“Red Teaming: Zero to Hero for Covert Entry” D. Probinsky, H. Flefel – 2 Day training
“Red Teaming: Zero to Hero for Covert Entry” takes you on an exhilarating journey through the intricacies of commercial defense systems. Starting from the basics of locks, doors, and digital access, you’ll dissect their vulnerabilities and learn how to exploit them strategically.
Imagine being in the shoes of an infiltrator – you’ll explore bypass techniques that navigate through interconnected security layers, honing your adversarial mindset. With hands-on lock-picking and targeted bypass challenges, you’ll crack the code of fundamental security mechanisms, setting the stage for more complex scenarios and immerse yourself in sophisticated environments.
The course includes multiple hands-on exercises, enabling participants to gain practical experience in bypassing controls through lock picking and targeted bypass maneuvers tailored to specific lock types. This tactile familiarity enhances the understanding of core security mechanisms, paving the way for an in-depth comprehension of complex systems and solutions, both from offensive and defensive standpoints. Throughout, an approach that treats each control as a puzzle encourages students to adopt an attacker’s perspective.
From acquiring hands-on lockpicking and bypassing skills to crafting and deploying rogue devices, students will navigate the intricate world of physical security. Exploring the realm of WiFi hacking, they’ll uncover vulnerabilities and learn to infiltrate wireless networks. Building on this foundation, the training delves into the psychology of social engineering and equips students with strategies to manipulate human behavior effectively. With an emphasis on practical application, attendees will also gain insights into building a Command and Control server, enabling them to orchestrate and manage sophisticated attacks with rogue devices.
Progressing through the course, additional security vulnerabilities are unveiled alongside the introduction of more intricate scenarios. Culminating in a comprehensive audit process, the curriculum covers the utilization of diverse information sources to strategize an attack, capitalize on specific controls, and place these concepts within the context of physical red teaming or penetration testing.
Upon completion of the course, students will possess a robust arsenal of technical skills designed to fortify personal assets and bolster commercial security. The curriculum empowers graduates with expertise encompassing:
- Advanced mastery of diverse physical security systems and controls.
- Proficiency in identifying and exploiting potential physical vulnerabilities.
- Tactical execution of lockpicking and lock bypassing techniques.
- Strategic planning of audits and penetration testing strategies.
- Aptitude in crafting and deploying rogue devices for covert access.
- Building a Command and Control server for remote access to rogue devices
- Skillful manipulation of RFID and Access Control systems.
- Application of Social Engineering tactics to infiltrate targeted environments.
- Expertise in infiltrating WiFi networks for covert entry.
- In-depth comprehension of responsible hacking practices and ethical considerations.
- Adeptness in physical red teaming exercises, showcasing a comprehensive skill set.
Student Skill Level Requirement: Intermediate
Prospective participants are expected to meet the following skill prerequisites:
- A foundational grasp of networking fundamentals, protocols and ports.
- A foundational grasp of Command & Controls
- Familiarity with various operating systems, both Windows and Linux.
- Basic knowledge of hacking methodologies and concepts.
- Proficiency in problem-solving and critical thinking, with a knack for analytical reasoning.
- An intrinsic curiosity to delve into the intricate realm of physical security.
- A commitment to responsible and ethical hacking practices.
- Capable of executing basic hacking techniques.
- Ability to adapt and learn in a fast-paced, evolving environment.
- Hand-Eye coordination skills for manipulating small tools, such as lockpicking instruments.
- Enthusiasm for continuous learning and pushing technical boundaries.
- A foundational understanding of wireless networking protocols (e.g., Wi-Fi, WPA, WPA2)
- Readiness for Command Line Usage
Requirements for students to bring to the Training:
No prerequisites are required other than a laptop. Students can bring their own tools and gear.
Henry Flefel has over a decade of official experience accumulating and sharing knowledge about virtual and physical security focusing on information technology. He works as the Red Team Lead for a consulting firm, helping a wide range of clients on efficacy of security controls and their implementation. He has provided training and talks to non-technical crowds, in-training and experienced alike, in both English and Spanish (e.g.: CELAES, Panama & The Florida Bar, USA). He has obtained certifications like Security+ as well as co-authoring the Official CompTIA Pentest+ Study Guide for its penetration testing certification.
David Probinsky is a highly skilled professional who specializes in the art of surreptitiously entering all sorts of places, from digital networks to physical premises, in order to find vulnerabilities and loopholes that could be exploited by malicious actors.