LabLab Platform
CYSEC

Cybersecurity Workshop

Product information

In a world increasingly shaped by digital threats, IT administrators, security officers, and SOC analysts face the challenge of dealing with limited security budgets, a shortage of skilled professionals, and the need to implement stringent security standards.
Our workshop provides not only guidance but also practical solutions to cope with these complex challenges.
  • Do you understand the current attack techniques?
  • Shortage of budget in the security sector?
  • Lack of qualified personnel?
  • Cybersecurity beyond compliance. Don't get lost in the security jungle!
We focus on equipping you with the skills to defend against the ever-changing cyber threats. By acquiring effective defense strategies that go beyond standardized compliance checklists, you will be empowered to act proactively.
Our workshop covers specific attack techniques for Linux and Windows, authentication processes, web and cloud security, ransomware defense, and protecting critical infrastructures. In our specialized lab, which emulates a corporate network, you will have the opportunity to test operational methods and tools from an attacker's perspective.
Participants of this seminar will be able to make more meaningful decisions in their daily tasks for the efficient and sustainable improvement of IT security.
It is particularly important to us to provide new impetus for the creation of sustainable defense concepts through lab case studies, theoretical content, and joint discussions.
Select a format

Depending on the chosen format, there is more time for exercises and questions. We offer online webinars as well as on-site workshops at your location. If you book at least 30 days in advance, you can take advantage of our early bird discount.

Online Workshop

4 Tage, online Webinar mit Lab

2390 € / per person

2000 € early bird 🚀

Vor-Ort Workshop

4 Tage, mit Lab, vor Ort, + Reisekosten

2500 € / per person

2100 € early bird 🚀

Custom request
  • What is Hacking?
  • What is IT Security?
  • Attacker types, motivation, and tactics ✨
  • Common definitions and metrics
  • MITRE ATT&CK®
  • Password Spraying
  • MFA Bypass
  • M365 Hacking
  • EDR Bypasses
  • Types of Social Engineering
  • Examples from pentests and current campaigns ✨
  • Recognizing and preventing phishing
  • Email attacks
  • Browser attacks
  • Peripheral device attacks
  • Exploit vs. Social Engineering
  • Physical attacks
  • Introduction to the attack chain ✨
  • Footprinting, Discovery
  • Enumeration, Port Scanning
  • Password storage
  • Hashing methods
  • Online / Offline Bruteforcing
  • Advantages and disadvantages of password policies
  • Shells
  • Classification and evaluation of vulnerabilities
  • Command Injections
  • Introduction to Metasploit
  • Linux Basics
  • Linux Exploitation
  • Lateral Movement and Pivoting ✨
  • Post Exploitation
  • Case studies
  • Windows Basics
  • Active Directory Basics
  • IPS Evasion
  • Pivoting
  • Memory Corruptions, Exploit Mitigations
  • Proxy Whitelisting Evasion
  • Pass the Hash (PTH), Pass the Ticket (PTT)
  • Kerberoasting
  • Native Malware, PowerShell Malware, .NET Malware A/V Evasion ✨
  • Spoofing attacks
  • Exfiltration and C+C
  • Client Side Exploitation
  • Mimikatz, Impersonation
  • Volatility, Sysinternals Tools
  • Post Exploitation Overview
  • AD Persistence (Golden Tickets, Silver Tickets)
  • Advanced Post Exploitation
  • Native and Meterpreter commands for Post Exploitation
  • Living-off-the-Land attacks ✨
  • Fileless Malware
  • Lateral Movemenent (RDP, WMI, WinRM, DCOM RPC)
  • Windows hardening
  • Keylogging
  • Introduction to the concept of Defense-in-Depth
  • The Kill Chain and MITRE ATT&CK® Matrix ✨
  • Basic Network Defense
  • Basics of ISMS
  • Advanced Network Defense
  • Threat Modeling and Protecting Crown Jewels
  • Building and operating Security Operations Centers
  • Incident Response Policies
  • Threat Intelligence
  • Introduction to web applications, services, and http
  • OWASP TOP 10
  • Mapping a website
  • Working with Intercepting Proxies
  • Working with Browser Developer Tools
  • Server-side web vulnerabilities (SSRF, Command Injections, Deserialization, SQLi, File Inclusion) ✨
  • Browser-supported web vulnerabilities (XSS, XSRF, etc)
  • Vulnerabilities in web services
  • Introduction to Ransomware
  • Backup Strategies
  • Recovery Strategies
  • To Pay or Not to Pay?
  • Decryption Considerations
  • Preventing Double-Extortion Attacks
  • Lessons Learned
  • Introduction to Wireshark and Scapy ✨
  • Various types of MiTM attacks
  • Sniffing and Injection
  • Switching Security
  • Microsegmentation
  • Main threats to Wifi Security
  • Attacks on the TCP/IP Stack
  • TCP, UDP, IPv4/ IPv6 Threats
  • Network Access Control
  • Encryption Basics
  • Various Crypto Suites
  • Public Key Infrastructures
  • Crypto Hardening
  • Practical Use of Cryptography
  • Introduction to TLS/SSL
  • TLS/SSL Attacks and Defense ✨
  • Disk Encryption
  • Types of Denial-of-Service
  • Motives of Attackers
  • Memory-Corruption-DoS
  • Focus on volume-based DDoS
  • Defense against Denial-of-Service ✨
  • Incident Response in case of DoS

Target audience

This course is designed for participants who want to gain a basic overview of how cyber attacks function.

Administrators
Responsible for Windows, Linux, Cloud, or virtualization
SOC Operators
Charged with monitoring a corporate environment
Security Officers
Responsible for corporate security and data protection
Aspiring Security Auditors
Interested in penetration testing, red teaming, and adversary simulation
Network Admins
Charged with the administration of NG-Firewalls, WAFs, TLS proxies, Reverse proxies, DPI
Students
Students who prefer direct entry into the practice of cybersecurity rather than focusing on theoretical and tool-oriented training

Technical requirements

Online training takes place via Zoom. Other conference systems can be used upon request.
Installation of an access client is required for accessing the lab environment.
For on-site courses, an Ethernet connection and a projector are necessary.