Advanced Infrastructure Security Assessment
Training Overview
Advanced Infrastructure Security Assessment is a high-intensity, advanced-level offensive security training at CSA XCON 2026, designed for experienced penetration testers and red teamers who want to break through hardened enterprise environments where automated tools and default exploits fail.
Modern enterprise infrastructures are layered with firewalls, EDR, WAFs, legacy systems, custom applications, hybrid identity platforms, and AI-driven defenses. Successfully compromising such environments requires deep understanding, manual exploitation, exploit adaptation, vulnerability chaining, and stealthy movement across trust boundaries.
This training focuses on thinking like a real adversary, understanding defenses, bypassing them creatively, and maintaining access in complex networks.
About the Training at CSA XCON 2026
This is not a Metasploit-driven course. Participants will:
- Tear apart exploit code and adapt it to hardened targets
- Perform manual exploitation and advanced vulnerability chaining
- Move laterally and vertically across enterprise networks
- Attack Active Directory and hybrid identity environments
- Leverage AI both as a target and as a force multiplier
The training aligns perfectly with CSA XCON’s goal of delivering cutting-edge, practitioner-only cybersecurity education.
What You Will Learn
Enterprise Exploitation & Evasion
- Advanced exploitation methodologies
- Discovering and enumerating hardened endpoints
- WAF bypass techniques
- Exploiting modern, hardened web applications
Persistence & Privilege Escalation
- Breaking security boundaries
- Obtaining higher privileges
- Gaining persistence in complex infrastructures
- Crossing trust and isolation boundaries
Active Directory Domination
- Active Directory internals: Domain Controllers, FSMO roles & Delegation & service accounts
- AD reconnaissance using LDAP and custom queries
- Enumerating users, groups, ACLs, and delegation rights
Credential Access & Abuse
- Credential extraction techniques: SAM, NTDS.dit, LSASS, DPAPI, LSA Secrets & In-memory and cached credentials
- Bypassing Credential Guard
- Process injection and hooking
Lateral Movement & Impact
- Pass-the-Hash / Pass-the-Ticket
- Kerberoasting
- NTLM & SMB relay
- Golden & Silver Ticket attacks
Detection & Defense Awareness
- Understanding enterprise logging
- Monitoring account changes
- Detecting ACL and delegation abuse
- Awareness of blue team visibility
Hybrid & Cloud Identity Attacks
- Microsoft Entra reconnaissance
- Access token theft
- Directory synchronization abuse
- Attacking hybrid identity boundaries
Leveraging AI in Infrastructure Attacks
- Using AI to accelerate enumeration and exploitation
- Attacking AI-based security systems
- Understanding AI-driven detection and response
Training Experience & Expectations
- Extremely intensive, hands-on training
- Realistic enterprise lab environments
- Manual exploitation over automation
- Advanced, adversary-simulation scenarios
Participants will leave with battle-hardened infrastructure exploitation skills applicable to real red team operations.
Skill Level
Advanced
Prerequisites
Participants should already have:
- Solid understanding of TCP/IP networking
- Experience with virtualization (VMware / VirtualBox)
- Hands-on use of tools like Nmap, Metasploit, Burp, NetExec
- Familiarity with web application security
- Basic knowledge of Active Directory security
- A GitHub account
What Participants Should Bring
- Laptop with administrator privileges
- Minimum 8GB RAM (50GB disk space required)
- Virtualization software installed
- Ability to disable AV for lab work
Apple Silicon systems are supported via emulation (performance may vary).
What Participants Will Receive
Each participant will receive:
- Slide deck designed as a cheat-sheet
- Access to a repository with lab tasks and solutions
- Printed workbook with 40+ guided exercises
What This Training Is
What to expect:
- Advanced infrastructure exploitation
- Custom exploit development
- Real-world adversary techniques
What not to expect:
- Beginner-level explanations
- Long-term access to all lab environments
This course is intended for experienced professionals only.