Advanced Infrastructure Hacking

This is our 5-day Advanced-level infrastructure hacking course.

Our Advanced Infrastructure Hacking course is designed for those who wish to push their knowledge. Whether you are Pen Testing, Red Teaming or trying to get a better understanding of managing vulnerabilities in your environment, understanding advanced hacking techniques is critical.

This course teaches the audience a wealth of advanced Pen Testing techniques, from the neat, to the new, to the ridiculous, to compromise modern Operating Systems, networking devices and Cloud environments. From hacking Domain Controllers to local root, to VLAN Hopping, to VoIP Hacking, to compromising Cloud account keys, we have got everything covered.

2023 Edition

Fast track available

5 day practical class

Available by Partners

Live, online available

Hack-Lab for 30 days


Course Overview

The course teaches you a wealth of advanced Pen Testing techniques, from the neat and the new, to the ridiculous. You will learn how to compromise modern Operating Systems, networking devices and Cloud environments. From hacking Domain Controllers to local root, from VLAN Hopping and VoIP Hacking to compromising Cloud account keys, we have got everything covered.



1. Our courses are available directly from us; through our training partners or at worldwide technical conferences.

2. You can find course dates and prices on the Courses and Webinars page. Click here for course dates, prices and content

3. Take a look below at a few of the upcoming courses for this specific training.

4. For more information including private course requests, complete the short form below.

Courses and webinars

Booking enquiries

Select the course from the Courses and Webinars Page.

Click here for course dates and prices

For private course delivery enquiries or other information, please use the form alongside.

The course is also available from our partners listed below.

QA training

For security and IT decision makers

What’s the real impact of training your team through NotSoSecure?

Harden your organisation’s infrastructure and make it a less attractive target for attackers by building a team that can identify, test, and recommend remediations for vulnerabilities and misconfigurations throughout your environments. Trained delegates can:

  • Perform security testing that uses complex attack chaining across Windows (local), Active Directory, Linux, and common cloud environments.
  • Design this testing around real-world attacker behaviour and tooling to ensure its relevance to the threats facing your organisation.
  • Identify misconfigurations from network level to system level.
  • Understand the business impact of misconfigurations and vulnerabilities and articulate this to key stakeholders.
  • Implement logging and monitoring processes to detect live attacks.
  • Take on greater responsibility in the team and become an advocate of security in the wider business.

Course Details

You will be able to:

  • Enumerate, investigate, target and exploit weaknesses in an organisation’s network devices, online presence, and people.
  • Understand complex vulnerabilities and chained exploitation processes in order to gain access and perform restriction bypasses, privilege escalation, data exfiltration and gain long term persistence in: Web facing services, databases, Windows, Active Directory, *nix, container-based, VPN, VLAN, VoIP and Cloud environments.
  • Use compromised devices to pivot onto other private networks and/or access services protected by whitelisting or only accessible via the loopback interface.

You will receive:

Access to our Hack-Lab is not just for your work during the course, you will have access for 30 days after the course too. This gives you plenty of time to practice the concepts taught during the course. The Hack-Lab contains a wide variety of challenges from local privilege escalation to VLAN hopping etc. Numerous scripts and tools will also be provided during the course, along with Delegate handouts.

What you can take away from the course:

If you are looking to develop your hacking skills further, either for working as a pen tester, or you need to understand how hackers work so that you are better able to defend against it, then this course is for you. In addition to increasing your knowledge and confidence, it provides excellent preparation for the advanced hacking examinations. By utilizing the Hack-Lab following the Advanced Infrastructure Hacking course you are provided with time to test and hone your skills and your understanding of the tools and applications used throughout the course. You can take these away for working with on a day to day basis. There are guides, walkthroughs and examples for you to use as follow-up so that you can translate these modules into practical values within your business.

Details of the course content:


  • Advanced topics in network scanning
  • Understanding & exploiting IPv6 Targets
  • Advanced OSINT Data gathering


  • Exploiting DVCS (git)
  • Owning Continuous Integration (CI) servers
  • Deserialization Attacks (Java, Python, Node, PHP)


  • Mysql
  • Postgres
  • Oracle
  • MongoDB


  • Windows Enumeration and Configuration Issues
  • Windows Desktop ‘Breakout’ and AppLocker Bypass Techniques (Win 10)
  • Local Privilege Escalation
  • A/V & AMSI Bypass techniques
  • Offensive PowerShell Tools and Techniques
  • Post Exploitation Tips, Tools and Methodology


