Windows Exploitation and Analysis (WEA)


This five-days course teaches the essentials of remote network exploitation to help students develop strategies to protect and defend their networks and critical information. Students learn how to analyze remote Windows networks, locate user credentials, and expand their access across a network. WEA provides an in-depth look at the essentials of remote network exploitation, from scanning and enumeration of a network space to performing client-side attacks. This course is for computer network professionals, software developers, and security professionals who are responsible for protecting Windows networks and data from threats.

What you will learn:

  • Apply open source tools (Metasploit and Armitage) to identify key target information
  • Documenting data in a target template
  • Analyze and interpret research data to determine an operational strategy
  • Craft and deploy phishing emails to obtain target browser data
  • Explore techniques associated with collecting data and expanding access

Course Outline:

Introduction Introduction to the Offensive Methodology and overview of documenting data in the Target Template

2. Information Gathering Website mining for key information and techniques to discover new servers through DNS brute forcing, zone transfers, etc.

3. Scanning and Enumeration Network-based scanning and enumeration using command line tools and exploits using web browser enumeration

4. Gaining Access Metasploit exploit, port redirection and tunneling techniques, client-side exploitation and botnet deployment

5. Expanding Access Windows Registry queries, system safety and security checks, methods for discovering files of interest, querying the Windows Active Directory, methods to crack passwords, and using pass-the-hash to access Windows systems

6. Sustaining Access Antivirus tool detection and intrusion detection systems, and techniques to sustain access


If this course is not on the current schedule of open enrollment courses and you are interested in attending this or another course as an open enrollment, please contact us at (410)956-8805 or Please indicate the course name, number of students who wish to participate. and a preferred time frame. ATI typically schedules open enrollment courses with a 3-5 month lead time. For on-site pricing, you can use the request an on-site quote form, call us at (410)956-8805, or email us at


  • Charles Spera is a Security/Defense Research Analyst and instructor. He has over 10 years of experience as a Naval Officer in both the Information Professional and Information Warfare communities. His experience spans both offensive and defensive computer network operations, information assurance, and signals intelligence. He has also served as an instructor and subject matter expert for a variety of topics in the cyber security and network operations fields.

  • Jack Valin is a Security/Defense Research Analyst. He has over 8 years of experience in the Air Force in signals intelligence and offensive computer network operations. Jonathan participates in cyber defense exercises and mentors computer network analysts.

    Contact these instructors (please mention course name in the subject line)

Request On-Site Quote