Red Team Ops is an online, self-study course that teaches the basic principles, tools and techniques synonymous with red teaming. Students will first cover the core concepts of adversary simulation, command & control, engagement planning and reporting. They will then go through each stage of the attack lifecycle – from initial compromise to full domain takeover, data hunting and exfiltration. Students will learn how common “OPSEC failures” can lead to detection by defenders, and how to carry out those attacks in a stealthier way. Finally, they will learn how to bypass defences such as Windows Defender, AMSI and AppLocker.
Syllabus
- Getting Started
- Command & Control
- External Reconnaissance
- Initial Compromise
- Host Reconnaissance
- Host Persistence
- Host Privilege Escalation
- Host Persistence (Reprised)
- Credential Theft
- Password Cracking Tips & Tricks
- Domain Reconnaissance
- User Impersonation
- Lateral Movement
- Session Passing
- Pivoting
- Data Protection API
- Kerberos
- Active Directory Certificate Services
- Group Policy
- MS SQL Servers
- Microsoft Configuration Manager
- Domain Dominance
- Forest & Domain Trusts
- Local Administrator Password Solution
- Microsoft Defender Antivirus
- Application Whitelisting
- Data Hunting & Exfiltration
- Extending Cobalt Strike
- Exam Preparation
