This training aims to provide hands-on knowledge which can be directly applied against locked down environments in the field. The breakout portion covered fundamental techniques to circumvent applications deployed through Terminal Services and Citrix or environments locked down through the use of Software Restriction Policies (SRPs), Applocker and Group Policy. The privilege escalation portion will show how to take advantage of security fails, configuration issues and weak permissions. The focus of this portion is on manual identification, analysis and exploitation. Automated tools can assist in this process; however a solid understanding of the various types of vulnerabilities is essential when attacking real-world systems. The requisite techniques for this course will be demonstrated on a modern 64-bit Windows 10 Enterprise platform.
BruCON Spring Training
Jason Cook and Francesco Mifsud will deliver a training course - 'Windows Breakout and Privilege Escalation'
Apr
19
2017
19 Apr 2017 - 21 Apr 2017