Review: Ultimate Hacking: Black Hat Edition (Foundstone)
docrice
Member Posts: 1,706 ■■■■■■■■■■
http://www.blackhat.com/usa/training/courses/bh-us-12-training_fs-bhe.html
https://media.blackhat.com/Training_Videos/2011-USA/FoundStone/Foundstone-UltimateHacking.m4v
One of the classes I took at this year's Black Hat USA was the two-day course by Foundstone. This course is normally longer by a day or two but for Black Hat, Foundstone shortened their normal offering onto a condensed version with what I assume is some of the highlights of the longer variation.
While many "pentesting" classes these days are really geared for web app exploitation, Ultimate Hacking: Black Hat Edition was primarily focused on systems-level security with a traditional methodology using recon techniques, enumeration, gaining access, internal network pivoting, privilege escalation, and pillage.
I'd categorize this course as appropriate more for Windows and Unix sysadmins who haven't spent a lot of time focusing on security issues, or for the same crowd who wants to better understand why many convenient management services are potentially an open gateway to the innards of a corporate network. There's no coverage of SQL injection, XSS, etc..
The main reason I took this class is for review as I already knew some of the material going in (although there is still new stuff that I learned). Since it would be a long week for me at Black Hat 15 and DEF CON 20, I figured my second two-day course should be less intense than my first.
Many of the tools and methods used in class and the labs are not new. However, they are still fundamental and anyone doing a network audit should understand their use and the overall process. This class definitely satisfies this and was taught by the course author / lead instructor Mike McGilvray, although Chris Stark and Rob Bathurst also took part.
Unlike a lot of other classes I've taken in the past, Ultimate Hacking had all the equipment provided with the appropriate virtual machines and network environment.
The first day covered breaking into Windows domain networks and ended with a capture-the-flag lab. This was more of a self-guided workshop and if you got stuck, the lab book had the answers (or at least one possible solution) at the turn of a page. If you needed help, one of the instructors would point you in the right direction or drop some hints to get you thinking.
On the second day, the topics moved to the attack of Unix systems, finally ending with another capture-the-flag workshop, only this time it was breaking into a mixed Windows and Unix environment.
Both days covered security issues regarding XP / Server 2003, 2008, and different Unix variations. As one could expect, this is not a comprehensive course that looks at all attack vectors on all of these platforms. Rather, it looked at common tactics that attackers might use to enumerate, gain access, pivot around the internal network, and steal corporate secrets. Many of the tools used were not new to me, but the labs did go through some things that I learned in the past but forgot about or where I had textbook knowledge but had never applied hands-on. I also learned a few new things that I could (and definitely will) use during my next audit.
Hacking Exposed 6 was given to each student free as part of the class (although it wasn't used in class). However, as of this month, Hacking Exposed 7 has just come out. It had would been nice if we got the newer edition, but free is free.
Overall, the course was fun. In many ways, it was somewhat of a refresher for me, but I still picked up quite a bit and for Windows and Unix sysadmins who need a quick intro to enumeration and pivoting tactics, I think it's definitely one to consider. Ultimate Hacking: Black Hat Edition isn't necessarily an advanced penetration testing course, but as a quick introduction to tools such as Metasploit, Nessus, Nmap, using SQL Server for privilege escalation, doing SMB enumeration, password cracking, pivoting, and quietly cleaning up your footprints, this is a solid class for any admin to take in order to instill the right mindset and awareness ... something that still seems to be missing today in many places.
https://media.blackhat.com/Training_Videos/2011-USA/FoundStone/Foundstone-UltimateHacking.m4v
One of the classes I took at this year's Black Hat USA was the two-day course by Foundstone. This course is normally longer by a day or two but for Black Hat, Foundstone shortened their normal offering onto a condensed version with what I assume is some of the highlights of the longer variation.
While many "pentesting" classes these days are really geared for web app exploitation, Ultimate Hacking: Black Hat Edition was primarily focused on systems-level security with a traditional methodology using recon techniques, enumeration, gaining access, internal network pivoting, privilege escalation, and pillage.
I'd categorize this course as appropriate more for Windows and Unix sysadmins who haven't spent a lot of time focusing on security issues, or for the same crowd who wants to better understand why many convenient management services are potentially an open gateway to the innards of a corporate network. There's no coverage of SQL injection, XSS, etc..
The main reason I took this class is for review as I already knew some of the material going in (although there is still new stuff that I learned). Since it would be a long week for me at Black Hat 15 and DEF CON 20, I figured my second two-day course should be less intense than my first.
Many of the tools and methods used in class and the labs are not new. However, they are still fundamental and anyone doing a network audit should understand their use and the overall process. This class definitely satisfies this and was taught by the course author / lead instructor Mike McGilvray, although Chris Stark and Rob Bathurst also took part.
Unlike a lot of other classes I've taken in the past, Ultimate Hacking had all the equipment provided with the appropriate virtual machines and network environment.
The first day covered breaking into Windows domain networks and ended with a capture-the-flag lab. This was more of a self-guided workshop and if you got stuck, the lab book had the answers (or at least one possible solution) at the turn of a page. If you needed help, one of the instructors would point you in the right direction or drop some hints to get you thinking.
On the second day, the topics moved to the attack of Unix systems, finally ending with another capture-the-flag workshop, only this time it was breaking into a mixed Windows and Unix environment.
Both days covered security issues regarding XP / Server 2003, 2008, and different Unix variations. As one could expect, this is not a comprehensive course that looks at all attack vectors on all of these platforms. Rather, it looked at common tactics that attackers might use to enumerate, gain access, pivot around the internal network, and steal corporate secrets. Many of the tools used were not new to me, but the labs did go through some things that I learned in the past but forgot about or where I had textbook knowledge but had never applied hands-on. I also learned a few new things that I could (and definitely will) use during my next audit.
Hacking Exposed 6 was given to each student free as part of the class (although it wasn't used in class). However, as of this month, Hacking Exposed 7 has just come out. It had would been nice if we got the newer edition, but free is free.
Overall, the course was fun. In many ways, it was somewhat of a refresher for me, but I still picked up quite a bit and for Windows and Unix sysadmins who need a quick intro to enumeration and pivoting tactics, I think it's definitely one to consider. Ultimate Hacking: Black Hat Edition isn't necessarily an advanced penetration testing course, but as a quick introduction to tools such as Metasploit, Nessus, Nmap, using SQL Server for privilege escalation, doing SMB enumeration, password cracking, pivoting, and quietly cleaning up your footprints, this is a solid class for any admin to take in order to instill the right mindset and awareness ... something that still seems to be missing today in many places.
Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
Comments
-
JDMurray Admin Posts: 13,101 AdminSorry I missed you at DC20. There were a lot of people there I never bumped in to.
-
SephStorm Member Posts: 1,731 ■■■■■■■□□□thans for the review. have you taken any other foundstone courses?
-
docrice Member Posts: 1,706 ■■■■■■■■■■This was my first.Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/