ＨｉｄｅＺｅｒｏＯｎｅ

This intermediate-level, 3-day-long intensive course dives deep into Modern Initial Access and Evasion tactics, which were effective on numerous engagements delivered in tightly monitored environments. The author will share his insights regarding strategies that made his malware accomplish engagement objectives, side by side with aggressively configured AVs & EDRs. Designing modern Red Team malware carriers smuggled in scripts, executables, and HTML websites are only some areas the course focuses on. We will explore numerous technical concepts and file formats. Craft advanced malicious Office documents, shellcode loaders, smuggling payloads, and other infected scripts that will help us reach target systems effectively. By applying modern AV & EDR evasion techniques into custom-crafted Red Team weaponry, capable teams will be equipped with the knowledge to succeed during adversary simulations even in the rapidly changing threat surface landscape. This course focuses on that – telling effective techniques apart from ones that no longer work.

The Initial Access Operations course from FortyNorth Institute is an advanced training for hacking and gaining access in the style of the Red Team. FortyNorth Institute has focused all its attention on the development of Red Team courses, and the courses of this institute have a high level of technical content. One of the most important stages and goals of the red team is initial access to the environment of the target organization. In this course, you will learn how to use a wide range of attacks such as phishing attacks, creating customized and personal viruses, stealing passwords, executing code by Meterpreter or Cobalt Strike, process injection, etc. Access the target organization’s network and environment.

Syllabus

1. Introduction
2. Development Environment and Goals
3. Credential Harvesting
4. Weaponized Word Documents
5. Code Execution (Part 1)
6. Code Execution (Part 2)
7. Code Protections

FortyNorth – Initial Access Operations

This course is designed to teach the skills required to find and exploit vulnerabilities in real world iOS applications. The training includes exploits and vulnerabilities discovered on several penetration tests or in bug bounty programs. The target mobile apps used in this training are a state of art training apps.

Syllabus

Introduction to the Course

Training Presentation

Revisiting iOS Application Security – v.2023

Enciphers: iOS Application Security

The Certified Red Team Analyst [CCRTA] course from the cyberwarfare institute is a Red Team-style hacking and security training for beginners. This is a hands-on training course specifically designed for beginners interested in Red Teaming operations.

Syllabus

Introduction to Red Teaming

Red Team Lab setup

External Offensive Operations

Internal Offensive Operations

CWL: Red Team Analyst [CRTA]

The Certified Enterprise Security Controls Attack Specialist [CESC-AS] course from the cyberwarfare institute is a Red Team-style hacking and security training at the level of organizations and companies. This is a hands-on training course specifically designed for people interested in high-level, organized Red Teaming operations.

Syllabus

Hands-on of Enterprise Security Controls

Implementation of Security Controls

Offensive C# Tradecraft

Abusing Windows API

Abusing/Evading Host & Network based security controls

CWL: Enterprise Security Controls Attack Specialist

In this CSP course, you will apply all the knowledge and skills taught in the CSL course to crack real software.  Real software are commercial proprietary software.  We are doing this for educational purposes and not to harm software developers. This skill and knowledge benefits developers in that they are better able to secure their software. The concept is similar to ethical hacking – the only way to defend against hackers is to know how hackers break in. Similarly, for software security. The best way to improve software security is to learn how software is being cracked.