Course Description
There are a lot of courses that you can take, virtual, in-person, etc that show you all of the tools and techniques under the sun. What sets this course apart is that we explain the “WHY”. After a combined 35 years of experience in red teaming and offensive security, egypt and mubix distill their TTPs in everything from building binaries, avoiding antivirus (EDR,XDR,BS-DR), to building your own company to take over another. In this 3 day course we have labs where we aren’t trying to teach you any particular OS, tool, or technique, but how to think about those same OSs, tools and techniques, when to use them, and how to assess new ones as the field of infosec changes.
Want to learn the newest, coolest, techniques? Go to a different class. Want to learn how to make any tool do what you want it to? This is the place to be.
Course contents
DAY 1
- Setup (while we would love everyone to show up completely ready to go, there is always a bit of setup required)
- Red Team Infrastructure – Considerations in complexity and repeatability.
- Open Source Intelligence Gathering (OSINT) from an attacker’s point of view.
- Building Binaries – The thought process behind selecting a C2, a type of binary, etc
- Payload Delivery – How a payload is delivered to the target and the considerations taken into account when making that decision
- Stolen Devices – A rare look at what Stolen Device engagement entail and why more companies should be testing them
DAY 2
- CxO Training – How to handle a breach, the technical and more importantly the non-technical aspects of them
- Post-Exploitation – The 4 ‘P’s of Post Exploitation
- Presence
- Persistence
- Pivoting and Privilege Escalation
DAY 3
- Password Cracking – Tools and Considerations
- Modifying Frameworks – Writing your own Metasploit, Empire and Silver modules / extensions
- Attacking Active Directory – The state of the union on AD / Windows attacks
- Attacking Web Apps – How to break down both external and more importantly internal web apps.
- Attacking the Cloud – How to find all of those SaaS, PaaS, and other aas solutions your targets have, and how to pivot from them to their internal network.
WHAT YOU SHOULD TAKE FROM THIS COURSE
This course should show you how to use different tools, techniques, and infrastructure in ways that optimize your success in your offensive security engagements. Or, if you are not a pentester / red teamer, it should show you what you can expect out of that space, either as a manager looking to get more value out of your pentesters / red teamers, or as someone new to infosec looking to get a good base of what is possible.
Target audience
- Those new to Infosec that would like to get a taste of the offensive mindset and point of view. CISOs, Directors, Managing Directors, and Senior Managers are also welcome.
- Penetration Testers / Red Teamers
- Cyber Threat Intelligence Analysts
- SOC Analysts
Requirements
- Students will need to be familiar with and comfortable with using the command line in both Windows and Linux operating systems.
- Students will need to be familiar with and comfortable with basic networking concepts like ports, IP addressing, routing, and similar networking concepts.
- Students will need to be familiar with and comfortable with basic programming concepts like variables, arrays, functions, classes, and similar programming concepts.
Hardware/Software Requirements
- Students will need to bring laptops to which they have administrative / root access, running either Windows, Linux, or Mac operating systems (no Chromebooks or Android devices). Minimum 20 GB of available space to load VMs. (Bringing a freshly updated VM of Kali Linux or Parrot Security Linux is preferred)
- Students will need to have access to VNC, RDP, SSH and Wireguard clients on their laptops.
Trainers Biography
Rob Fuller has over 17 years of experience covering all facets of information security. He has been behind the lines helping to design, build, and defend the US Marine Corps, US Senate, and Pentagon networks – as well as performing penetration tests and Red Team engagements against those same networks. More recently, Rob has built and led numerous Red Teams in successful engagements against many of the Fortune 50 companies, representing some of the best defensive teams in the industry.
Rob’s experience and expertise ranges from embedded and wireless devices in ICS/OT networks to standard IT infrastructures. He is a frequent speaker and trainer at a number of well-known security conferences. He has also served as a senior technical advisor for HBO’s show Silicon Valley. Rob has acquired a number of certifications and awards over the years, but the ones he holds above the rest are father, husband, and United States Marine.
Website : https://malicious.link/
Twitter : @mubix
egypt “James” Lee has spent nearly two decades learning about offensive security and more than half that time teaching it. After starting out as a vulnerability researcher and exploit developer for ICS/SCADA systems, he went on to become a developer for the Metasploit Framework where he worked on everything from core networking to exploits, payloads, and more in at least a dozen languages. He has also spent time as a penetration tester and as an internal Red Team engineer. He believes strongly that open source security tools are vital to the long-term health of the internet and is a vocal supporter of open source in general.
Note that egypt is not Egypt. The two can be distinguished easily by their relative beards – Egypt has millions, while egypt only has the one.
Twitter : @egyp7