Offensive Methodology & Analysis (OMA)

Please call for additional class dates.

 

Learn to Exploit and Expand Access into Remote Networks Using Open Source Tools.

 

  • Use client-side exploits against web browsers
  • Deploy and control a botnet
  • Learn how to tunnel and pivot deep into a network

 

OMA teaches the essentials of remote network exploitation by demonstrating offensive methodologies in a coherent framework. In this two-week class, you’ll learn how to analyze remote networks, understand what the domain controller does, learn how to find credentials, expand access across a network, and much more!

oma_methodology

 

OMA provides an in-depth look at the essentials of remote network exploitation, from scanning and enumeration of a network space down to performing client-side attacks, which are quickly becoming the most reliable vector into target networks.This course is for people who love network and computer security, programmers, and people who are responsible for protecting their organizations’ networks from threats.

Before enrolling in OMA, we recommend attendees have familiarity in the following areas:

      • Basic – Intermediate networking concepts
      • Windows and Linux OS and Command Line
      • Wireshark / TCP Dump
      • Kali-Linux Suite
      • Malware, Viruses and Worms
      • Using open source tools to conduct research

However, many students have successfully completed the course by complementing deficiencies with a willingness to learn.

NOTE: In this class you will use real exploits against simulated targets. For example, you will perform spear-phishing attacks against email addresses found in your scenario. Our remote target computers will check their email and open your exploit attachments and links. All exploits are performed in a realistic network with routing, public IP addresses and domain names. But don’t worry! Our network is safely sandboxed to prevent any accidents. Parrot Labs Cyber Mission Training provides a persistent and secure training environment where you can learn and practice new skills without worry.
Download Course Sheet

Topics

INFORMATION GATHERING

The course begins with an overview of the Offensive Methodology and  Information Gathering using open source tools.

SCANNING & ENUMERATION

The first steps include scanning networks and servers using nmap, analyzing network packets (at a low level), and using simple Python scripts to scan and enumerating remote web browsers.

GAINING ACCESS

Using the Metasploit Framework (MSF) and SOCKS proxy tunnels, accessing the network is the next step. You’ll then perform manual Cross Site Scripting (XSS) and SQL Injection to compile and deploy actual malware in order to set up a small botnet.

EXPANDING ACCESS

Once you’ve successfully entered the network, you’ll explore the Windows Registry, Offensive Digital Forensics, and Windows Active Directory queries. After gaining access to the system, you’ll search for files of interest, learn to crack passwords, and use the pass-the-hash technique to maneuver around a remote Windows network.

SUSTAINING ACCESS

In the final phase, you’ll review routing and network infrastructures, analyze antivirus evasion techniques, steal credentials to gain access to routers and crack Cisco passwords.

CAPSTONE

The course concludes with a full-day capstone that combines the skills learned throughout the course.

Cost

OMA (Single Seat)

$7500/each

      • Included: Parrot Labs OMA Textbook
      • Course length: 10 Days

Sign up

Additional group and government discounts available, just email us.

 

What will you get out of this course?

This course consists of extensive hands-on labs that allow you to gain proficiency in offensive methodologies and analysis. Upon leaving this course, you will be able to apply these techniques, tactics and procedures (TTPs) to your current cyber role.

What makes this course unique?

You’ll perform your exercises and scenarios in a sandboxed network, allowing you to practice and learn at your own pace without affecting other students.