دسته: دوره ها

Real threat actors utilize various Tactics, Techniques and Procedures (aka TTPs). One of the tactic is Persistence – a way to survive a breached machine restart and preserve access to a target environment. There is a lot of focus on what methods adversaries use to exploit a particular vulnerability or how their C2 channels and infrastructure look like. Less often you find discussions about persistence. This course is aiming to change that. You will learn almost 30 different persistence techniques working on Windows 10. Most of them were used by nation-state threat actors, like EquationGroup, Turla, APT29, ProjectSauron or malware, including Flame or Stuxnet. As usual you will get not only full explanation of each technique with examples, but also a working code templates (written in C) and a complete development environment you can experiment with.

Syllabus

Intro and Setup

Low Privilege Persistence

Admin Level Persistence

Assignments

RED TEAM Operator: Windows Persistence Course

ادامه مطلب

In the modern enterprise Windows  environment we often encounter lots of obstacles, which try to detect and stop our sneaky tools and techniques. Endpoint protection agents (AV, IDS/IPS, EDR, etc.) are getting better and better at this, so this requires an extended effort in finding a way into the system and staying undetected during post-exploitation activities. This course will guide you though modern detection technology and teach how you can try to avoid it. This means understanding how the technology works and developing certain capabilities to stay under the radar. You will receive a virtual machine with complete environment for developing and testing your software, and a set of source code templates which will allow you to focus on understanding the essential mechanisms instead of less important technical aspects of implementation.

Sylllabus

Intro and Setup
Essentials
Non-privileged user vector
High-privileged user vector

RED TEAM Operator: Windows Evasion Course

ادامه مطلب

Advanced offensive security tool (OST) development topics for Windows user land only, including: hidden data storage, rootkit techniques, finding privileged objects in system memory, detecting new process creation, generating and handling exceptions, building COFFs and custom RPC-like instrumentation, and more.

Syllabus

Intro and Setup

Filesystem corners

Objects Enumeration in Memory

Global Hooks

Userland Rootkit Tech

Process Environment Block Manipulations

No-patch Hooking

Process Memory Hiding

Custom “RPC”

Common Object File Format

Custom Project

RED TEAM Operator: Malware Development Advanced

ادامه مطلب

This course builds on what you have learned so far by extending your development capabilities with:
  • playing with Process Environment Blocks and implementing our own function address resolution
  • more advanced code injection techniques
  • understanding how reflective binaries work and building custom reflective DLLs, either with source or binary only
  • in-memory hooking, capturing execution flow to block, monitor or evade functions of interest
  • grasping 32- and 64-bit processing and performing migrations between x86 and x64 processes
  • discussing inter process communication and how to control execution of multiple payloads

The course ends with a combined project, where you will create a custom dropper implementing discussed techniques.

You will receive a virtual machine with complete environment for developing and testing your software, and a set of source code templates which will allow you to focus on understanding the essential mechanisms instead of less important technical aspects of implementation.

Syllabus

Intro and Setup

PE madness

Code Injection

Reflective DLLs

x86 vs x64

Hooking

Payload Control via IPC

Combined Project

RED TEAM Operator: Malware Development Intermediate Course

ادامه مطلب

Are you a pen tester having some experience with Metasploit or Empire frameworks? Or maybe you take your first steps as an ethical hacker and you want to know more about how all these offensive tools work? Or you are a blue teamer or threat hunter who needs to better understand the internal workings of malware? This course will provide you the answers you’re looking for. It will teach you how to develop your own custom offensive security tool (OST) for latest Microsoft Windows 10. And by custom OTA we mean building a dropper for any payload you want (Metasploit meterpreter, Empire or Cobalt Strike beacons, etc.), injecting your shellcodes into remote processes, creating trojan horses (backdooring existing software) and bypassing Windows Defender AV. You will receive a virtual machine with complete environment for developing and testing your software, and a set of source code templates which will allow you to focus on understanding the essential mechanisms instead of less important technical aspects of implementation.

Syllabus

Intro and Setup

Portable Executable

Droppers

Obfuscation and Hiding

Backdoors and Trojans

Code Injection

Extras

Combined Project

RED TEAM Operator: Malware Development Essentials Course

ادامه مطلب

Through OALABS we want to bring you the kind of reverse engineering tutorials that we wished we had when we were first learning to analyze malware. With Patreon we offer access to a wide variety of tutorials and workshops aimed at all skill levels. Our RE101 level tutorials cover important topics like how to setup a malware analysis lab, as well as reverse engineering fundaments like learning assembly, and how to use a debugger. Our RE201 level tutorials cover malware analysis specific topics like how to bypass anti-analysis checks in malware, and how to resolve dynamic imports. Our RE504 level tutorials cover advanced reverse engineering topics like how to bypass software protectors such as Themida, and VMProtect. Patreon also allows us to maintain a set of free publicly available malware analysis tutorials on YouTube as well as weekly malware analysis streams on Twitch.

ادامه مطلب