Tactical Exploitation: Attacking UNIX

Attack Research (AR) is a boutique security firm located in Northern New Mexico which specializes in advanced information security, especially concerning targeted and sophisticated attacks. Rather than offering security-only focused solutions, AR works to understand the client’s business needs in order to tailor the best solution possible.AR brings extensive experience, operating in a broad variety of complex environments that include sensitive government networks and Fortune 500 companies ranging from embedded systems, finance, government, and avionics to oil & gas. AR is well known in the information security research community, having presented numerous times at Blackhat, Defcon, SANS and other similar security conferences.

Attack Research, LLC

Tactical Exploitation: Attacking UNIX is Attack Research's unique approach to compromising UNIX environments without relying on traditional exploits. In this two-day course, students will become proficient in the skills necessary to compromise UNIX environments using the same methods as real-world attackers rather than compliance-based penetration testing techniques. Skills to be covered include: host recon, network recon, and credential hijacking, and students will learn how to take advantage of configuration and design flaws.
This course focuses primarily on Linux and FreeBSD/OS X and will include SSH, Kerberos, kernel modules, file sharing, privilege escalation, home directories, and logging. Once finished with this course, students will have a foundation on how attacks on UNIX actually happen and how to secure against them from the post-exploitation stage.
Like all classes offered by Attack Research, Tactical Exploitation: Attacking UNIX is very hands on, with a virtual enterprise network environment for students to practice the techniques they learn from the course lecture. Exercises are then demonstrated so each student gets a deep understanding. For more advanced students, there are additional challenges within the environment for them to discover.
 
<H2 CLASS="MediumHeading">Target Audience</H2>
<UL>
<LI>
Penetration Testers
</LI>
<LI>
Detection and Response Staff
</LI>
<LI>
System Administrators
</LI>
<LI>
Developers
</LI>
</UL>
 
<H2 CLASS="MediumHeading">Course Outline</H2>
<UL>
<LI>
Introductory Concepts and Thinking Like an Attacker
</LI>
<LI>
Host Recon
</LI>
<LI>
Leveraging Trusts & Lateral Movement
</LI>
<LI>
Kerberos Inherent Weaknesses
</LI>
<LI>
SSH Abuse
</LI>
<LI>
LD_PRELOAD Tricks
</LI>
<LI>
PAM Trojaning
</LI>
<LI>
X11 Attacks
</LI>
</UL>
 
We believe that attacking networks requires proficiency in all platforms, so please also consider attending our Tactical Exploitation: Attacking Windows class.
<H2 CLASS="MediumHeading"> </H2>
<H2 CLASS="MediumHeading">Course Instructor Bio</H2>
This course is taught by a highly experienced member of Attack Research staff. Instructors have over 10 years of experience implementing, supporting, securing, and compromising large and complex multi-platform environments. Instructors are currently engaged in senior-level penetration testing of highly secured UNIX and Windows networks and frequently research, develop, and deploy custom tools and techniques during engagements.
Tactical Exploitation: Attacking UNIX instructors also bring a wealth of knowledge gained from performing incident response on compromised systems in the field including analysis of attacker tools and techniques. Many of the topics covered in the course are taken directly from instructors' case studies and represent real-world events.
<H2 CLASS="MediumHeading"> </H2>
<H2 CLASS="MediumHeading">Student Requirements</H2>
Students must bring their own machines. Student machines can be of any platform but must include SSH, a web browser, and PDF Viewer. Students must also have sufficient administrative access and understanding of configuring network settings in order to make configuration changes as necessary.
Students must have:
<UL>
<LI>
A concept of scripting languages such as Python/Perl/Ruby/Bash.
</LI>
<LI>
A familiarity with UNIX system administration and networking concepts.
</LI>
</UL>
<H2 CLASS="MediumHeading"> </H2>
<H2 CLASS="MediumHeading">Course Background</H2>
Tactical Exploitation: Attacking UNIX focuses on the UNIX portion of our most popular multi-platform class, Tactical Exploitation.  After several requests for even more detail, Attack Research decided to separate the UNIX and Windows platforms.  This format has been taught at our local headquarters and has been well received.  The four-day parent class Tactical Exploitation has been taught and well received multiple years at Black Hat, BruCON, Countermeasure, and other security conferences.
<H2 CLASS="MediumHeading">Students Provided With</H2>
Students leave the class with full documentation and the entire custom and non-custom toolsets, as well as the custom tools that they design and build in the class. Students walk away from AR training sessions not only with the usual training materials, but with a wealth of knowledge for both attacking and defending networks.
AR employs a very hands-on approach to teaching by having the students spend approximately 50% of class time performing practical exercises in a lab environment designed to simulate real-world enterprise networks. This type of class structure has been a proven success in retention of skills learned as well as student engagement. Our unique lab environments are replicas of the types of production networks that students will encounter in the real world.

Attack Research

Our {communityGuidelinesLink} describe the sort of content we prohibit on Eventbrite. If you suspect an event may be in violation, you can report it to us so we can investigate.

To report other categories of prohibited or illegal content, submit {link}

Tactical Exploitation: Attacking UNIX

More events from Attack Research, LLC

Discover more events from Attack Research, LLC, from Science & Tech to other experiences you might love.

Still looking for the right event?

Explore all events in Los Alamos and filter by date, category, and more to find the perfect fit.

Tactical Exploitation: Attacking UNIX

More events from Attack Research, LLC

Discover more events from Attack Research, LLC, from Science & Tech to other experiences you might love.

You might also like...

Browse more events with different dates, prices, and formats to find your next great experience.

Still looking for the right event?

Explore all events in Los Alamos and filter by date, category, and more to find the perfect fit.