ＨｉｄｅＺｅｒｏＯｎｅ

In the Intro to Offensive Tooling class, you will learn about many of the tools used by attackers to identify vulnerabilities and exploit them. This hands-on course covers a variety of offensive tools, such as Nmap, Recon-ng, Metasploit, Proxychains, Responder, and many more. Through a series of practical labs, you will gain experience in using these tools to assess the security of systems and networks. In addition to learning how to use these tools effectively, you will also explore the ethical considerations surrounding offensive tooling, how to responsibly use these tools to protect sensitive information, and prevent cyber attacks. By the end of this course, you will have a strong foundation in offensive tooling and be well-equipped to apply your knowledge to a wide range of security challenges.

Antisyphon: Offensive Development w/ Greg Hatcher & John Stigerwalt

As penetration testers, we all have a need to establish command and control channels in our customer environments. This can be done under the guise of an “assumed compromise” context or in a more adversarial Red Team context. The age of endpoint detection and response (EDR) solutions and application whitelisting has created significant barriers to commodity/well known malware deployment for adversarial exercises. This class focuses on the demonstration of an Open Command Channel framework called “OpenC2RAT”, and then developing, enhancing, and deploying the “OpenC2RAT” command channel software into a target environment. Students will learn about the internal details of a command channel architecture and methods to deploy in an application-whitelisted context. The class will introduce students to blocks of code written in C#, GoLang, and Python to achieve these goals. In addition, the class will introduce some ideas to deploy existing shellcode such as Cobalt Strike Beacon or Meterpreter within a programmed wrapper to enhance success in the age of modern endpoint defense. Many of the techniques introduced in this class can be used to evade modern defensive technologies.

Antisyphon: Enterprise Attacker Emulation and C2 Implant Development w/ Joff Thyer

Many publications exist documenting ways to attack Wi-Fi networks. Still, the gap between old methods that have become obsolete and the current state and outdated tools can be frustrating for someone who wants to learn or even update his knowledge in this field. This course aims to learn the modern ways of assessing the security of Wi-Fi networks and how to apply these attacks against organizations during a Red Team engagement. Indeed, during this course, we will be able to start from the very beginning by talking about old, current, and new attacks and opportunities to allow attendees to fulfill their pentest or Red Team engagements in the future based on our recent experiences.

Syllabus

Introduction

Network introspection

Attacks and risks

Completion

Hackademy: Red Team Wi-Fi

Learn how to design, build and maintain your own C2 Framework codebase from scratch.  Build a RESTful API-driven Team Server, and a .NET Framework Implant with a variety of post-exploitation capabilities. Design and build Unit Tests to automatically test your code and prevent regression bugs.

Red Team Ops is an online, self-study course that teaches the basic principles, tools and techniques synonymous with red teaming. Students will first cover the core concepts of adversary simulation, command & control, engagement planning and reporting. They will then go through each stage of the attack lifecycle – from initial compromise to full domain takeover, data hunting and exfiltration.  Students will learn how common “OPSEC failures” can lead to detection by defenders, and how to carry out those attacks in a stealthier way. Finally, they will learn how to bypass defences such as Windows Defender, AMSI and AppLocker.