What about this course?
MS SQL Server is widely used in enterprise networks. Due to its use by third-party applications, support for legacy applications, and use as a database, SQL Server is a treasure trove for attackers. It gets integrated within an active directory environment very well, which makes it an attractive target for abuse of features and privileges. In this training, we will see that how to attack a SQL Server not only as an individual service but as a part of the enterprise network. We will discuss the mutual trust which SQL Server has with domain, users and how linked SQL Servers can be abused. We will perform enumeration and scanning, privilege escalation, and post-exploitation tasks like Domain Privilege Escalation, identifying juicy information, Command Execution, retrieving system secrets, lateral movement, persistence, and more.
Instructor for this course
This course is composed by the following modules
MS SQL Server Basics
Powershell Role and Introduction
Discovering SQL Server within the Domain
Bruteforce Attacks on SQL Server
Post Exploitation Data Enumeration
Privilege Escalation: Impersonation
Privilege Escalation: Trustworthy Property
Command Execution Part 1
Command Execution Part 2
Exploiting Database Links
Privilege Escalation: Miscellaneous Techniques
Common Course Questions
If you have a question you don’t see on this list, please visit our Frequently Asked Questions page by clicking the button below.
If you’d prefer getting in touch with one of our experts, we encourage you to call one of the numbers above or fill out our contact form.
Do you offer training for all student levels?
Are the training videos downloadable?
I only want to purchase access to one training course, not all of them, is this possible?
Are there any fees or penalties if I want to cancel my subscription?