Hands-On Hacking Advanced (HOHA)

Training duration: 3 days of pure hacking and feeling “1337” (24 ac h)

Group size: 10 participants maximum

Target audience: System administrators, information security specialists and -managers and any other IT personnel that is not afraid of the shell or command prompt

Pre-requisites: Prior HOHE participation is required to take this course to ensure minimum same level of skill-set.

The training is held by our partner Clarified Security.

Contents of the training

Hands-on Hacking Advanced (HOHA) is a follow-up to our Hands-on Hacking Essentials (HOHE) training. While HOHE is an eye-opening “shock therapy” training mostly for defenders, HOHA introduces more of the attacker and red teaming perspective. While the training still focuses mostly on the individual skills of participants, we will introduce red team team-working mode towards the end of the training with team servers and beacon servers.

While HOHE was intentionally built around totally freely available tools, HOHA is mostly built around Cobalt Strike (a commercial and red teaming oriented version of Armitage which we use in HOHE). Since Clarified Security team uses Cobalt Strike in red teaming for large-scale cyber exercises, mostly for client-side attacks, this training derives from these practical experiences and makes such training with red teaming twist available for wider audiences.

With HOHA course we build on our (pre-requisite) HOHE training and deliver 3 days of first-hand, pure hacking experience where a large „Network Takeover” scenario takes a center stage and teamworking mode sets in towards the end.

Training objectives

During the 3 day hands-on training experience the participants should build upon HOHE training in understanding of current attacker tool-sets, attack types and methods. By experiencing the attacker mindset and point of view via hands-on exercises the participants not only will use Cobalt Strike and other tools from a red team member perspective and should understand what it takes in terms of individual skills to be a read team member with a taste of team-working as well.

Technical requirements for the training

You will need to bring your own laptop.

Be sure to bring your laptop, charger and, if necessary, other things necessary (mouse, etc.). The laptop must have a network cable slot or the ability to connect to a Wi-Fi network and a screen resolution of at least 1920 x 1080. All operating systems are suitable, the main thing is to have a remote desktop client. All training activities take place in our training environment. If you want to install a remote desktop client on your computer in advance, our recommendations are:

• Linux: Remmina, rdesktop
• macOS: Microsoft Remote Desktop client (Available in Mac App Stores)
• Windows: Windows 10 built-in