Upgrade your red team tradecraft with cutting-edge Tactics, Techniques, and Procedures (TTPs) used by attackers in real-world breaches. This course will teach participants how to infiltrate networks, gather intelligence, and covertly persist to simulate advanced adversaries. Participants will use the skillsets taught in this course to go up against incident response in a complex lab environment designed to mimic an enterprise network. You’ll learn to adapt and overcome active response operations through collaborative feedback as the course progresses.
Syllabus
- Day 1
- Introduction & Course Overview
- Lab and course range infrastructure
- Red Team Operations
- Attack Infrastructure
- Host Situational Awareness
- PowerShell Weaponization
- Privilege Escalation
- Day 2
- An Introduction to Hunting
- Credential Abuse
- AD Situational Awareness
- Payload Methodology
- Pivoting and Lateral Movement
- SQL Abuse
- Day 3
- OPSEC Considerations
- Domain Trusts
- Kerberos
- Golden Tickets
- Silver Tickets and Forged Ticket Detection
- Day 4
- Visualizing Attack Paths with BloodHound
- DPAPI
- Kerberos Delegation Abuse
- CTF and capstone conclusion
- Lab Debrief
- Defensive Debrief