دوره Windows Internals Red Team Operator [CWI-RTO]

The Windows Internals Red Team Operator [CWI-RTO] lab offered by cyberwarfare.live is a comprehensive, hands-on learning environment designed to provide real-world experience in Microsoft Windows Internals. In this lab, you will unveil common Win32/NT APIs used by malwares and understand how malwares abuse internals from a user-mode perspective. You will perform various challenges/exercises to learn Windows Internals. You will also learn different kernel data structures (EPROCES, ETHREAD, KPCR etc.) through Windbg.

Syllabus

Learn about Interrupts and Exception

Object Security (Token, SID, etc)

Object and handles

Simulate Red Team Cycle in Endpoint

Process and thread internals

Portable Executable Basics

System Calls

Develop Malwares & Simulate Adversaries

Windows Internals Red Team Operator [CWI-RTO]