ＨｉｄｅＺｅｒｏＯｎｅ

One of the core disciplines of security is understanding how systems communicate over the Internet. This skill set is crucial to spotting abnormal behavior and attack patterns. In this class, we will go beyond the fundamentals of how IP communicates and dive into the subtle nuances. This will help the student identify anomalous patterns when they occur. Much of this class is spent focusing on the IP, ICMP, UDP, and TCP headers. We will step through each of the fields within each header to ensure that the student understands how the data within that field plays a role in communications. This knowledge is deepened by observing the behavior in packet decodes, some of which are normal traffic while some are common attacks.

Antisyphon: Getting Started in Packet Decoding w/ Chris Brenton

To conduct an advanced attack, you need more than just a collection of simple scripts. In addition to talent, you need a large amount of managed and unmanaged code. The more code and resources that are required to conduct an engagement, the more time we need. Time is something we don’t have a lot of on an engagement. Today, to be an advanced and effective attacker, you need to move fast, and that speed requires a move to a DevOps style of managing infrastructure and code. With cloud resources and APIs to manage these resources, the days of manual setup are long behind us.

Antisyphon: HackerOps w/ Ralph May

Modern Webapp Pentesting is unique in its approach to testing webapps. Too many courses are built around the assumption that a webapp pentester’s skills should grow along a straight line, starting with something like the OWASP Top Ten and culminating in something like Attacking Web Cryptography. Real webapps don’t follow that same path, and neither should real webapp pentesters. Attacking Web Sockets is not more difficult than attacking HTTP traffic, it’s just different. Web APIs are not something you’re qualified to test only after you’ve put your time in on traditional webapps … they’re just different. This course doesn’t worry about where a student falls on the imaginary scale of beginner to expert but instead focuses on finding and exploiting the kinds of issues found in real webapps today, based on the instructor’s many years of ongoing experience in testing … real webapps today.

Antisyphon: Modern WebApp Pentesting w/ BB King

Getting a foothold is the first step in a successful breach—be it in the form of user credentials, email access, or code execution on a target system. This course will provide students with the fundamental skills and know-how to perform the most common attacks used to get an initial foothold during a red team exercise. Since Microsoft products and services are the most widespread platform in use by organizations, Office 365 and Microsoft Windows will be the primary targets of student exercises. Core concepts will also be discussed so that students can apply the lessons learned to other platforms in the future.

Let’s make it short. You’re interested in Windows security, right? Otherwise you wouldn’t be here. You are either led by natural curiosity of security researcher or doing penetration testing professionally, or both. And maybe you need to get better understanding of how privilege escalation works in Microsoft environments. So here’s what’s in the course. It is indeed about escalating privileges in Windows. But it’s not only about getting SYSTEM, as there are other shades of that tactic. From the course you’ll learn about becoming another user, breaking out from Medium to High Integrity Level, or from High to System, and abusing privileges assigned to your access token to get more powers on the box. You will get access to a complete testing environment with many misconfigurations and vulnerable services plus code templates with full building toolchain. As we usually do in SEKTOR7 it’s a ready-to-use package prepared for any student who’s willing to take some time and experiment and learn new things. So if you’re still interested, get on board, relax and take a great journey through the world of Windows security. You’ll love it!

Syllabus

Intro and Setup

Credentials

Unsecured Objects

Execution Flow Hijacking

Getting SYSTEM

Assigments

RED TEAM Operator: Privilege Escalation in Windows Course

Real threat actors utilize various Tactics, Techniques and Procedures (aka TTPs). One of the tactic is Persistence – a way to survive a breached machine restart and preserve access to a target environment. There is a lot of focus on what methods adversaries use to exploit a particular vulnerability or how their C2 channels and infrastructure look like. Less often you find discussions about persistence. This course is aiming to change that. You will learn almost 30 different persistence techniques working on Windows 10. Most of them were used by nation-state threat actors, like EquationGroup, Turla, APT29, ProjectSauron or malware, including Flame or Stuxnet. As usual you will get not only full explanation of each technique with examples, but also a working code templates (written in C) and a complete development environment you can experiment with.

Syllabus

Intro and Setup

Low Privilege Persistence

Admin Level Persistence

Assignments

RED TEAM Operator: Windows Persistence Course