Adversary Tactics: Red Team Operations 2025

Adversary Tactics: Red Team Operations​

Learn to Be Your Organization’s Own Worst Enemy​

Organizations rely on red team operations to exercise their cyber security defensive capabilities and continually hone and strengthen security posture. As defenses evolve, however, it can be tough for red teams to stay ahead and provide that much-needed adversary training for blue teams to practice against. What’s a red teamer to do? How can one keep up with the near-daily changing industry? Adversary Tactics: Red Team Operations training courses help close that gap for red teamers, providing practical tradecraft for operators to use on their next test and guidance for how to maintain that edge over time.

Red Team Operations​

Upgrade your red team tradecraft with cutting-edge adversary Tactics, Techniques, and Procedures (TTPs) used by attackers in real-world breaches. This red team training course will teach participants how to infiltrate networks, gather intelligence, and covertly persist to simulate advanced adversaries. Participants will use the skillsets taught in this training course to go up against incident response in a complex lab environment designed to mimic an enterprise network. As a Red Team Operator, you’ll learn to adapt and overcome active response operations through collaborative feedback as the course progresses.

Day 1​

• Red Teams Introduction & Course Overview
• Lab and course range infrastructure
• Red Team Operations
• Attack Infrastructure
• Host Situational Awareness
• PowerShell Weaponization
• Privilege Escalation

Day 2​

• Red Teams Introduction to Hunting
• Credential Abuse
• AD Situational Awareness
• Payload Methodology
• Pivoting and Lateral Movement
• SQL Abuse

Day 3​

• OPSEC Considerations for Red Teams
• Domain Trusts
• Kerberos
• Golden Tickets
• Silver Tickets and Forged Ticket Detection

Day 4​

• Visualizing Adversary Attack Paths with BloodHound
• DPAPI
• Kerberos Delegation Abuse
• CTF and capstone conclusion
• Lab Debrief
• Defensive Debrief

Overview: Red Team Operations​

Adversary Tactics: Red Team Operations training immerses participants in a single simulated enterprise environment, with multiple networks, hardened endpoints, modern defenses, and active network defenders responding to red team activities. In these Red Team training courses, we will focus on in-depth attacker tradecraft for post-initial access; breaking out of the beachhead, establishing resilient command and control (C2) infrastructure, gaining situational awareness through OPSEC-aware host and network enumerations, performing advanced lateral movement and sophisticated Active Directory escalation, gaining persistence (userland, elevated, and domain flavors), and performing advanced Kerberos attacks, data mining, and exfiltration. All while focusing on the importance of “offense-in-depth,” the ability to rapidly adapt to defensive mitigations and responses with a variety of offensive tactics and techniques.

Come learn to use some of the most well-known offensive tools in cyber security from the authors themselves, including co-creators and developers of PowerView, PowerShell Empire, Covenant, Mythic, Rubeus, GhostPack, and BloodHound.

---

---