CSX Advanced Exploitation Course

SELF-PACED, VIRTUAL COURSE

Build your technical skills with immersive, hands-on training in a live network environment.

6 months access

Cybersecurity Month Special – 10% off regular prices 1-31 October!

ISACA Member: $250

Non-Member: $400

Purchase Self-Paced Course

Cybersecurity Month Special – 10% off regular prices 1-31 October!

The CSX Advanced Exploitation Course provides students, who possess an in-depth understanding of penetration testing, a deeper understanding of traversing complex networks. Students will work with real systems in real environments and will leverage real exploitation and pivoting tools in a live environment. Upon completion, students will understand the how to successfully exploit and move through a number of hosts on a network.

COURSE STRUCTURE

The CSX Advanced Exploitation Course is conducted in an adaptive, performance-based cyber laboratory environment. Students will have hands-on instruction and practice in applying basic concepts and industry-leading methods and in utilizing a large array of open source tools within real-world scenarios.

INSTRUCTION TOPICS

  • Pivoting and Tunneling
  • SSH Tunneling
  • Metasploit PortProxy
  • Meterpreter Autoroute Implementation

COURSE LABS

  • SSH Tunnel Implementation
  • Multiple SSH Tunnel Exploitation Implementation
  • Metasploit PortProxy Implementation
  • Autoroute Implementation
  • Interesting Searches
  • Network Assessment

CSX Advanced Exploitation Course Outline

Pivoting and Tunneling

In this lesson, students will:

  • Learn about data redirection basics
  • Gain an understanding of different pivoting techniques

SSH Tunneling

In this lesson, students will:

  • Learn about SSH port forwarding
  • Pivot through an SSH tunnel
  • Exploit through an SSH tunnel
  • Pivot through multiple devices using SSH

SSH Tunnel Implementation

In this lab, students will:

  • Use Kali Linux to create SSH tunnels in order for a LAN machine to communicate with a DMZ server
  • Enumerate Services via an SSH tunnel
  • Exploit a device via an SSH tunnel

Multiple SSH Tunnel Exploitation Implementation

In this lab, students will:

  • Pivot through multiple devices using SSH tunnels
  • Enumerate services through multiple devices
  • Utilize Metasploit to exploit a remote system via multiple tunnels.

Metasploit PortProxy

In this lesson, students will:

  • Learn about the PortProxy Metasploit module
  • Interact with Meterpreter
  • Pivot through Windows hosts
  • Run exploits through PortProxy

Metasploit PortProxy Implementation

In this lab, students will:

  • Use PortProxy to establish multiple pivot points
  • Redirect port scans to a target machine
  • Establish a backdoor on the target machine via pivot points

Meterpreter Autoroute Implementation

In this lesson, students will:

  • Learn about Meterpreters AutoRoute function
  • Pivot using AutoRoute
  • Run exploits through AutoRoute

Autoroute Implementation

In this lab, students will:

  • Use metasploit to gain perimeter access
  • Use AutoRoute to pivot through network
  • Exploit through AutoRoute

Interesting Searches

Students will learn how to conduct packet analysis to identify the types of searches which devices are executing on their network.

Network Assessment

Based on what students have learned, thus far, they are challenged to enumerate and pivot through multiple devices and networks in order to capture a flag from the target machine.