Description: This red team class will cover various topics such as reconnaissance, initial access, post- exploitation, and more. However, the sheer volume of material covered in each step stymies a student’s ability to dive deeply into any particular topic. We’re changing that narrative with a course dedicated to Initial Access Operations. Initial Access Operations is designed to immerse you in multiple techniques that attackers (and red teams) use to gain initial access into a targeted environment.We’ll look at credential harvesting techniques attackers commonly use when enticing victims to authenticate into a malicious (web) application. Additionally, we’ll learn about browser-based attacks, which can provide unique opportunities for attackers to remain largely in memory. We’ll cover a large number of shellcode injection techniques that attackers use to get their code running in memory. Finally, we’ll discuss different ways to protect malicious code by only allowing it to run on the specific system(s) you are targeting.By the end of this course, you will be proficient in employing various methods of compromising targets and building your own malware.
Minimum Course Requirements & Prerequisites:
-
- You’ll need to bring a laptop that can connect to a wired or wireless internet connection.
- This course is very hands-on from a coding perspective. We will be talking basic HTML and web programming, but a large amount of C#/.NET and Windows API. We highly recommend that to get the most out of this course; you should have some coding experience.
- Target Audience: This course is an excellent fit for offensive security professionals (pen testers, red teamers, etc.) interested in learning how to write effective malware that can help provide initial access for your assessments. Blue teamers looking to learn about various types of malware they may encounter on the job, and want to understand how it works under-the-hood, would also be an excellent fit for this course.
- Trainer Biographies:
- Christopher Truncer (@ChrisTruncer) is a co-founder and Offensive Security Lead with
FortyNorth Security. He is a co-founder and current developer of the Veil-Framework, a
project aimed to bridge the gap between advanced red team and penetration testing
toolsets, EyeWitness, WMImplant, EDD, and many other tools. Chris began developing tools
that are not only designed for the offensive community but can also enhance the defensive
community’s ability to defend their network. - Victor Suarez (@Gr1mmie) is an Offensive Security Engineer on FortyNorth Security’s
offensive security and research team. He is an open source developer whose written
tooling encompassing various aspects of a penetration test and red team operation
including situational awareness and persistence. Victor is involved not only with offensive
operations, but also detection engineering and threat hunting in an effort to better advise
defenders.
- Christopher Truncer (@ChrisTruncer) is a co-founder and Offensive Security Lead with