برچسب: Red Team

As penetration testers, we all have a need to establish command and control channels in our customer environments. This can be done under the guise of an “assumed compromise” context or in a more adversarial Red Team context. The age of endpoint detection and response (EDR) solutions and application whitelisting has created significant barriers to commodity/well known malware deployment for adversarial exercises. This class focuses on the demonstration of an Open Command Channel framework called “OpenC2RAT”, and then developing, enhancing, and deploying the “OpenC2RAT” command channel software into a target environment. Students will learn about the internal details of a command channel architecture and methods to deploy in an application-whitelisted context. The class will introduce students to blocks of code written in C#, GoLang, and Python to achieve these goals. In addition, the class will introduce some ideas to deploy existing shellcode such as Cobalt Strike Beacon or Meterpreter within a programmed wrapper to enhance success in the age of modern endpoint defense. Many of the techniques introduced in this class can be used to evade modern defensive technologies.

Antisyphon: Enterprise Attacker Emulation and C2 Implant Development w/ Joff Thyer

ادامه مطلب

This is an advanced course that focuses on setting up secure and resilient C2 infrastructure using Azure/AWS, creating custom Cobalt Strike profiles, hunting for Active Directory Certificate Services misconfigurations in mature enterprise environments. Learn current post-exploitation techniques that White Knight Labs (WKL) has used during real-life engagements to dump credentials, move laterally, escalate to Domain Admin, and capture the client’s crown jewels. We will cover EDR bypass briefly, but AV/EDR bypass will be assumed knowledge for this course. Although this course is designed to be a deep dive into hunting for ADCS misconfigurations and setting up C2 infrastructure, an apex attacker must also know their own indicators of compromise (IOCs) they’re creating and the artifacts they’re leaving behind. On the second day, students will be led through a real-life red team operation.

Syllabus

Day 1: Red Team Fundamentals
  • Cobalt Strike/Guacamole walkthrough
  • Terraform for infrastructure automation
  • Redirectors and CDNs
  • Custom malleable C2 profile
  • Protecting your C2 server (mod rewrite and proxy pass)
  • Touch and go AV/EDR Bypasses
Day 2: Red Team Operation Attack Paths
  • Advanced payload creation
  • Windows lateral movement
    • SOCKS proxies
    • Service controller
    • WMI
    • COM/DCOM
  • Abusing AD misconfigurations via C2 channels (ADCS)
  • Advanced credential dumping techniques
  • SQL misconfigurations for lateral movement and code execution

Antisyphon: Advanced Red Team Operations

ادامه مطلب

Learn how to design, build and maintain your own C2 Framework codebase from scratch.  Build a RESTful API-driven Team Server, and a .NET Framework Implant with a variety of post-exploitation capabilities. Design and build Unit Tests to automatically test your code and prevent regression bugs.

Syllabes

Getting Started
Team Server
Agent
Testing
Final Code

C2 Development in C Sharp

ادامه مطلب

Red Team Ops is an online, self-study course that teaches the basic principles, tools and techniques synonymous with red teaming. Students will first cover the core concepts of adversary simulation, command & control, engagement planning and reporting. They will then go through each stage of the attack lifecycle – from initial compromise to full domain takeover, data hunting and exfiltration.  Students will learn how common “OPSEC failures” can lead to detection by defenders, and how to carry out those attacks in a stealthier way. Finally, they will learn how to bypass defences such as Windows Defender, AMSI and AppLocker.

Syllabus

Getting Started
Command & Control
External Reconnaissance
Initial Compromise
Host Reconnaissance
Host Persistence
Host Privilege Escalation
Host Persistence (Reprised)
Credential Theft
Password Cracking Tips & Tricks
Domain Reconnaissance
User Impersonation
Lateral Movement
Session Passing
Pivoting
Data Protection API
Kerberos
Active Directory Certificate Services
Group Policy
MS SQL Servers
Microsoft Configuration Manager
Domain Dominance
Forest & Domain Trusts
Local Administrator Password Solution
Microsoft Defender Antivirus
Application Whitelisting
Data Hunting & Exfiltration
Extending Cobalt Strike
Exam Preparation

Zero Point Security: Red Team Ops

ادامه مطلب

The Certified Red Team Analyst [CCRTA] course from the cyberwarfare institute is a Red Team-style hacking and security training for beginners. This is a hands-on training course specifically designed for beginners interested in Red Teaming operations.

Syllabus

Introduction to Red Teaming

Red Team Lab setup

External Offensive Operations

Internal Offensive Operations

CWL: Red Team Analyst [CRTA]

ادامه مطلب

This is an on-demand full hands-on training that focuses on developing cyber weapons that can evade AV detection, EDR logs and forensics traces like how advanced targeted attacks do, and provide you with insights on how to improve your organization’s overall detections and security posture

Syllabus

MODULE 00: Welcome & Intro

MODULE 01: APT Attacks & Red Team Infrastructure on AWS

MODULE 02: Phishing & Social Engineering Mastery

MODULE 03: Initial Access: Get your foot into the organization network

MODULE 04: Write Your Own HTTP Malware

MODULE 05: Implement a Plugin Framework in your Malware With Keylogger Plugin

In-Depth Red Teaming: APT & Adversary Simulation

ادامه مطلب