برچسب: Red Team

The course introduces students to exploit development in MIPS processor architecture. Exploit development on MIPS processor hasn’t seen the attention that other architectures such as x86 and ARM got. With the growing IoT devices, we have been seeing many embedded devices with MIPS architecture alongside ARM. Exploit development is getting harder and harder with exploit mitigation techniques in place. But, the good news is that it is not impossible to write working exploits as exploit mitigation techniques do not fix the underlying problem in the vulnerable source code. This practical training starts with the basics of MIPS Architecture and slowly moves towards writing own shell code and creating working exploits using Return Oriented Programming for a given target binary. To give a sense of real exploitation, real world examples will be discussed with proof of concept exploits. By the end of this training, students will be able to write Memory corruption exploits for MIPS architecture, understand how Return Oriented Programming can be used in MIPS for modern day exploit development and bypass some of the most common exploit mitigation techniques such as ASLR.

دانلود دوره

MITRE ATT&CK® is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community. Further details on the MITRE ATT&CK® framework can be found at https://attack.mitre.org/ Our red team operations tooling courses map to the MITRE ATT&CK® matrix tactics, techniques, and procedures. Each course focuses on the use of a specific industry-standard, generally open source, tool to carry out adversary emulation. Knowing what a tool is and how it can perform a specific task, will ultimately lend to your ability as an organization or an individual to detect and defend against specific attack vectors.

دانلود دوره

This intense course covers the skills required to conduct a simulation of a sophisticated adversary, including the latest tradecraft and offensive tactics. During the training you will gain insight in to planning and conducting a red team operation including all the steps required to perform efficient opensource intelligence, design and automate the deployment of operational infrastructure, gain initial access and perform post-exploitation and lateral movement. You will learn how to bypass defensive controls including anti-virus, EDR, AMSI and application whitelisting that will leave you equipped to target even the most mature environments.

دانلود دوره

The Red Team & Operational Security course is designed to help the candidates build the capabilities to simulate a modern adversary. This course will take you through the different stages of an Attacker killchain. You will initially learn to build your own Attack Infrastructure Setup in AWS, Azure or GCP using various Open Source and Commercial Command & Control Systems. After configuring the C2, you will learn to hide your C2 with Domain fronting and Redirectors and modifying the C2 Artefacts such as hiding your stage artefacts and identifying Cloud based Sandboxes and learn to build different types of initial access implants in Word, Excel, HTA and MSI using Open Source Tools and building some part of the code in-house in order to avoid EDR and Network-based Detections.

After gaining the initial access, you will be given access to Active Directory Domain Enviornment Lab on the cloud where you will first execute your initial access implant and gain access to a host. From thereon, you will perform different types of local and Active Directory enumeration to further escalate your privileges to an Enterprise Administrator. These attacks will use but not limited to understanding the Active Directory environment, Kerberos, domain enumeration with open source tools, Brute Ratel post exploitation toolkit and LDAP Queries, exploiting domain service misconfigurations such as unconstrained and constrainged delegations, certificate abuse and more.

دانلود دوره

SEC564 course is designed to immerse students in the tactics, techniques, and procedures (TTPs) used by modern adversaries. By understanding the mindset and strategies of attackers, participants will learn how to conduct sophisticated penetration tests, simulate real-world attacks, and assess the security posture of organizations from a threat actor’s perspective. This course covers advanced topics in threat emulation, including attack simulations, red team engagements, and developing countermeasures to thwart malicious activities. By the end of the course, students will be adept at identifying vulnerabilities, exploiting weaknesses, and enhancing overall security resilience.
دانلود دوره

So you popped a shell, now what? Windows Post Exploitation focuses on four major components of any adversary simulation or red team exercise: enumeration, persistence, privilege escalation, and lateral movement. Each of these steps will be covered in detail with hands-on labs in a custom Active Directory environment. In addition, students will learn several modern techniques to minimize opportunities for detection. This course goes beyond teaching popular tactics, techniques, and procedures. Instead, students will learn how to covertly gather and leverage information about a target environment to achieve their objectives efficiently. A review of each post-ex capability will include discussion on the OPSEC implications and publicly documented detection recommendations. Open-source SIEM rules from Sigma and Elastic will be used as a starting point for avoiding alert generation. No technique is undetectable; the key is understanding an environment’s detection capabilities and choosing the best course of action.

Antisyphon: Windows Post Exploitation w/ Kyle Avery

دانلود دوره