Join SpecterOps in Las Vegas to Learn How to Stay Ahead of Targeted Attacks

Dig into Active Directory! This course will help you roll up your sleeves and get hands-on with Active Directory, enabling participants to gather answers directly when questions surrounding their organization’s AD architecture arise in the future. Learn Active Directory components and not only how they work together but also how they can work against your organization’s security posture.

Register Now

Dig into Active Directory! This course will help you roll up your sleeves and get hands-on with Active Directory, enabling participants to gather answers directly when questions surrounding their organization’s AD architecture arise in the future. Learn Active Directory components and not only how they work together but also how they can work against your organization’s security posture.

Register Now

In Adversary Tactics: Vulnerability Research for Operators, you will learn an operator-focused approach to find the vulnerabilities needed to escalate privileges, execute arbitrary code, or facilitate lateral movement in Windows environments. We will give you the methodology and identify tools to find these weaknesses during active operations, when costly lead time and dedicated lab environments are unavailable. This course covers the vulnerability classes that SpecterOps routinely finds on engagements and dives into their root causes, identification techniques, and exploitation methods. Finally, you will learn to make each vulnerability operational with hands-on exercises designed for various experience levels (from beginner to advanced). You don’t need to be an exploitation wizard to achieve success as a red team operator, but you will find the ability to quickly triage and operationalize concepts presented will increase your effectiveness when operating in mature environments.

Register Now

In Adversary Tactics: Vulnerability Research for Operators, you will learn an operator-focused approach to find the vulnerabilities needed to escalate privileges, execute arbitrary code, or facilitate lateral movement in Windows environments. We will give you the methodology and identify tools to find these weaknesses during active operations, when costly lead time and dedicated lab environments are unavailable. This course covers the vulnerability classes that SpecterOps routinely finds on engagements and dives into their root causes, identification techniques, and exploitation methods. Finally, you will learn to make each vulnerability operational with hands-on exercises designed for various experience levels (from beginner to advanced). You don’t need to be an exploitation wizard to achieve success as a red team operator, but you will find the ability to quickly triage and operationalize concepts presented will increase your effectiveness when operating in mature environments.

Register Now

The Adversary Tactics: macOS Tradecraft course drops you into a modern macOS hybrid environment which mimics what SpecterOps operators encounter in real world red team exercises. Students will focus on macOS payloads for initial access, crafting custom techniques on the fly via JXA and Objective C, identifying persistence and privilege escalation opportunities, stealing credentials, and avoiding common EDR detections via XPC services and native APIs. The course aims to teach students about the consequences of their actions and the details behind their techniques rather than just how to run common tooling.

Register Now

In Adversary Tactics: Tradecraft Analysis, we will present and apply a general tradecraft analysis methodology for offensive TTPs, focused on Windows components. We will discuss Windows attack techniques and learn to deconstruct how they work underneath the hood. For various techniques, we will identify the layers of telemetry sources and learn to understand potential detection choke points. Finally, the course will culminate with students creating their own technique evasion and detection strategy. You will be able to use the knowledge gained to both use your telemetry to create robust detection coverage across your organization, and truly assess the efficacy of that coverage.

Register Now

This course builds on standard network defense and incident response (which often focuses on alerting for known malware signatures) by focusing on abnormal behaviors and the use of adversary Tactics, Techniques, and Procedures (TTPs). We will teach you how to engineer detections based on attacker TTPs to perform threat hunting operations and detect attacker activity. In addition, you will learn use utilize free and/or open source data collection and analysis tools (such as Sysmon, Windows Event Logs, and ELK) to analyze large amounts of host information and build detections for malicious activity. You will use the techniques and toolsets you learn to create threat hunting hypotheses and build robust detections in a simulated enterprise network undergoing active compromise from various types of threat actors.

Register Now

This intense course immerses students in a single simulated enterprise environment, with multiple networks, hardened endpoints, modern defenses, and active network defenders responding to red team activities. We will focus on in-depth attacker tradecraft post-initial access; braking out of the beachhead, establishing resilient command and control (C2) infrastructure, gain situational awareness through opsec aware host and network enumerations, perform advanced lateral movement and sophisticated Active Directory escalation, gain persistence (userland, elevated, and domain flavors), and perform advanced Kerberos attacks, data mining, and exfiltration.

Register Now