Hack Yourself First: Penetration Testing for IT Pros: June 7th, 2023

Hack Yourself First: Penetration Testing for IT Pros: June 7th, 2023



Please join us for our Penetration Testing for IT Pros class

in Des Moines, Iowa on Wednesday, June 7th, 2023!

Find your weaknesses before the hackers do! In order to effectively defend your IT infrastructure, you need to explore your network in the same way as hackers. This practical, hands-on class will teach you to do just that: pentest your own network. Along the way, we’ll cover detailed remediation tips, and test out various techniques for stopping attackers and ensuring that your changes work.

We’ll start by hacking from the outside. Learn how attackers gain an initial foothold in your environment. We’ll practice identifying the attack surface, conducting OSINT, scanning for vulnerabilities, and using passive reconnaissance tools. Next, we’ll dive into actual exploitation and persistence. In our first lab, students will abuse a VPN by brute-forcing an IKE shared secret using usernames found through OSINT & password spray.

In the next phase, students will learn to conduct internal penetration tests. Once a hacker has a foothold in your environment, they will work to move laterally and expand access. Practice hacking your own environment, starting with unprivileged access to a simple workstation. We’ll show you how hackers target active directory, poison traffic, redirect key services such as LDAP, gain access to sensitive file shares, and more.

During the second lab, students will exploit a Log4j vulnerability found through internal scanning. Students will also poison traffic and capture NTLMv2 hashes to crack offline. We will use Responder in conjunction with NTLMRelayX to relay authentication to actual servers and gain access to other services. Ultimately, we will gain low-level account access and use it to explore the network environment.

In our third module, students take it to the next level by escalating to an administrator account. We will practice techniques for privilege escalation, pass-the-hash attacks, certificate abuse, Golden and Silver Ticket Attacks, Kerberoasting, and more. In our third lab, students will use Bloodhound to identify paths for escalating to higher-value targets and abuse certificate authority authorization (CAA) templates in order to impersonate higher-privileged users. In addition, students will practice using pass-the-hash to gain access to other servers on the network. Once we have access to one server, we’ll show how we can spread laterally throughout the environment, ultimately executing a full network takeover.

Time and time again, we see hackers pivoting from on-prem environments into the cloud. In this module, students will learn how hackers break into the cloud, either by directly targeting cloud resources or by leveraging a hacked on-prem deployment. We will include practical examples from Microsoft 365, Azure, AWS and more. In our final lab, students will hack into a cloud environment using server-side request forgery to gain credentials. Next, students will leverage these credentials to audit access to the entire tenant and identify additional weaknesses. Ultimately, students will expand access to take over related cloud-based resources.

Once you’ve hacked yourself, it’s time to fix the problems! Throughout class, you’ll learn to implement various corrective actions. Then, you’ll have opportunities to retest and determine whether your fixes were successful.

The most effective IT defenders have offensive experience. Learn to hack your own network—and fix the issues—in this practical penetration testing class for IT professionals.



9am CT – 5pm CT on Wednesday, June 7th, 2023, with 2 days worth of labs post-class



Des Moines, Iowa



$850 Early Bird Registration ends April 28th, 2023

$950 Regular Registration ends May 24th, 2023


Tom Pohl
Penetration Testing Team Manager & Senior Cybersecurity Consultant
LMG Security

Tom is a seasoned hacker and the winner of many hacking competitions including Wild West Hackin’ Fest, Circle City Con, THOTCON, BsidesLV, and DEFCON. Tom leverages his wealth of experience to support LMG Security’s customers as the Penetration Testing Team Manager and a Senior Cybersecurity Consultant. Prior to working for LMG, Tom was the head of software architecture at Businessolver for nearly 20 years.

Matt Durrin
Director of Training and Response
LMG Security

Matt Durrin is the Director of Training and Research at LMG Security and a Senior Consultant with the organization. He is an instructor at the international Black Hat USA conference, where he has taught classes on ransomware and data breaches. Matt has conducted cybersecurity seminars, tabletop exercises and classes for thousands of attendees in all sectors, including banking, retail, healthcare, government, and more. He is also the co-author of a new book, Ransomware and Cyber Extortion: Response and PreventionA seasoned cybersecurity and IT professional, Matt specializes in ransomware response and research, as well as deployment of proactive cybersecurity solutions. Matt holds a bachelor’s degree in computer science from the University of Montana, and his malware research has been featured on NBC Nightly News.