The Windows Internals Red Team Operator [CWI-RTO] lab offered by cyberwarfare.live is a comprehensive, hands-on learning environment designed to provide real-world experience in Microsoft Windows Internals. In this lab, you will unveil common Win32/NT APIs used by malwares and understand how malwares abuse internals from a user-mode perspective. You will perform various challenges/exercises to learn Windows Internals. You will also learn different kernel data structures (EPROCES, ETHREAD, KPCR etc.) through Windbg.
Syllabus
Learn about Interrupts and Exception
Object Security (Token, SID, etc)
Object and handles
Simulate Red Team Cycle in Endpoint
Process and thread internals
Portable Executable Basics
System Calls
Develop Malwares & Simulate Adversaries
نظرات کاربران
Comments: 0