Hacking Enterprises (2019 NG Edition)

Probe, Penetrate and Persist like a Pro with Hacking Enterprises: 2019 NG Edition

Enterprise Networks are sprawling, complex environments with a wide range of new and legacy products. Most pentesters have some form of lab to test out tools, but few have anything as expansive as In.Security’s Enterprise Network Labs.

The In.Security labs are living, breathing enterprise networks. Conduct real-world OSINT tasks against users, conduct live phishing exercises, enumerate, exploit and pivot to discover new networks and watch out for yourself as a threat in their Elastic lab.

In.Security’s updated course is at the Novotel London West, Hammersmith from the 2nd – 5th of December, 2019.

This 4-Day course not only teaches you everything you need to know about how to conduct OSINT, Phishing and lateral movement but also how to detect and defend against it, making it uniquely positioned both for red and blue teams.

Book Now

Hacking Enterprises

Who Should Take This Course

  • Penetration Testers about to take or retake exams.
  • SOC Analysts and Incident Responders
  • IT Staff charged with security responsibilities.
  • Pentesters looking to move to the Red team.

“A course that takes you to your limits, and pushes you beyond them”

Forget ./exploit. Hone your tradecraft, and take your skills to the next level.

This immersive, hands-on course is based around modern operating systems and modern techniques, with an emphasis on exploiting configuration weaknesses rather than running traditional exploits. This means logical thinking and creativity will definitely be put to the test. Students access a cloud-based lab configured with multiple networks, some easily accessible, others not so. Course material and exercise content reflects real-world challenges. Expect hands-on exercises including using OSINT, host/service enumeration and exploitation as well as phishing attacks against our live in-lab users’. Learn new skills in post exploitation, network reconnaissance, lateral movement and data exfiltration. During training you’ll have access to an in-lab ElasticSearch instance with access to logs from all targets. This enables you, as an attacker, as a blue teamer, to understand the artefacts your attacks leave, showing how you might catch, or be caught in the real word.

As well as the course, you’ll receive an exclusive invite to 44CON’s quarterly 44CONnect events over the next 12 months. At your first 44CONnect, dinner’s on us.

What You’ll Learn

  • Basic and Advanced techniques
  • Each technique’s strengths and weaknesses
  • Creating effective phishing campaigns using bespoke payloads
  • Pivoting, routing and lateral movement tricks
  • Establishing persistence and OOB exfiltration
  • Using defensive monitoring to identify activities

Book Now

Course Outline

Day 1 – First Steps

  • An introduction into monitoring and alerting using our in-lab ELK stack
  • Leveraging OSINT activities
  • Lunch
  • Enumerating and targeting IPv4 and IPv6 hosts
  • Linux enumeration (remote and local targets)
  • Living off the land tricks and techniques in Linux

Day 2 – Gone Phishing

  • Linux shells, post exploitation and privilege escalation
  • P@ssw0rd cracking (*nix specifics)
  • Lunch
  • Creating and executing Phishing campaigns against our simulated enterprise users
  • Living off the land tricks and techniques in Windows

Day 3 – All Technique

  • P@ssw0rd cracking (Windows specifics)
  • Windows enumeration (remote and local targets)
  • Lunch
  • Windows exploitation and privilege escalation techniques
  • Windows Defender/AMSI and UAC bypasses
  • Enumerating and extracting LAPS secrets
  • RDP hijacking
  • Situational awareness and further enumeration of other subnets

Day 4 – Pivots & More

  • Lateral movement and pivoting, routing, tunnelling and SOCKS proxies
  • Application enumeration and exploitation via pivots
  • Lunch
  • Leveraging domain trusts
  • Gaining persistence using Scheduled Tasks and WMI Event Subscriptions
  • Data exfiltration over OOB channels (ICMP and DNS)
  • Domain Fronting and C2

What To Bring

  • A Laptop capable of connecting to the Internet over WiFi
  • VNC, SSH and OpenVPN clients
  • The course is mostly cloud based and labs are accessed remotely.

What Students Are Provided With

  • Hard Copy of the Red Team Field Manual (RTFM)
  • Hak5 LAN Turtle!
  • 14 Days additional lab access
  • 14 Day access to Slack-based support channel
  • 14 Day access to a CTF with extra subnets/hosts!

4 Days of Training at a Premium London Venue.
Book Now at only £2600 Inc. VAT!

Book Now!

4 Reasons Why You’ll Want To Train With 44CON



Focus on learning with our spacious, air-conditioned rooms. The comfort doesn’t stop there, with incredible food at lunch and in breaks.

Serious Savings

Save over 50% with us compared to the same courses at other events in London. Get the Vegas experience without the cost.



Get exclusive invites to 44CONnect – our quarterly event with talks and more. Invites run for 12 months after your last course.


44CON Discounts

You’ll receive an exclusive £50 discount code for standard tickets to the next main 44CON event: the UK’s best security conference.

Meet The Trainers: Will Hunt and Owen Shearing

Will (@Stealthsploit) is a cyber security consultant who has worked in IT security for over 10 years. He co-founded in.security Ltd., a specialist cyber security company delivering high-end consultancy and training services. He’s delivered hacking courses at Black Hat USA/EU, NolaCon, 44CON and others, and has spoken at various conferences and events. Will also assists the UK government in various technical, educational and advisory capacities. Before Will was a security consultant he was an experienced digital forensics consultant and trainer. He runs the blog https://stealthsploit.com.

Owen (@rebootuser) is a co-founder of in.security Ltd., a specialist cyber security consultancy offering technical and training services based in the UK. He is a CREST CCT level security consultant with a strong background in networking and IT infrastructure and has over a decade of experience in technical security roles. Owen has provided technical training to a variety of audiences at bespoke events and various conferences. He runs the blog https://rebootuser.com and keeps projects at https://github.com/rebootuser.

Book Now For December!

44CON December Bonus: Hootenanny Tickets Included!


The 44CONnect Hootenanny is an end-of-year one day event on the 6th of December.

The Hootenanny has a single talk track, a workshop track and an escape room track. We’ll have workshops from our trainers so you can get a taste of their courses, and a bunch of invited talks at the level of quality you’ve come to expect from a full 44CON. The event is fully catered, of course.

All December training attendees automatically receive a Hootenanny ticket as part of their booking. Those who’ve attended training at any time in 2019 can join our wait list. Tickets will be issued to the wait list two weeks before the Hootenanny event.

Book Now

Watch Will and Owen’s Talks

Hashes, hashes everywhere, but all I see is plaintext

Will looks at interesting ways to more efficiently crack passwords, starting with the basics before moving on to advanced techniques. 

Using non-deterministic techniques Will goes beyond dictionaries and conventional rules before discussing attacks against passwords containing non-ASCII characters.

IPv6 For Pentesters

Owen walks through practical tips and tricks for pentesters when facing IPv6, even when IPv6 isn’t configured.

IPv6 runs locally by default on a lot of Operating Systems. Learning a little IPv6 might have a big impact on your next Enterprise network penetration test.


Stay In Touch

Like the NSA, our newsletter will be in your inbox every Tuesday. Unlike the NSA, you can unsubscribe at any time.