Search

TRAININGS

Hacking and Hardening of Windows Infrastructures

This three-day training covers the security of Windows infrastructures as they are typically operated in corporate networks today. The focus will be on the two Microsoft directory services Active Directory and Entra ID.

Training Content

First, our experienced trainers will talk about the basics of how these directory services work (e.g., protocol basics). Then, selected attack vectors will be discussed, demonstrated or practically abused by the participants in hands-on exercises. In doing so, the participants are also going to learn how to use open-source hacking tools, with the aim of finding vulnerabilities in their own infrastructure in order to fix them.

During the training, we will discuss typical threat scenarios in Active Directory infrastructures. You will find out how implementing the Microsoft tier model (aka enterprise access model), which serves as a basis for a concept for secure infrastructure administration, allows you to significantly reduce the existing attack surface.

These days, more and more organizations are moving increasingly larger parts of their IT infrastructure or processes into the Microsoft cloud. This results in an increased spreading of Microsoft’s cloud-based Azure Active Directory – especially in hybrid scenarios, i.e. in combination with Active Directory. We therefore present Entra ID and the way it works and take a look at the different possibilities to operate these two directory services together. Moreover, we will discuss how to secure and administrate Entra ID.

Our training environment enables you to get to know relevant configuration settings and how to handle selected tools. We use common, freely available hacker tools to demonstrate the effects of individual hardening measures and features. 

The training is comprised of the following areas:

  • Introduction
    • Basics of Active Directory
    • PingCastle tool
    • BloodHound tool
  • Protocols and trusts
    •  NTLM
    •  Kerberos
    • Trusts
  •  Attacks
    • MITRE ATT&CK
    • Attack vectors of Windows infrastructures
    • Domain compromise
    • War stories
  • Securing access
    • Tier model
    • PAW
    • PAM
  • Azure / Entra ID
    • Basics
    • Introduction to cloud computing
    • Attacks against Entra ID
    • Securing Entra ID

Target group:
Administrators, SOC members, blue team or red team members and (project) managers responsible for Windows administration.

Requirement:
The participants should have solid administration experience in the Windows environment. Basic experience in the administration of Active Directory and Entra ID as well as knowledge about common attacking tools and vectors are an advantage if you want to have the biggest training effect.

The following resources can be used in the run-up to the training in order to familiarize yourself with typical attacking techniques:

https://www.thehacker.recipes (“Active Directory” section)

https://www.ired.team (“Active Directory & Kerberos Abuse” and “Credential Access & Dumping” sections)

The exercises require the use of command-line tools such as PowerShell and of common administrative tools from the Active Directory environment. Where necessary, our trainers are happy to assist with the use of attacking tools and Microsoft tools. The exercises are set up in multiple levels, which means that, on the one hand, even experienced Windows administrators will still be challenged, while it is on the other hand made possible for beginners to reproduce the solution of each exercise using the sample solutions that are being provided.

Price:
€ 2,400

The training is conducted in German by two experienced trainers. They work as consultants and can thus complement the course with comprehensive and recent practical experience. You will receive CPE Points for participating in the Hardening and Secure Configuration training. The training takes 24 hours. You will get a certificate after having completed the training.
This training will be held in German.

Dates:
May 6-8, 2025 in Cologne
October 7-9, 2025 in Ludwigsburg
December 2-4, 2025 in München

Place:
The training course will take place in fine, specially selected hotels:

We will gladly reserve a room for you at a special rate in the hotel where the training course takes place.

We may also gladly offer you the course in form of an in-house training.

Online registration

Your Trainers

Hagen Molzer

Managing Consultant

Constantin Wenz

Senior Consultant

Duration

3 days

Dates

May 6-8, 2025 in Cologne
October 7-9, 2025 in Ludwigsburg
December 2-4, 2025 in München

Price

€ 2,400

Early booking discount

If you register 8 weeks prior to the start of the training, you will receive an early booking discount of 5%.

Your Contact Person

Search
Search