  • Active Directory Delegation Reviews and Pwnage (Win 2016 server)
  • Pass the Hash/Ticket Pivoting and WinRM Certificates
  • Cross Domain and Forest attacks
  • Pivoting, Port Forwarding and Lateral Movement Techniques
  • Persistence and backdooring techniques (Golden Ticket, DCSync, LOLBAS)
  • Command and Control (C2) Frameworks


  • Linux Vulnerabilities and Configuration Issues
  • Treasure hunting via enumeration
  • File Share/SSH Hacks
  • X11 Vulnerabilities
  • Restricted Shells Breakouts
  • Breaking Hardened Web Servers
  • Local Privilege Escalation
  • MongoDB exploitation
  • TTY hacks, Pivoting
  • Gaining root via misconfigurations
  • Kernel Exploitation
  • Post Exploitation and credentials harvesting


  • Breaking and Abusing Docker
  • Exploiting Kubernetes Vulnerabilities
  • Breaking out of kubernetes containers


  • AWS/Azure/GCP specific attacks
  • Storage Misconfigurations
  • Credentials, API’s and token Abuse
  • IaaS, PaaS, SaaS, CaaS and Serverless exploitation
  • Azure AD attacks


  • Exploiting Insecure VPN Configuration


  • VLAN Concepts
  • VLAN Hopping Attacks


Who Should Take This Class?

System Administrators, SOC Analysts, Penetration Testers, Network Engineers, security enthusiasts and if you want to take your skills to next level.

While prior pen testing experience is not a strict requirement, familiarity with both Linux and Windows command line syntax will be greatly beneficial and a reasonable technical understanding of computers and networking in general is assumed. Some hands-on experience with tools commonly used by hackers, such as Nmap, NetCat, or Metasploit, will also be beneficial, although if you are a less advanced user, you can work your way up during the 30 days of complimentary lab access provided as part of the course.

The course is ideal if you are preparing for CREST CCT (ICE), CHECK (CTL), TIGER SST or other similar industry certifications, as well as if you perform Penetration Testing on infrastructure as a day job and wish to add to your existing skill set.

You will need:

The only requirement for this course is that you must bring your own laptop and have admin/root access on it. During the course, we will give you VPN access to our state-of-art Hack-lab which is hosted in our data-center in the UK. Once you are connected to the lab, you will find all the relevant tools/VMs there. We also provide a dedicated Kali VM to each attendee on the Hack-Lab, accessed using SSH. So, you don’t need to bring any VMs with you. All you need is admin access to install the VPN client and once connected, you are good to go!

As a delegate, you may optionally come prepared with an OpenVPN client (e.g. OpenVPN Client for Windows, we suggest Tunnelblick for Mac, the OpenVPN client is often included natively for Linux but may need installing/updating) and an SSH client (e.g. PuTTY for Windows, generally included natively for Linux/Mac) installed.

It is recommended that you complete one of the following courses before taking this course:

The Art of Hacking

Infrastructure Hacking

Advanced Infrastructure Hacking

Course Information

You can download a copy of the course information below.

In addition you will also be provided with a student pack, handouts and cheat-sheets if appropriate.

2 Days Course
5 Days Course

Your Training Roadmap

Offensive Classes

Hacking training for all levels: new to advanced. Ideal for those preparing for certifications such as CREST CCT (ICE), CREST CCT (ACE), CHECK (CTL), TIGER SST as well as infrastructure / web application penetration testers wishing to add to their existing skill set.

Defensive Classes

Giving you the skills needed to get ahead and secure your business by design. We specialise in application security (both secure coding and building security testing into your software development lifecycle) and cloud security. Build security capability into your teams enabling you to move fast and stay secure.


Very impressed with the lab environment. Course is packed with Information and exciting challenges. Excellent Content and in-depth presentation. Loved the practice timing and walk-through. The extended lab access is helpful to practice after the class."

Delegate, Black Hat USA

This course was exactly as described. It delivered good, solid information on the current state of infrastructure hacking at the rapid pace promised. This was a great way to get back into this area after years away from it."

Delegate, Black Hat USA

Very excellent course, highly recommend even for those new to Pen Testing! Great work & Effort."

Delegate, Black Hat USA

Compressing 4 days of material is very hard to do. I have to say that this class did it well. My brain hurts, not because the class was bad but because it was very, very good. The instructor was well versed in the subject and the assistance was effective. I really appreciate the "recap" after every section. Top notch. The course was exactly as described."

Delegate, Black Hat USA

It provided me with the latest Information Security research & development."

Delegate, Black Hat USA

Took this course as the 4-day was full, and was prepared for a fast-paced nightmare! On the contrary this course was well planned for the timescales. Happy with the solution."

Delegate, Black Hat USA