introduction
Learn to Be Your Organization’s Own Worst Enemy
Organizations rely on red team operations to exercise their cyber security defensive capabilities and continually hone and strengthen security posture. As defenses evolve, however, it can be tough for red teams to stay ahead and provide that much-needed adversary training for blue teams to practice against. What’s a red teamer to do? How can one keep up with the near-daily changing industry? Adversary Tactics: Red Team Operations training courses help close that gap for red teamers, providing practical tradecraft for operators to use on their next test and guidance for how to maintain that edge over time.
training course summary
Red Team Operations
Upgrade your red team tradecraft with cutting-edge adversary Tactics, Techniques, and Procedures (TTPs) used by attackers in real-world breaches. This red team training course will teach participants how to infiltrate networks, gather intelligence, and covertly persist to simulate advanced adversaries. Participants will use the skillsets taught in this training course to go up against incident response in a complex lab environment designed to mimic an enterprise network. As a Red Team Operator, you’ll learn to adapt and overcome active response operations through collaborative feedback as the course progresses.
Day 1
- Red Teams Introduction & Course Overview
- Lab and course range infrastructure
- Red Team Operations
- Attack Infrastructure
- Host Situational Awareness
- PowerShell Weaponization
- Privilege Escalation
Day 2
- Red Teams Introduction to Hunting
- Credential Abuse
- AD Situational Awareness
- Payload Methodology
- Pivoting and Lateral Movement
- SQL Abuse
Day 3
- OPSEC Considerations for Red Teams
- Domain Trusts
- Kerberos
- Golden Tickets
- Silver Tickets and Forged Ticket Detection
Day 4
- Visualizing Adversary Attack Paths with BloodHound
- DPAPI
- Kerberos Delegation Abuse
- CTF and capstone conclusion
- Lab Debrief
- Defensive Debrief
Overview: Red Team Operations
Adversary Tactics: Red Team Operations training immerses participants in a single simulated enterprise environment, with multiple networks, hardened endpoints, modern defenses, and active network defenders responding to red team activities. In these Red Team training courses, we will focus on in-depth attacker tradecraft for post-initial access; breaking out of the beachhead, establishing resilient command and control (C2) infrastructure, gaining situational awareness through OPSEC-aware host and network enumerations, performing advanced lateral movement and sophisticated Active Directory escalation, gaining persistence (userland, elevated, and domain flavors), and performing advanced Kerberos attacks, data mining, and exfiltration. All while focusing on the importance of “offense-in-depth,” the ability to rapidly adapt to defensive mitigations and responses with a variety of offensive tactics and techniques.
Come learn to use some of the most well-known offensive tools in cyber security from the authors themselves, including co-creators and developers of PowerView, PowerShell Empire, Covenant, Mythic, Rubeus, GhostPack, and BloodHound.
Training Participants
Who Should Take This Training Course
This Red Team training course is not intended for beginners and includes a team-based, on-keyboard execution of a simulated red team engagement in a complex network scenario.
OUR ECOSYSTEM
Other Adversary Tactics Training We Offer
Private Training
If a public offering of the training classes does not fit your busy schedule, our team of experts are available to provide a private training offering to your organization. This is by far the best way for your team to get one on one access to the instructors and solidify the material. We provide all training material as well as laptops and classroom locations if needed.
SO Con Register
Sign up for SO-CON updates for the latest information: