Windows Exploitation and Analysis Training (WEA)
Windows Exploitation and Analysis Training (WEA) Course with hands-on labs
This five-days Windows Exploitation and Analysis Training (WEA) teaches the essentials of remote network exploitation to help students develop strategies to protect and defend their networks and critical information. Students learn how to analyze remote Windows networks, locate user credentials, and expand their access across a network.
Windows Exploitation and Analysis Training (WEA) provides an in-depth look at the essentials of remote network exploitation, from scanning and enumeration of a network space to performing client-side attacks. This Windows Exploitation and Analysis Training (WEA) course is for computer network professionals, software developers, and security professionals who are responsible for protecting Windows networks and data from threats.
Windows Exploitation and Analysis Training (WEA) – Customize It
- We can adapt this Windows Exploitation and Analysis Training (WEA) course to your group’s background and work requirements at little to no added cost.
- If you are familiar with some aspects of this course, we can omit or shorten their discussion.
- We can adjust the emphasis placed on the various topics or build the course around the mix of technologies of interest to you (including technologies other than those included in this outline).
- If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the course in manner understandable to lay audiences.
Windows Exploitation and Analysis Training (WEA) – Audience/Target Group
The target audience for this course:
- IT professionals involved with information system security, computer forensics, and incident response
Windows Exploitation and Analysis Training (WEA) – Class Prerequisites
The target audience for this course:
- Understanding of basic-to-intermediate networking concepts.
- Experience using the Windows command line.
- Basic understanding of Windows file systems.
- Experience using the Kali Linux distribution.
- Experience using the Metasploit Framework.
- Basic understanding of malicious code (malware, viruses, worms, etc.)
- Knowledge of using open source tools and repositories to conduct research against a target network.
Windows Exploitation and Analysis Training (WEA) – Objectives:
Upon completing this course, learners will be able to meet these objectives:
- Apply open source tools (Metasploit and Armitage) to identify key target information
- Documenting data in a target template
- Analyze and interpret research data to determine an operational strategy
- Craft and deploy phishing emails to obtain target browser data
- Explore techniques associated with collecting data and expanding access
- Define the Offensive Methodology.
- Demonstrate basic familiarity with the phases of the Offensive Methodology.
- Analyze returned data to better determine the next steps.
- Conduct offensive computer network operations (CNO) against Windows systems using the process, techniques, and concepts of the offensive methodology.
Windows Exploitation and Analysis Training (WEA) – Course Content:
1. Introduction: Introduction to the Offensive Methodology and overview of documenting data in the Target Template
2. Information Gathering Website mining for key information and techniques to discover new servers through DNS brute forcing, zone transfers, etc.
3. Scanning and Enumeration Network-based scanning and enumeration using command line tools and exploits using web browser enumeration
4. Gaining Access Metasploit exploit, port redirection and tunneling techniques, client-side exploitation and botnet deployment
5. Expanding Access Windows Registry queries, system safety and security checks, methods for discovering files of interest, querying the Windows Active Directory, methods to crack passwords, and using pass-the-hash to access Windows systems
6. Sustaining Access Antivirus tool detection and intrusion detection systems, and techniques to sustain access