Hands-On Security Lab 

Course & Training

This two-day course sensitises participants to cyber security threats by giving them hands-on experience of penetration testing techniques in a comprehensive lab environment.

In this hands-on security lab, participants are shown the effects of security lapses in a practical way by taking on the perspective of the attacker themselves. Among other things, participants learn how to identify and exploit vulnerabilities and misconfigurations, escalate privileges and extract data. Subsequently, the perspective of a defender is adopted and mitigation strategies are developed.
An extensive, pre-configured lab environment consisting of several virtual machines with practical, tailored hands-on lab tasks accompanied by theoretical input and a ready-made solution path is provided.

In-House Course:

We are happy to conduct tailored courses for your team - on-site, remotely or in our course rooms.

Request In-House Course

Public Course Schedule:

   

Content:


- Reconnaissance
... - Concept of the Cyber Kill Chain
... - Overview of reconnaissance methods
... - Lab network exploration with network scan
... - Lab identification of vulnerable services
- Exploiting misconfigurations & vulnerabilities
... - Key terms in cyber security
... - Overview of common vulnerabilities and misconfigurations
... - Lab with manual exploit
... - Lab with Metasploit
... - Overview of other exploit techniques
- Showing the effects of unpatched systems
... - Presentation of Common Vulnerabilities and Exposures (CVE) & CIA Triad
... - Lab with known CVEs and their various implications
- Privilege escalation
... - Theory of privilege escalation
... - Lab privilege escalation
- Kernel vulnerabilities
... - Lab malicious kernel modules
... - Lab vulnerable kernel modules
... - Kernel security mechanisms
- SUID & SGID
... - Risks of SUID & SGID
... - Lab SUID & SGID
- Incorrect file permissions & Sudo misconfigurations
... - Lab risks of incorrect file permissions
... - Lab symlink attacks
... - Lab Sudo misconfigurations from GTFOBins to LD_PRELOAD
- Propagation through shared storage
... - Theory propagation through shared storage
... - Lab initial propagation using shared storage
... - Lab privilege escalation through no_root_squash
... - Lab exploitation of trust relationships through compromised authentication key
- Exploiting a vulnerability in a workload manager
... - Exploiting a vulnerability in the workload manager (SLURM)
... - Intended functionality and exploit sequence
... - Lab understanding and exploiting the vulnerability
... - Lab applying and verifying the security patch
... - Assessing the vulnerability
- Maintaining access
... - Overview of persistence methods
... - Lab SSH authorised keys
... - Lab hidden cron jobs
... - Lab shell configuration files
... - Lab web shells
... - Lab SUID binary backdoors
... - Lab shared library
... - Detection and prevention
... - Advanced persistence mechanisms
- Lateral movement
... - Lateral movement process
... - Common lateral movement techniques
... - Recognition and prevention
... - Lab from foothold to final target
- Data exfiltration
... - Overview of exfiltration methods
... - Exfiltration process
... - Lab using the example of data exfiltration with DNS tunnelling
... - Lab detection and prevention
- Centralised authentication / LDAP
... - Overview of LDAP vulnerabilities and attack vectors
... - Lab anonymous bind
... - Lab on unencrypted synchronisation and backdoor admin user
- Optional: Attack stories workshop
... - Attack stories workshop with various threat actors
... - Threat modelling results
- Summary and conclusion


Disclaimer: The actual course content may vary from the above, depending on the trainer, implementation, duration and constellation of participants.

Whether we call it training, course, workshop or seminar, we want to pick up participants at their point and equip them with the necessary practical knowledge so that they can apply the technology directly after the training and deepen it independently.

Goal:

In this course, participants will develop a sound understanding of the fundamentals and more advanced concepts of security in complex IT environments. The aim is that after the course you will be able to recognise risks and use effective security measures, ranging from network scans to data exfiltration. The attacker-focussed labs and the practical demonstration of the possible consequences of security shortcomings will raise participants' security awareness in the long term. The importance and limitations of the respective security precautions are also emphasised and cybersecurity is shown as a holistic system consisting of many individual security precautions.


Form:

Proven mix of explanation, live hacking in the lab environment and findings including possible mitigation measures and further discussion.


Target Audience:

The target audience for this course consists of software developers, systems engineers, system architects and other IT professionals who wish to expand their knowledge of cyber security with a focus on penetration testing and system security. The course is aimed at participants who already have a basic knowledge of Linux and would like to deepen their understanding of security aspects. No in-depth knowledge of the topics and labs covered is necessary, as the necessary theory will be worked through together in advance.


Requirements:

Basic Linux command line knowledge and understanding of networking concepts.


Preparation:

Each participant will receive a questionnaire and instructions for accessing the course infrastructure after registration. We send personalised feedback based on the answers.

Request In-House Course:

In-House Kurs Anfragen

Waitinglist for public course:

Sign up for the waiting list for more public course dates. Once we have enough people on the waiting list, we will determine a date that suits everyone as much as possible and schedule a new session. If you want to participate directly with two colleagues, we can even plan a public course specifically for you.

Waiting List Request

(If you already have 3 or more participants, we will discuss your preferred date directly with you and announce the course.)

More about Hands-On Security Lab



Penetration testing is an essential discipline of cybersecurity that aims to identify vulnerabilities in IT systems through simulated attacks. This Hands-On Security Lab provides a unique learning environment where participants take on the perspective of attackers to understand security gaps and develop effective defense strategies.




History


Penetration testing emerged in the 1960s when computer systems were first systematically tested for security vulnerabilities. The term "Ethical Hacking" was coined in the 1990s when security experts began using attack techniques to improve systems.


The development of modern penetration testing methods was significantly advanced by organizations like SANS Institute and OWASP. Frameworks like the MITRE ATT&CK Matrix have revolutionized the systematization of attack techniques.


Today, penetration testing is an indispensable component of cybersecurity and is governed by international standards like ISO 27001 and frameworks like NIST. The continuous evolution of attack techniques and defense strategies makes regular training and practical exercises essential.