Hacking Enterprises - 2025 Edition

Our 2025 revision is a major update – a new lab built from the ground up with new and exciting content! Hacking Enterprises is the natural counterpart to our popular Defending Enterprises course.

In this multi-layered offensive engagement, you will fully compromise a simulated enterprise in this immersive hands-on course that covers a multitude of TTP’s. Using modern techniques and focusing on exploiting configuration weaknesses rather than throwing traditional exploits, your logical thinking and creativity will definitely be put to the test!

Our 2025 revision is a major update – a new lab built from the ground up with new and exciting content! Hacking Enterprises is the natural counterpart to our popular Defending Enterprises course.

During this realistic threat emulation, you’ll perform OSINT reconnaissance to identify initial access vectors for a fictional organisation. Later, you’ll phish your way in where you’ll identify multiple networks, some easily accessible, others not so. Targeting modern operating systems including Windows Server 2025 within an enterprise VDI environment, you’ll implant and establish C2, but manual techniques will always be emphasised so you’re equipped with the knowledge to work without reliance on frameworks.

With real-world challenges, you’ll perform hands-on exercises including exploitative phishing against simulated users, tackle IPv6, perform proxying, pivoting and tunnelling, subvert AMSI, AV and AWL, credential harvesting, passphrase cracking, lateral movement, MSSQL and ADCS abuse, abusing domain trusts, performing Microsoft Azure attacks, persistence and much more!

We know 2 days isn’t a lot of time, so you’ll also get 14-days FREE lab time after class, Discord access for support and access to a post-training CTF containing hosts and networks not seen during training!

Agenda:

Day 1

MITRE ATT&CK framework
Offensive OSINT
IPv6 discovery, enumeration and exploitation
Pivoting, routing, tunnelling and SOCKS proxies
Linux living off the land and post exploitation
P@ssw0rd cracking – custom character-set attacks
Exploitative phishing against our simulated enterprise users
C2 infrastructure and beacon deployment
Living off the land in Windows

Day 2

P@ssphras3 cracking
Situational awareness and domain recon
Windows exploitation and privilege escalation techniques
Windows Defender/AMSI and UAC bypasses
Credential harvesting
RDP hijacking
Bypassing AWL
Active Directory Certificate Services (AD CS) abuse
MSSQL linked server discovery, execution and exploitation
Lateral movement for domain trust exploitation
Azure IMDS exploitation for secret stealing

After Class

We realise that training courses are limited for time and therefore students are also provided with the following:

14-day extended LAB access after the course finishes
14-day access to a CTF platform including challenges not discussed/seen during training!
Discord support channel access
All students have access to a training platform (during the event and for 14-days after training completes) in which exercises are provided along with detailed instructions on how to achieve the task.

Who Should Attend

This training is suited to a variety of students, including:

Penetration testers / Red Team operators
SOC analysts
Security professionals
IT Support, administrative and network personnel

Who Should Not Take

Non-technical individuals would not be suited to this course and anyone who is not comfortable at a Linux/Windows command line.

Requirements

A firm familiarity of Windows and Linux command line syntax
Understanding of networking concepts
Previous pentesting and/or SOC experience is advantageous, but not required

Students should bring

Students will need to bring a laptop to which they have administrative/root access, running either Windows, Linux or Mac operating systems
Students will need to have access to RDP and SSH and OpenVPN clients on their laptop

Training

Hacking Enterprises - 2025 Edition

About the Speakers