Master Class
Hackers Demystified L1
Master Class
Hackers Demystified

Course overview

This course is aimed at advanced participants who already have a sound knowledge of cybersecurity and want to learn more about detecting, defending against and analyzing advanced threats. By delving into specialized techniques and attack vectors used by experienced attackers, this course provides an in-depth look at the security of modern IT infrastructures.

Target overview

This course is aimed at experienced system administrators, consultants and Hyper-V designers.


At least 3 years of experience with Windows servers and 3 years with Active Directory

Course objective

Web Application Attacks: Participants will learn how to detect and defend against web application attacks, including SQL injection, where attackers inject malicious SQL commands into input fields to manipulate or steal data. Cross-site scripting (XSS) is also covered, where users are attacked through scripts inserted into trusted websites. File inclusion vulnerabilities, which allow files to be injected into web applications to gain access to the server, are also discussed.

Course content

  • Kerberos Abuse: This section is dedicated to the abuse of the Kerberos authentication system, including techniques such as pass-the-ticket, Kerberoasting and AS-REP roasting. These advanced methods allow attackers to compromise otherwise well-secured networks.
  • Active Directory Enumeration and Exploitation: Here participants learn how to search and exploit Active Directory structures. This includes LDAP enumeration, DCSync attacks that allow user credentials to be replicated and delegation abuse to gain unauthorized access to the network.
  • Privilege Escalation: Participants will learn how to escalate privileges within a system or network to gain higher access rights. This is particularly necessary if initial access to a system is successful, but extended authorizations are required for further action. This includes techniques such as path interception, token manipulation and bypassing user account control (UAC).
  • Lateral Movement: This teaches how attackers move within a network by exploiting or extending existing access rights. The focus is on methods such as pass-the-hash, the use of remote services and credential dumping.
  • Evading Endpoint Protections: Finally, participants learn how attackers can circumvent common endpoint protection mechanisms. These include obfuscation (code obfuscation), living off the land (exploiting legitimate tools for malicious purposes) and fileless malware, which works without traditional files and is therefore harder to detect.

Training environment

The training is completely virtualized.

Each participant receives their own hardware server (!) with at least two NVME SSDs and at least 256 (!) GB RAM.

Each participant sets up their own environment with the trainer. New systems are set up in seconds (!) using the appropriate hardware.


Each participant has a dedicated server in a data center with a total of 1 Gbit connection to the Internet. Each participant server is equipped as follows:

  • 128 GB RAM
  • at least 20 vCores
  • 2 NVME SSDs with at least 3,000 MB/s write and at least 2,000 MB/s read speed
  • 1 Gbit to the Internet total bandwidth

Our trainers

We spent a long time looking for our two trainers and found them a few years ago. It’s rare to find trainers and consultants who are technically highly qualified, who also work as speakers and are very good trainers at the same time:

Sascha Schimmler is Offensive Application Security Lead DACH at a cyber security services company.

Hackers, as I understand it, are almost NEVER hackers. They are paid IT nomads who hardly have much knowledge of their tools.

Therefore: Let’s talk; about misunderstanding and understanding on current issues and much more.

His mission: to protect Europe’s fundamental values from cyber attacks.

Michael Oonk is a Senior Cyber Defense Engineer at an enterprise company in Germany.

His absolute top skills are red teaming, digital forensics, incident response and security consulting – all from the field….


Duration: 5 days

This post is also available in: German