In today’s secured environments, it is almost impossible for Red-Blue Teams to emulate modern adversarial tactics, techniques and procedures using publicly available 3rd party pentesting products. Powerful adversaries typically develop custom code to ensure stealth and undetectability for as long as possible. This course uses a recipe approach to teach Red-Blue teams to do exactly this. In this module, we will specifically look at different techniques to query Process Listing using a variety of Windows APIs. We will also go in-depth into Windows Tokens, different fields and how to get this programmatically. Finally, we will understand how to read-write process memory.
The age of intelligent machines is here! We are now seeing Machine Learning disrupting every technological field including computer security. As more and more security products use Machine Learning, it is important as Pentesters and Security Researchers to understand how to make and break this technology!