An objective-driven assessment, designed to evaluate the effectiveness of your operational security measures against multiple attack vectors.
A red team engagement evaluates your capability to respond to an active breach. With our guidance, you will hone your defensive capabilities in a “live fire” exercise.
Your team has expertise and an internal understanding of your network environment. But an external view of your network, using current adversary technology and tactics, is an essential component of a strong defensive security posture.
The SpecterOps team has years of experience conducting adversary simulation exercises. Our projects across numerous enterprise customers keep us at the leading-edge of the latest adversary Tactics, Techniques, and Procedures. Our penetration tests and red team activities apply those methodologies in your environment to effectively identify gaps so they can be addressed.
Leveraging our deep experience from conducting hundreds of adversary simulation exercises, SpecterOps gives you the capabilities to conduct effective red team operations. This course explores the foundation of Red Teaming and how to simulate advanced threat actors, providing defensive staff with visibility in how an adversary would maneuver against them.
Red team operators enjoyed robust community and commercial tooling to simulate advanced adversary tradecraft in traditional enterprise environments. As organizations have increasingly moved to hybrid, or non-Windows, environments our red team community knowledge has not kept pace. This course focuses on bridging that gap, highlighting the latest macOS security enhancements, and arming red teamers with the foundational knowledge to operate against macOS endpoints. The objective is to deep dive into the concepts behind techniques to enable operational flexibility and prepare for future macOS enhancements, rather than simply training with specific available tooling.
Your organization has just implemented the leading detection and response products. Are they configured with default configuration? How much faith should you have in your ability to detect sophisticated attacks? How would you simulate attacks to ensure robust detections are in place? This course will teach the importance of understanding the inner workings of attack techniques and telemetry availability and provide a workflow for developing robust detection analytics or data driven evasion decisions. Focusing on various Windows components and attacker TTPs, you will dive deep into how software abstracts underlying capabilities and how attackers can interact with deeper layers to bypass superficial detection capabilities.
Relying on publicly available and stock tooling to leverage weaknesses in enterprise Windows environments to execute effective red team operations is becoming increasingly difficult. However, complex environments, with custom applications and configurations, often contain significant exploit potential attackers could utilize. Red teamer operators capable of taking advantage of these weaknesses can simulate more advanced adversaries, and help organizations remove difficult to identify attack chains. This course teaches the methodology and tools to find, triage, and utilize exploitable vulnerabilities on Windows systems in time-sensitive engagements. You will dive into the vulnerability classes that SpecterOps routinely finds in mature environments and practice methods of identification, triage, and exploitation.