StC Pentesting Fundamentals Study Group — Week #8 Recap

This week, we had our eighth session of the Pentesting Fundamentals Study Group. Instead of covering a chapter of the Pentest+ book and two HTB machines, we had a special guest, Tom Levasseur, hold a cyber security challenge!

The challenge simulated a realistic vulnerable environment where participants competed in teams to enumerate the network and exploit vulnerable services to gain initial access to the DMZ. They then had to chain vulnerabilities together to pivot to the Office and IT networks.

The following image shows Tom explaining the layout of the network.

It goes without saying that the participants had a lot of fun putting all the skills they learnt in the past sessions to use! It was a great opportunity for them to get hands on experience in breaching a realistic environment.

We would like to thank Tom for all the effort and time he put into this and we look forward to having him hold another challenge in the upcoming weeks!

Next week, we’ll go back to our usual schedule and cover chapter 8 of the Pentest+ book and the Active (Windows) and Irked (Linux) HTB machines.