Come live your cyberpunk dreams! Mainframes are the workhorse behind almost every fortune 500. It’s probably time you learned how to hack one. This workshop provides a one of a kind experience, allowing you to get hands on mainframe hacking experience with multiple labs. This workshop lays the groundwork for mainframe penetration testing. Walkinging you through techniques for gaining system access, performing end-to-end penetration tests, and teaching you to ‘own’ the mainframe.
After a brief overview of how z/OS works and how to translate from Windows/Linux to “z/OS” the instructors will lead students through multiple real world scenarios and labs against a real live target mainframe brought on site for the workshop. The areas explored include VTAM, CICS, TSO, and Unix. Students will be given access to a mainframe environment for the duration of the course where they will learn to navigate the operating system, learn some easy wins, and privilege escalation techniques. They will get introduced to the open source tools and libraries available for all the steps of a penetration test including Nmap, python, kali, and metasploit as well as being able to write their own tools on the mainframe using REXX, and JCL.
The majority of the course will be spent performing instructor led hands on mainframe testing with tools provided by the instructors. Goals for each segment will be laid out with appropriate time afforded to students to allow them the ability to gain a deep understanding of how a mainframe pentest could and should be performed. Exercises will be based on real world attack scenarios.
While this class is outlined as a beginner class to mainframe hacking the attendee should have knowledge of IT security, penetration testing and very basic Python.