Training duration: 3 days of pure hacking and feeling "1337"
Group size: 10 participants maximum
Target audience: System administrators, information security specialists and -managers and any other IT personnel that is not afraid of the shell or command prompt
Pre-requisites: Prior HOHE participation is required to take this course to ensure minimum same level of participants
Hands-on Hacking Advanced (HOHA) is a follow-up to our Hands-on Hacking Essentials (HOHE) training. While HOHE is an eye-opening “shock therapy” training mostly for defenders, HOHA introduces more of the attacker and red teaming perspective. While the training still focuses mostly on the individual skills of participants, we will introduce red team team-working mode towards the end of the training with team servers and beacon servers.
While HOHE was intentionally built around totally freely available tools, HOHA is mostly built around Cobalt Strike (a commercial and red teaming oriented version of Armitage which we use in HOHE). Since Clarified Security team uses Cobalt Strike in red teaming for large-scale cyber exercises, mostly for client-side attacks, this training derives from these practical experiences and makes such training with red teaming twist available for wider audiences.
With HOHA course we build on our (pre-requisite) HOHE training and deliver 3 days of first-hand, pure hacking experience where a large „Network Takeover” scenario takes a center stage and teamworking mode sets in towards the end.
Taavi joined the team in April 2015 as a Web application pentester. His previous work experience consists mainly of Web Application development. He holds a M.Sc. degree in Cyber Security from Tallinn University of Technology. He wrote his masters thesis about improving User Simulation Team Workflow in the Context of Cyber Defense Exercise. Taavi is the main trainer of our Hands-on Hacking Essentials (HOHE) and Hands-on Hacking Advanced (HOHA) training.
During the 3 day hands-on training experience the participants should build upon HOHE training in understanding of current attacker tool-sets, attack types and methods. By experiencing the attacker mindset and point of view via hands-on exercises the participants not only will use Cobalt Strike and other tools from a red team member perspective and should understand what it takes in terms of individual skills to be a read team member with a taste of team-working as well.
Good Internet connection - at least 10Mbps download speed via a network cable (RJ45 connector) for connecting the classroom to the training server in Tallinn via our VPN device. VPN device just needs to get an IP address via DHCP and have outgoing IPSEC traffic enabled to our training environment IP addresses. The participants will be using only VNC and SSH clients to connect to Kali virtual machines in the training environment via this VPN connection, thus only good download speed is essential. All Internet access and network intensive activity and takes place within the training server.
Participants' computers - any computer or laptop with any Operating System will do, as long as VNC and SSH clients are installed. The customer is expected to provide the LAN (switch + cables + power jacks) that can be connected to our VPN device that supplies IP addresses via DHCP. In case of laptops, we can provide our own WiFi Access Point for creating a LAN. Minimum 1024x768 monitor resolution is recommended.
Video projector and large screen - so that also command line activity is also easy to follow from the back row.