Anatomy of an Attack
An introduction to the attacker’s mindset and a review of attacks on corporate information systems.
40 hours
Red Team
40 hours
Red Team


Contrary to popular belief, attacks are not the result of luck or trial-and-error attempts. Skilled attackers can quickly penetrate large, well-protected corporate networks. Their hacking capabilities lie in their familiarity with human behavioral patterns. Hackers frequently exploit lazy software development and off-the-shelf product definitions, and the dynamic nature of network systems.  
Attack and defense are essentially the same activity, just with disparate aims. While this may not sit well with veteran defense teams, this mindset has the power to reshape notions of defense and cyber defense. As part of this course, students will don their “attacker” caps to gain an insight into cybercriminals’ mindsets and methodologies, as well as an understanding of the circumstances that may delay or thwart attacks.

The course covers the following topics:


It’s important to improve the accordion’s behaviour

The Cyber Kill Chain
  • Information gathering
  • Passive vs. activeattacks
  • GHDB
  • DNS enumeration
  • Using Whois
  • Host discovery and port mapping
Vulnerability Assessments
  • What is vulnerability?
  • The vulnerability assessment procedure
  • Vulnerability Assessment Tools
Server-Side Attacks
  • Server-side attack vectors
  • What is RCE?
  • Brute-force attacks
  • MSF as an exploitation framework
Client-side Attacks
  • Client-side attack vectors
  • Phishing and spear-phishing attacks
  • Malicious documents and binary files
Web Application Hacking 101
  • Introduction to Web application hacking
  • The OWASP Top 10
  • Mapping the application
  • Using proxies
  • SQLi attacks
  • XSS: Stored and reflected
Windows Privilege Escalation
  • Windows permissions and tokens
  • Windows common PE vectors
Linux Privilege Escalations
  • Linux permissions
  • Linux common PE vectors
Lateral Movement
  • What is Lateral Movement?
  • Lateral Movement: Common techniques
  • Introduction to Kerberos attacks
Persistence and Backdooring
  • What is persistence and what is used for?
  • Backdooring vs. persistence


Don't touch this tab

SOTERIA Global is a global leader in cyber-security training solutions and services.

The cyber world is now a part of our everyday life. New technology emerges daily, and as opportunities increase, so do cyber risks. Threats constantly evolve, and we must protect our valuable assets.

A successful cyber defense has many factors, but they all have one thing in common: dedicated, skilled individuals.

SOTERIA Global experts develop our solutions and rely on the best technological assets in the market. Our impressive global presence expands over four continents, giving us access to the best cybersecurity professionals.

Our solutions range from customized training programs to developing cyber-oriented facilities, ensuring that individuals and organizations are ready to face real-world threats. Over the years, we have worked with various organizations across many sectors, giving us the skillset to shape and adapt our solutions to meet our client’s needs.

    • Individuals working in the information security sector
    • Knowledge of data communication
    • Avanced knowledge of Windows and Linux operating systems
    • Familiarity with MS-Domain
    • Understanding the attack vectors
    • Scanning for vulnerabilities
    • Using privilege escalations
    • The basics of web hacking
    • Post exploit techniques