Learn to Expand Your Bag of Tricks
Relying on publicly available and stock tooling to leverage weaknesses in enterprise Windows environments to execute effective red team operations is becoming increasingly difficult. However, complex environments with custom applications and configurations often contain significant exploit potential attackers could utilize. Red team operators capable of taking advantage of these weaknesses can simulate more advanced adversaries and help organizations remove difficult to identify attack chains.
Vulnerability Research for Operators
In Adversary Tactics: Vulnerability Research for Operators, you will learn an operator-focused approach to find the vulnerabilities needed to escalate privileges, execute arbitrary code, or facilitate lateral movement in Windows environments. We will give you the methodology and identify tools to find these weaknesses during active operations, when costly lead time and dedicated lab environments are unavailable. This course covers the vulnerability classes that SpecterOps routinely finds on engagements and dives into their root causes, identification techniques, and exploitation methods.
- Introduction to Vulnerability Research
- Vulnerability Disclosure
- Target Identification
- Windows Access Control List (ACL) Abuses
- .NET Vulnerabilities
- Driver-Based Vulnerabilities
- Interprocess Communication (IPC)
- File & Protocol Handlers
- File System Bugs
- Path Canonicalization
The Adversary Tactics: Vulnerability Research for Operators course teaches the methodology and tools to find, triage, and leverage exploitable vulnerabilities on Windows systems in time-sensitive engagements. You will dive into the vulnerability classes that SpecterOps routinely finds in mature environments and practice methods of identification, triage, and exploitation. Finally, you will learn to make each vulnerability operational with hands-on exercises designed for various experience levels (from beginner to advanced). You don’t need to be an exploitation wizard to achieve success as a red team operator, but you will find the ability to quickly triage and operationalize concepts presented will increase your effectiveness when operating in mature environments.
Who Should Take This Course
This is an advanced course is intended for expert penetration testers, red team operators, or security professionals. This course is not for beginners and includes a hands-on execution of complex red team tradecraft, vulnerability identification, and exploitation.
Participants should be comfortable with penetration testing and red team concepts and tools, and generally familiar with Windows internals.
What Participants Should Bring
Participants must provide their own computer with a modern web browser installed to access training materials and complete the course’s labs. The SpecterOps training platform URL (https://specterops.training) must be accessible from the participant’s computer throughout the duration of the course.
There are no local virtual machines or special software required to fully participate in the course or labs.
During the course, participants will be provided access to a comprehensive range to perform course labs and goals.
Upon completion of the course, participants are provided with a copy of course slides, copies of solution guides/videos, and a certificate of completion.
See What Else We Have to Offer
If a public offering of the training classes does not fit your busy schedule, our team of experts are available to provide a private training offering to your organization. This is by far the best way for your team to get one on one access to the instructors and solidify the material. We provide all training material as well as laptops and classroom locations if needed.Private Trainings