ＨｉｄｅＺｅｒｏＯｎｅ

Cybercriminals are constantly developing more sophisticated ways to hack into systems. According to an April 2021 report, between the third and fourth quarters of 2020 :

• Microsoft Office malware increased by 199%.
• Account hijackings are targeted at Office 365 accounts.
• Exploits targeting new vulnerabilities meanwhile shot up 100% in Q4.
• Targeted attacks increased 43%.

To protect organisations and people from cybercrime, we have a duty to continuously level up our skills. That’s why we created this advanced cybersecurity training: “Cheating on Windows, Fuzzing and Buffer Overflow: Attack Scenarios and Protection Methods.” This advanced training is a recorded lesson extracted from our AWSC 2020 edition. In just 2 hours, you’ll learn how to identify buffer-overflow vulnerabilities in Windows applications, exploit remote code execution vulnerability, and use various modern mitigations for vulnerabilities. In short, you will learn how to apply additional mitigations against software attacks in a short time. We highly recommend this advanced training to cybersecurity specialists, penetration testers, offensive security specialists, and any cybersecurity expert wanting to add to their repertoire of skills and boost their career.

The use of Microsoft’s Active Directory (AD) remains very popular. It is the core of nearly every organisation’s network environment. While AD provides many benefits to organizations, one of the major drawbacks is the potential for abuse by malicious parties.  Cybercriminals have long targeted Active Directory (AD) as a valuable prize in their quest to gain full control over a network. The consequences of this can be dire. That’s why businesses worldwide are willing to pay top dollar for cybersecurity experts who can detect and mitigate these types of advanced attacks. You can be in high-demand for these skills when you complete our advanced cybersecurity training: “Advanced Attacks Against Active Directory.” This advanced course is a recorded training extracted from our AWSC 2019 edition. In just 2 hours, you’ll learn how to implement a defense strategy to protect an Active Directory. We highly recommend this advanced training to cybersecurity specialists, penetration testers, system administrators, infrastructure administrators, and any cybersecurity expert eager to develop their skill set and advance their career.

The Windows Internals Red Team Operator [CWI-RTO] lab offered by cyberwarfare.live is a comprehensive, hands-on learning environment designed to provide real-world experience in Microsoft Windows Internals. In this lab, you will unveil common Win32/NT APIs used by malwares and understand how malwares abuse internals from a user-mode perspective. You will perform various challenges/exercises to learn Windows Internals. You will also learn different kernel data structures (EPROCES, ETHREAD, KPCR etc.) through Windbg.

The Stealth Cyber Operator [CSCO] lab offered by cyberwarfare.live is a comprehensive, hands-on learning environment designed to provide real-world experience in stealth cyber operations. In this lab, you will learn how to develop trade-craft for offensive operations and abuse improperly placed and mis-configured security controls in infrastructure. You will also learn resource abuse using Windows APIs, C, C++ & Csharp. The lab focuses on utilizing trade-craft for Red Teaming in a hardened environment and leveraging endpoint security controls (AV, EDR) and much more.

The Red Team Specialist [CRTS V1] lab offered by cyberwarfare.live is a comprehensive, hands-on learning environment designed to provide real-world experience in performing adversary simulations. In this lab, you will perform adversary simulations in an Electric PowerGrid Facility You will exploit AD Domain & Certificate Services, Exchange, SSO, MFA & VDI. The lab allows you to follow the Red Team Cycle in multi-segregated networks. Two unique paths are mapped with MITRE ATT&CK for Enterprise. The covered TTPs can be as-is implemented during a realistic engagement.

Automation is necessary to be efficient and successful in security for both offensive and defensive teams. Furthermore, with the rapid pace of migration to cloud infrastructure, the need to interact with infrastructure through automation is more important than ever. PowerShell is the language and shell that drives automation across the Windows and Azure ecosystem. Sitting on top of the massive .NET class library, there is very little that can not be done in PowerShell. Today, PowerShell is relied upon by red teams, threat hunters, incident responders, penetration testers, criminals, and nation-state adversaries alike. Before robust detection capabilities were widely deployed, PowerShell was also the tool of choice for attackers to evade detection. Between the modern security features offered and the fact that most AV/EDR solutions have a PowerShell prevention/detection component, it is imperative that both red teamers and blue teamers understand the defensive landscape when building and using tools within the language.