
This is an advanced course that focuses on setting up secure and resilient C2 infrastructure using Azure/AWS, creating custom Cobalt Strike profiles, hunting for Active Directory Certificate Services misconfigurations in mature enterprise environments. Learn current post-exploitation techniques that White Knight Labs (WKL) has used during real-life engagements to dump credentials, move laterally, escalate to Domain Admin, and capture the client’s crown jewels. We will cover EDR bypass briefly, but AV/EDR bypass will be assumed knowledge for this course. Although this course is designed to be a deep dive into hunting for ADCS misconfigurations and setting up C2 infrastructure, an apex attacker must also know their own indicators of compromise (IOCs) they’re creating and the artifacts they’re leaving behind. On the second day, students will be led through a real-life red team operation.
Syllabus
Day 1: Red Team Fundamentals
- Cobalt Strike/Guacamole walkthrough
- Terraform for infrastructure automation
- Redirectors and CDNs
- Custom malleable C2 profile
- Protecting your C2 server (mod rewrite and proxy pass)
- Touch and go AV/EDR Bypasses
Day 2: Red Team Operation Attack Paths
- Advanced payload creation
- Windows lateral movement
- SOCKS proxies
- Service controller
- WMI
- COM/DCOM
- Abusing AD misconfigurations via C2 channels (ADCS)
- Advanced credential dumping techniques
- SQL misconfigurations for lateral movement and code execution
Security Education
OffSec
iNE
Antisyphon
EC-Council
Applied Network Defense
Kaspersky
Sektor7
CompTIA
TCM Security
BlackHat
13Cubed
Dark Vortex
Enciphers
Forty North
Cyber warfare Labs
Maltrak
Scorpio Software
Security Onion
Zero Point Security
SentinelOne
Altered Security
SpecterOps
Pentester Academy
CQURE
PluralSight
StationX
Cybr
موسسههای دیگر