NOTE: Some of the topics in this article are probably going to be a bit contentious, but part of the hope in publishing this article is to drive some additional discussion within the offensive security community Ransomware has become one of the most prevalent threats that companies face today. It [...]
Red teaming aims to stress an organization’s defensive posture and provides a snapshot of how they will perform against day-to-day threats. Modern enterprises leverage a Red Team exercise to identify areas of weakness within their organization. These types of exercises are only as good as the real-world threats they are designed to emulate. This is why careful planning is essential to any successful Red Team operation. This course will teach the process and methodology of planning and executing a Red Team engagement. Students will learn to ingest Open-Source Intelligence (OSINT) to replicate adversary Tactics, Techniques, and Procedures (TTPs) and provide effective feedback to Blue Teams.
Students will begin by analyzing a representative organization to identify core objectives for an engagement and negotiate Rules of Engagement (ROE). Next, they will construct tailored emulation plans to meet their customer objectives and build a secure cloud-based Red Team infrastructure for executing against the lab-hosted enterprise network. In addition to exploring TTPs most commonly employed by APTs, this course teaches the basics behind Red Team campaign planning, team coordination, and executing Command and Control (C2) implants utilized in coordinated multi-operator engagements.
check Understand how to develop and execute Red Team campaign plan
check Building secure Red Team infrastructure
check Understand how to exploit Windows attack surfaces
check Learn to conduct Open-Source (OSINT) and reconnaissance on a target
check How to perform an initial compromise of enterprise networks
check How to execute Host and Network Enumeration
check How to leverage and exploit system misconfigurations
check Understand how to leverage built-in system tools for lateral network communication
check Determine the network and host-based Indicators of Compromise (IOC)
check Effectively communicate assessment feedback to defenders
check Introduction to Red Teaming
check Attack Frameworks and Methodologies
check Windows Attack Surfaces
check Overview of Post Exploitation Frameworks
check Red Team Campaign Planning
check Open Source Intelligence (OSINT) & Reconnaissance
check Establishing and Building Secure Red Team Infrastructure
check Initial Compromise and Access
check Maintaining Access and Network Persistence
check Host and Network Enumeration
check Privilege Escalation Methods
check Lateral Movements and Pivots
check Indicators of Compromise (IOC)
check Effective Defender Feedback and Report Generation
