Hacking in Practice (HCKP1)

Cybersecurity, ICT Security

Explore practical techniques of offensive security, focusing on social engineering, malicious USB devices and automated payloads, credential theft through keyloggers and phishing, and live demos of voice and SMS spoofing used to trick users into revealing access.

Hands-on exploration of Windows and Active Directory attacks: password extraction, lateral movement, privilege escalation and defense. We also cover WiFi security from WEP to WPA3, mobile-based tools and practical mitigation techniques for real networks.

Location, current course term



VirtualPro (online)
10/6/2025 - 10/8/2025 CZECH
Order 		11/26/2025 - 11/28/2025 CZECH
Order
Custom Customized Training (date, location, content, duration)

The course:

Hide detail
  • Social engineering
    1. Social engineering via USB flash drives
    2. USB Rubber Ducky - demonstration of real attacks
    3. BadUSB, USB Ninja, USB Killer – offensive USB devices
    4. Techniques to trigger malware execution
    5. Macro viruses and their modern use
    6. DDE (Dynamic Data Execution)
    7. Exploitation of MS Office vulnerabilities
    8. Spoofed shortcuts and self-extracting archives
    9. Demo of creating a Trojan horse
    10. VirusTotal and alternative services
    11. Phishing and spearphishing
    12. Vishing — spoofed calls and SMS from arbitrary numbers
    13. Telephone social engineering — practical insights and audio samples
    14. Hardware keyloggers and videologgers — easy route to passwords
    15. LAN Turtle and Bash Bunny devices
    16. Defensive measures
  • Windows security
    1. Passwords in Windows
    2. LM/NTLM hashes — cracking and Pass-the-Hash
    3. Hashcat — usage, demos and password analysis
    4. LSA secrets — password extraction
    5. Cached Credentials — extraction of domain user hashes
    6. LSASS — extraction of plaintext credentials
    7. Mimikatz and WCE tools
    8. Active Directory and Windows domain security
    9. LLMNR, NBNS and mDNS poisoning
    10. SMB relay attacks
    11. Kerberos from a security perspective
    12. Kerberoasting
    13. Silver and Golden Ticket attacks
    14. Methods for compromising domain administrators
    15. Pentest practice demonstrations
    16. Defensive strategies
  • WiFi security
    1. Classification of wireless technologies
    2. Hacking WiFi with shared passwords
    3. WEP — packet injection
    4. WEP — Korek / ChopChop attack
    5. WEP — fragmentation attack
    6. WEP — Cafe Latte attack
    7. WPA — Beck-Tews attack
    8. WPA/WPA2 — handshake capture
    9. WPA/WPA2 — KRACK
    10. WPA3 — Dragonfly handshake vulnerabilities
    11. WiFi Protected Setup (WPS)
    12. Comparison of WiFi tools
    13. Rogue APs and their detection
    14. Hacking guest networks with captive portals
    15. Hacking enterprise WiFi — PEAP (domain account)
    16. Hacking enterprise WiFi — EAP-TLS (certificates)
    17. Hacking enterprise WiFi — LEAP (Cisco)
    18. Nethunter (Kali Linux for mobile phones)
    19. Denial-of-service attacks on WiFi
    20. Hacking routers and access points
    21. WiFi Pineapple
    22. WiFi vulnerabilities observed in the Czech environment
Assumed knowledge:
Familiarity with Windows and Linux and a basic understanding of TCP/IP network security.
Recommended previous course:
Basics of the TCP/IP Protocol (TCP1)
Recommended subsequent course:
Practical Hacking II (HCKP2)
Schedule:
3 days (9:00 AM - 5:00 PM )
Course price:
799.60 € ( 967.52 € incl. 21% VAT)
Language:

Vybrané zákaznické reference

ENVISYS s.r.o, Petr P.
Hacking in Practice ( HCKP1)
"Kurz nabitý vědomostmi a zkušenostmi + lidský přístup. Rozhodně doporučuji."
Mendelova univerzita v Brně, Miroslav O.
Hacking in Practice ( HCKP1)
"Kurz byl fantasticky, vsechno nej. Doporucuji uplne kazdemu, kdo se pohybuje v IT. Uz se tesim na dvojku."
Kancelářské stroje s.r.o., Roman D.
Hacking in Practice ( HCKP1)
"Byl jsem velmi spokojen"