SecurityBSides Trainings
Course Description
Adversary Tactics: Red Team Operations immerses participants in a single simulated enterprise environment, with multiple networks, hardened endpoints, modern defenses, and active network defenders responding to red team activities. We will focus on in-depth attacker tradecraft for post-initial access; breaking out of the beachhead, establishing resilient command and control (C2) infrastructure, gaining situational awareness through OPSEC-aware host and network enumerations, performing advanced lateral movement and sophisticated Active Directory escalation, gaining persistence (userland, elevated, and domain flavors), and performing advanced Kerberos attacks, data mining, and exfiltration. All while focusing on the importance of “offense-in-depth,” the ability to rapidly adapt to defensive mitigations and responses with a variety of offensive tactics and techniques.
Come learn to use some of the most well-known offensive tools from the authors themselves, including co-creators and developers of PowerView, PowerShell Empire, Covenant, Mythic, Rubeus, GhostPack, and BloodHound.
Prerequisite
- be able to read simple C++ code and simple scripts
- be familiar with writing basic scripts using python/ruby/…
- be ready to dive into a debugger and read asm for hours and hours and hours
- be ready to think out of the box and have a strong desire to learn
- be fluent with managing Windows / Linux operating system and with using vmware workstation/virtualbox
- be familiar with using Metasploit (msfconsole, msfvenom, meterpreter)