and krbtgt account
 * Execute intra-forest trust attacks to access resources across forest
 * Abuse database links to achieve code execution across forest by just using
   the databases


MODULE IV: MONITORING, ARCHITECTURE CHANGES, BYPASSING ADVANCED THREAT ANALYTICS
AND DECEPTION

 * Learn about useful events logged when the discussed attacks are executed
 * Learn briefly about architecture changes required in an organization to avoid
   the discussed attacks. We discuss Temporal group membership, ACL Auditing,
   LAPS, SID Filtering, Selective Authentication, credential guard, device guard
   (WDAC), Protected Users Group, PAW, Tiered Administration and ESAE or Red
   Forest
 * Learn how Microsoft's Advanced Threat Analytics and other similar tools
   detect domain attacks and the ways to avoid and bypass such tools
 * Understand how Deception can be effective deployed as a defense mechanism in
   AD

Meet the instructor


NIKHIL MITTAL

Nikhil Mittal is a hacker, infosec researcher, speaker and enthusiast. His area
of interest includes red teaming, active directory security, attack research,
defense strategies and post exploitation research. He has 12+ years of
experience in red teaming.

He specializes in assessing security risks at secure environments that require
novel attack vectors and "out of the box" approach. He has worked extensively on
Active Directory, Azure AD attacks, defense and bypassing detection mechanisms
and Offensive PowerShell for red teaming. He is creator of multiple tools like
Nishang, a post exploitation framework in PowerShell, Deploy-Deception a
framework for deploying Active Directory deception and RACE toolkit for
attacking Windows ACLs. In his spare time, Nikhil researches on new attack
methodologies and updates his tools and frameworks.

Nikhil has held trainings and bootcamps for various corporate clients (in US,
Europe and SE Asia), and at the world’s top information security conferences. He
has spoken/trained at conferences like DEFCON, BlackHat, BruCON and more.

He blogs at https://www.labofapenetrationtester.com/


Nikhil Mittal - Principal Instructor





CAN'T ATTEND THIS BOOTCAMP? GET INFORMED ABOUT FUTURE BOOTCAMPS!

Notify me!
I would like to receive news, tips and tricks, and other promotional material
Thank you!
I would like to receive news, tips and tricks, and other promotional material
Thank you!
 * Online cybersecurity training
 * Earn certifications
 * Suitable for beginners
 * Expert trainers
 * Join a community of professionals from 130+ countries


FEATURED LINKS



 * Home
 * Contact us
 * Bootcamps
 * Terms & Conditions
 * Instructors
 * Privacy Policy


CONNECT WITH US

 *  
   
 *  
   
 *  
   
 *  
   

Copyright ©2022


Login or sign up to start learning
Start learning
or

What's your e-mail?
Your password?

Login
Create Accounta new account for free Forgot your password?
Sign up to Pentester Academy!


or
click to upload avatar
What's your name?
What's your e-mail?
Your password?

Your phone number?
Your address?
Your country?
Your country?
Country Afghanistan Åland Islands Albania Algeria American Samoa Andorra Angola
Anguilla Antarctica Antigua and Barbuda Argentina Armenia Aruba Australia
Austria Azerbaijan Bahamas Bahrain Bangladesh Barbados Belarus Belgium Belize
Benin Bermuda Bhutan Bolivia, Plurinational State of Bonaire, Sint Eustatius and
Saba Bosnia and Herzegovina Botswana Bouvet Island Brazil British Indian Ocean
Territory Brunei Darussalam Bulgaria Burkina Faso Burundi Cambodia Cameroon
Canada Cape Verde Cayman Islands Central African Republic Chad Chile China
Christmas Island Cocos (Keeling) Islands Colombia Comoros Congo Congo, the
Democratic Republic of the Cook Islands Costa Rica Côte d'Ivoire Croatia Cuba
Curaçao Cyprus Czech Republic Denmark Djibouti Dominica Dominican Republic
Ecuador Egypt El Salvador Equatorial Guinea Eritrea Estonia Ethiopia Falkland
Islands (Malvinas) Faroe Islands Fiji Finland France French Guiana French
Polynesia French Southern Territories Gabon Gambia Georgia Germany Ghana
Gibraltar Greece Greenland Grenada Guadeloupe Guam Guatemala Guernsey Guinea
Guinea-Bissau Guyana Haiti Heard Island and McDonald Islands Holy See (Vatican
City State) Honduras Hong Kong Hungary Iceland India Indonesia Iran, Islamic
Republic of Iraq Ireland Isle of Man Israel Italy Jamaica Japan Jersey Jordan
Kazakhstan Kenya Kiribati Korea, Democratic People's Republic of Korea, Republic
of Kuwait Kyrgyzstan Lao People's Democratic Republic Latvia Lebanon Lesotho
Liberia Libya Liechtenstein Lithuania Luxembourg Macao Macedonia, the former
Yugoslav Republic of Madagascar Malawi Malaysia Maldives Mali Malta Marshall
Islands Martinique Mauritania Mauritius Mayotte Mexico Micronesia, Federated
States of Moldova, Republic of Monaco Mongolia Montenegro Montserrat Morocco
Mozambique Myanmar Namibia Nauru Nepal Netherlands New Caledonia New Zealand
Nicaragua Niger Nigeria Niue Norfolk Island Northern Mariana Islands Norway Oman
Pakistan Palau Palestinian Territory, Occupied Panama Papua New Guinea Paraguay
Peru Philippines Pitcairn Poland Portugal Puerto Rico Qatar Réunion Romania
Russian Federation Rwanda Saint Barthélemy Saint Helena, Ascension and Tristan
da Cunha Saint Kitts and Nevis Saint Lucia Saint Martin (French part) Saint
Pierre and Miquelon Saint Vincent and the Grenadines Samoa San Marino Sao Tome
and Principe Saudi Arabia Senegal Serbia Seychelles Sierra Leone Singapore Sint
Maarten (Dutch part) Slovakia Slovenia Solomon Islands Somalia South Africa
South Georgia and the South Sandwich Islands South Sudan Spain Sri Lanka Sudan
Suriname Svalbard and Jan Mayen Swaziland Sweden Switzerland Syrian Arab
Republic Taiwan, Province of China Tajikistan Tanzania, United Republic of
Thailand Timor-Leste Togo Tokelau Tonga Trinidad and Tobago Tunisia Turkey
Turkmenistan Turks and Caicos Islands Tuvalu Uganda Ukraine United Arab Emirates
United Kingdom United States United States Minor Outlying Islands Uruguay
Uzbekistan Vanuatu Venezuela, Bolivarian Republic of Viet Nam Virgin Islands,
British Virgin Islands, U.S. Wallis and Futuna Western Sahara Yemen Zambia
Zimbabwe
Your birthday?
Your company name?
Your company size?
Company Size 1-10 11-25 26-50 51-100 101-200 201-500 500+
Your Profession?
Profession Architect Contractor Engineer Facility mgmt Other Private Promoter
Architekt Auftragnehmer Ingenieur Facility mgmt Andere Privat Projektträger
Architect Aannemer Ingenieur Facility Manager Andere Privé Promotor Architecte
Entrepreneur Ingénieur Gestionnaire d'installation Autre Particulier Promoteur
Your website?
Your university?
Your graduation year?
I accept the Terms & Conditions
I would like to receive news, tips and tricks, and other promotional material

Start your learning journey
Sign in with your account Forgot your password?
Get a brand new password!
What's your e-mail?




OK
cancel
Get a brand new password!
Enter it below, please

Enter it once more, please




OK
cancel