In-Depth Red Teaming: APT & Adversary Simulation
This is an on-demand full hands-on training that focuses on developing cyber weapons that can evade AV detection, EDR logs and forensics traces like how advanced targeted attacks do, and provide you with insights on how to improve your organization's overall detections and security posture
About this course
$1,280.00FREE- 70 lessons
- 1 hour of video content
HANDS-ON TRAINING
This is an on-demand full hands-on training that focuses on developing cyber weapons that can evade AV detection, EDR logs and forensics traces like how advanced targeted attacks do, and provide you with insights on how to improve your organization's overall detections and security posture
Top Takeaways From This Training
- This is a hands-on offensive training that focuses on helping organizations battle against ever-growing targeted attacks and ransomware attacks by simulating their adversaries and put your defenses and your blue team at test to improve the organization security posture.
- Simulate a real APT Attack given its TTPs and build their own malware to test their defenses (or clients' defenses) against completely new malware.
- Build their own Red Team infrastructure and secure it from being detected or blocked by the company's security team.
- Learn not just the techniques but how each technique works internally and how you can develop your own version of it.
Course curriculum
MODULE 00: Welcome & Intro
- Intro To The Training
- Training Prerequisites
MODULE 01: APT Attacks & Red Team Infrastructure on AWS
- Intro To APT Attacks
- Red Team Assessment Plan
- Build Your Red Team Infrastructure on AWS
- Installing Terraform
- Build Our Red Team Infrastructure on Terraform
- Labs & Slides
MODULE 02: Phishing & Social Engineering Mastery
- Step 01: Build Your Phishing Story
- Step 02: Register Your Smartly Chosen Domains
- Step 03: Craft Your First Phishing Campaign
- Step 04: Bypass 2FA With Evilginx2
- Labs & Slides
MODULE 03: Initial Access: Get your foot into the organization network
- Spearphishing With Malicious Files
- Spearphishing With Malicious Documents (Hands-on)
- Advanced VBA Macros Techniques (Hands-on)
- Simple Attack Payloads - Download and Execute
- Different Techniques of Initial Access
- Advanced Macros - COM Objects
- Advanced Macros - XSL Stylesheets
- Labs & Slides
MODULE 04: Write Your Own HTTP Malware
- C++ Programming Refresher - Memory & Variables
- C++ Programming Refresher - Conditional Jumps
- C++ Programming Refresher - Windows APIs
- Malware Development - Send a Request to C&C
- Malware Development - Encode Our Messages with Base64
- Malware Development - Send and Receive Messages
- Labs & Slides
MODULE 05: Implement a Plugin Framework in your Malware With Keylogger Plugin
- Malware Development - Execute C&C Commands
- Develop Your First Complete Malware
- Malware Plugin Framework - Load New Plugins Dynamically
- Malware Plugin Framework - Keylogger Plugin
- Labs & Slides
MODULE 06: Maintaining Persistence In-Depth (Advanced Techniques)
- Maintaining Persistence - Keep Your Malware Running after Restart
- Maintaining Persistence - Keep Your Malware Running after Restart Part 2
- Maintaining Persistence - Advanced Techniques.
- Maintaining Persistence (Hands-on)
- Labs & Slides
MODULE 07: Rooting: Privilege Escalation Techniques
- Privilege Escalation - UAC Bypass
- Advanced Privilege Escalation Techniques
- Privilege Escalation and UAC Bypass (Hands-on)
- Privilege Escalation Tools - PowerSploit (Hands-on)
- Labs & Slides
MODULE 08: Malware Obfuscation: Bypass File Signature Scanning
- Defense Evasion - Strings Encryption (Hands-on)
- Defense Evasion - API Obfuscation (Hands-on)
- Defense Evasion - Bypass Signature based Tool Through Blending In
- Labs & Slides
MODULE 09: Network Obfuscation: Bypass IDS, IPS, NDR and Machine learning based tools
- Defense Evasion - Encrypt Your Traffic
- Defense Evasion - Encrypt Your Traffic with RC4 (Hands-on)
- Defense Evasion - Encrypt Your Traffic with RC4 Part 2 (Hands-on)
- Defense Evasion - HTML Smuggling
- Defense Evasion - HTML Smuggling (Hands-on)
- Labs & Slides
MODULE 10: Bypass EDRs & Behavioral-Based Detection
- Sandbox Bypassing and Process Injection
- How EDR works, Intro To API Hooking
- Bypassing EDR Technologies
- Bypassing EDR Technologies (Hands-on)
- AMSI Bypass (VBA and Powershell Protections)
- Labs & Slides
MODULE 11: Impersonating Users: Credential Theft & Token Impersonalization
- Authentication, Authorization & Logon Type
- Stealing Credentials From lsass.exe
- Bypassing lsass Protections
- Token Impersonation
- Token Impersonation (Hands-on)
- Domain Controller NTDS.dit Credential Theft (Hands-on)
- Labs & Slides
MODULE 12: Hack the Domain COntroller Through Lateral Movements
- Active Directory Reconnaissance & Network Discovery
- Lateral Movement - NTLM Attacks & Kerberos Authentication
- Advanced Kerberos Attacks
- Labs & Slides
DOWNLOAD
- Free Download to users PRIV8
![Certified Exploit Development Professional [CEDP]](/data/resource_icons/0/128.jpg?1753658993){kind=icon}
