Train in the Trenches

Our training is based on over two decades of security assessments and penetration testing. We offer Penetration Testing for Defenders and Hardening Windows Networks Training that will help individuals at every stage of their careers.

Penetration Testing for Defenders

The knowledge gained from this course provides valuable practical solutions to encourage organizations to become proactive in their cybersecurity posture, rather than reactive. You will learn proven methods to reduce overall risk, learn offensive security, and methodically test your network.

Through a series of hands-on labs inside a virtual network, instructors provide insight into attack methodologies, possible outcomes, and suggested mitigation steps. Registrants will learn to perform exploitation paths that simulate attacks performed by penetration testers every day.

Content Preview:

  • Wireless HID Device Attacks

  • Cross-Site Scripting

  • Hash Cracking

  • Hash Relay Attacks

  • Session Cookie Manipulation

  • Attacking WordPress

  • MFP Printer Attacks

  • Reverse Command Shells

  • Windows Privilege Escalation

  • Configuration Vulnerabilities

  • Process Injection

  • Maintaining Persistence

  • Linux Privilege Escalation

  • FreeNAS Privilege Escalation

Tools Used:

  • Metasploit Framework

  • Hashcat

  • Wifite

  • Dirb

  • BloodHound

  • Responder

  • mitm6

  • Impacket

  • Burp Suite

  • Microsoft PsTools

Training is 3 days, attended remotely through a browser-based platform, and registrants will earn 24 CPE credits.

Cost: $2,750.00 + applicable taxes

There are a limited number of seats available for each training session to maintain quality.

Hardening Windows Networks

The knowledge gained from this course provides valuable, practical solutions to encourage organizations to become proactive in their cybersecurity posture, rather than reactive. You will learn proven methods to reduce overall risk, increase actionable alerting, and design tolerant networks.

Through a series of hands-on labs inside a virtual network, registrants begin by performing exploitation and then implementing effective countermeasures to defend against these attacks, tools, and techniques. Registrants will learn to perform and validate remediation to ensure that exploitation is no longer possible.

Content Preview:

  • Common Exploitation Techniques

  • Windows Event Auditing

  • Active Directory Group Policies

  • Account & Password Security

  • Host Firewall Configuration

  • Software Restriction Policy

  • Proxy Server & Firewall

  • Log Monitoring and Alerting

  • SNORT Intrusion Detection

Final Lab:

Registrants will use their newly acquired skills and apply them to a test network that mirrors the main lab. This includes running automated attacks to test the implementation of:

  • Core hardening concepts for Windows hosts

  • Intrusion detection, logging, and alerting

Training is 4 days, attended remotely through a browser-based platform, and registrants will earn 32 CPE credits.

Cost: $3,275.00 + applicable taxes or $1,500.00 + applicable taxes (self-paced training)

There are a limited number of seats available for each training session to maintain quality.

Instructors

  • Director of Training

    With vast experience in penetration testing, security consulting, and systems administration, Ryan is responsible for leading and assisting in internal security assessments and penetration tests for public and private sector clients. He conducts technical research into threats and vulnerabilities, assessing risk, and recommending countermeasures. Ryan is also responsible for maintaining penetration testing/vulnerability assessment environments, continuously researching new tools/techniques, and updating testing methodologies. To educate Digital Boundary Group’s clients, Ryan prepares and delivers comprehensive reports explaining threat/risk findings and recommended action for stakeholders up to C-level, as they relate to business impact.

  • Senior Security Specialist (CISSP, OSCP, CISSO)

    With over eight years of experience in a security operations center overseeing incident response for clients, Matthew is responsible for developing training material for use in a cyber range for red, blue, and forensic team training purposes. He draws on his vast experience with various clients in government (federal/provincial/municipal), utilities, police services, financial/insurance, healthcare, education, professional services, retail, and manufacturing.

  • Senior Security Specialist (GSEC)

    With a background in programming and college-level teaching experience, James brings a unique perspective to network security concepts. Drawing on over 6 years leading external security assessments for organizations across public and private sectors, James is involved with developing and maintaining a modern testing methodology within his team. Focusing on understanding the concepts and inner workings of the tools utilized allows James to teach advanced concepts in an intuitive way.