برچسب: Pentest

As penetration testers, we all have a need to establish command and control channels in our customer environments. This can be done under the guise of an “assumed compromise” context or in a more adversarial Red Team context. The age of endpoint detection and response (EDR) solutions and application whitelisting has created significant barriers to commodity/well known malware deployment for adversarial exercises. This class focuses on the demonstration of an Open Command Channel framework called “OpenC2RAT”, and then developing, enhancing, and deploying the “OpenC2RAT” command channel software into a target environment. Students will learn about the internal details of a command channel architecture and methods to deploy in an application-whitelisted context. The class will introduce students to blocks of code written in C#, GoLang, and Python to achieve these goals. In addition, the class will introduce some ideas to deploy existing shellcode such as Cobalt Strike Beacon or Meterpreter within a programmed wrapper to enhance success in the age of modern endpoint defense. Many of the techniques introduced in this class can be used to evade modern defensive technologies.

Antisyphon: Enterprise Attacker Emulation and C2 Implant Development w/ Joff Thyer

ادامه مطلب

Many publications exist documenting ways to attack Wi-Fi networks. Still, the gap between old methods that have become obsolete and the current state and outdated tools can be frustrating for someone who wants to learn or even update his knowledge in this field. This course aims to learn the modern ways of assessing the security of Wi-Fi networks and how to apply these attacks against organizations during a Red Team engagement. Indeed, during this course, we will be able to start from the very beginning by talking about old, current, and new attacks and opportunities to allow attendees to fulfill their pentest or Red Team engagements in the future based on our recent experiences.

Syllabus

Introduction

Network introspection

Attacks and risks

Completion

Hackademy: Red Team Wi-Fi

ادامه مطلب

Learn how to design, build and maintain your own C2 Framework codebase from scratch.  Build a RESTful API-driven Team Server, and a .NET Framework Implant with a variety of post-exploitation capabilities. Design and build Unit Tests to automatically test your code and prevent regression bugs.

Syllabes

Getting Started
Team Server
Agent
Testing
Final Code

C2 Development in C Sharp

ادامه مطلب

Red Team Ops is an online, self-study course that teaches the basic principles, tools and techniques synonymous with red teaming. Students will first cover the core concepts of adversary simulation, command & control, engagement planning and reporting. They will then go through each stage of the attack lifecycle – from initial compromise to full domain takeover, data hunting and exfiltration.  Students will learn how common “OPSEC failures” can lead to detection by defenders, and how to carry out those attacks in a stealthier way. Finally, they will learn how to bypass defences such as Windows Defender, AMSI and AppLocker.

Syllabus

Getting Started
Command & Control
External Reconnaissance
Initial Compromise
Host Reconnaissance
Host Persistence
Host Privilege Escalation
Host Persistence (Reprised)
Credential Theft
Password Cracking Tips & Tricks
Domain Reconnaissance
User Impersonation
Lateral Movement
Session Passing
Pivoting
Data Protection API
Kerberos
Active Directory Certificate Services
Group Policy
MS SQL Servers
Microsoft Configuration Manager
Domain Dominance
Forest & Domain Trusts
Local Administrator Password Solution
Microsoft Defender Antivirus
Application Whitelisting
Data Hunting & Exfiltration
Extending Cobalt Strike
Exam Preparation

Zero Point Security: Red Team Ops

ادامه مطلب

The RedTeam Blueprint course from RedTeam Nation is a very special course for people who want to start Red Team, APT or penetration testing. This course also teaches the basic topics related to hacking and security in the operating system as well as the network, and is completely suitable for people who do not have any background. Partners of this institute are SANS, Offensive Security and Microsoft.

ادامه مطلب

The Intrusion Operations course from FortyNorth Institute is the advanced training of Red Team operations. FortyNorth Institute has focused all its attention on the development of Red Team courses, and the courses of this institute have a high level of technical content. In this course, you will start your work exactly like a hacker who is targeting an organization, and this process will continue until you gain access and enter the organization’s network. In this course, you will write malicious and customized viruses to bypass antivirus and other defense technologies of the organization’s network (Evasion), use of whitelists to bypass restrictions, advanced penetration testing of the target organization for final access.

Syllabus

  1. Introduction
  2. Command and Control Options
  3. Malleable Profiles
  4. Command and Control Configuration
  5. Aggressor Scripting
  6. OSINT
  7. Active Recon
  8. Phishing
  9. Application Whitelisting
  10. Antivirus Evasion
  11. EDR Evasion Overview
  12. Persistence
  13. Initial Access, Recon, and Lateral Movement
  14. Attacking the Cloud
  15. Finalizing the Assessment

FortyNorth – Intrusion Operations 

ادامه مطلب