< NULLCON 2024 - BANGALORE />

About The Training

Training Registration Schedule Sponsors Venue
GO BACK
Manish Gupta
Yash Bharadwaj
Sold Out

< Training Title />

StealthOps: Red Team Operations 24 Edition

< Training Schedule />

Start Date: Nov 07, 2024

End Date: Nov 09, 2024

< Training Objectives />

Apex Threat Actors having advanced capabilities like leveraging in-memory implants, writing custom codes to evade AVs & EDR, moving laterally with custom Tools, evading host and network level security solutions for stealthiness, etc are constantly consolidating their attack techniques (and Tactics) against Defensive Teams.

To strengthen enterprise-grade security, the training is designed for penetration testers, Red Teams, and Blue Team members to understand different tactics, techniques, and attacks used by adversaries.

< Training Level />

Basic - Intermediate 

< Training Outlines />

Module 1 : Red Team Resource Development

  • Red Team Infrastructure Development 
    • C2
    • Redirector
    • Payload Server
  • Cloud & Automation
    • AWS & Azure Cloud
    • Private access to Red Team Automation Framework
  • Initial Access Security Controls
  • Initial Access Defense Evasion Techniques
    • HTML/SVG Smuggling
    • RTLO Demonstration
  • Working Initial Access Vectors
    • .NET <3 Serialization with Initial Access TTP [1 Exercise]
    • Backdooring MSIs [1 Exercise]
    • De-Chained .LNK TTP [1 Exercise]
    • Leveraging ClickOnce [1 Exercise] 

Module 2: Tradecraft Development for Offensive Operations

  • APT29 Initial Access Tradecraft
  • CSharp Essentials [4 Hands-on Labs]
  • Offensive C# Trade-Craft [3 Hands-on Labs]
  • Windows API Essentials
  • Utilizing Windows API for Red Team Profit [3 Hands-on Lab]

Module 3: Host, Network & Cloud-Based Attacks

  • Hosts Based :
    • AMSI, CLM, Script Block Logging, ASR Rules Bypasses [1 Labs Each]
    • Fileless UAC Bypass [1 Lab]
    • Application Whitelisting: Applocker, MDAC
    • Credential Access
      • Browser based:
        • Chrome & Firefox [1 Lab Each]
      • Windows based:
        • PS-Readline Module
        • Custom C# Dumper
        • Bonus Access to private credential dumper tool
  • Network-Based
    • 5 Ways of Abusing Cross-Forest Trust
      • Foreign Security Principals (FSPs)
      • Trust Keys Abuse
      • Over-Permissible Active Directory Certificate Template
      • Privileged Access Management (PAM)
      • Kerberoasting
  • Cloud-Based :
    • Primary Refresh Tokens (PRT) Abuse
    • Password Hash Sync (PHS) Abuse
    • Golden SAML Attack
    • OAuth Device Code
    • On-Premise to Cloud Lateral Movement Case Study

Module 4 (Contd..)

  • Introduction to Telemetry Collection
  • ETW & EDR's Basics
  • ETW Patching [1 Lab Each]
  • AMSI + ETW Patching [1 Lab Each]
  • General Evasion Areas [4 Exercises]
    • Native APIs
    • Unhooking by Patching
    • DLL Unhooking
    • Direct Syscalls

*Candidates will Get FULL 7 Days Lab Access with write-ups after training which comes with technical support.

< WHAT TO BRING? />

  • The system with at least 16GB RAM having VMWare workstation Pro installed
  • Attacker Linux Box [Parrot/kali] With Internet Connectivity
  • Updated Web Browser

(The team will share the Customized StealthOps VM 1 week before the training date)

< Training PREREQUISITE />

  • Comfortable with command line environment
  • Fair knowledge of Penetration Testing Methodology
  • An Open Mind :)

< WHO SHOULD ATTEND? />

  • Penetration Testers / Red Teams / Security Consultants
  • System Administrators
  • Malware Developers
  • SOC analysts
  • Threat Hunting Team
  • Last but not least, anyone who is interested in strengthening their offensive and detection capabilities

< WHAT TO EXPECT? />

  • This training helps enhance the visibility of Enterprise Security Controls in the organization.
  • Training will brief on the tactics, techniques, procedures, and tools of Threat Groups like how stealthily they operate. OR How they circumvent the security mechanisms employed in a patched & monitored environment.
  • Candidates will get enhanced threat visibility capabilities in both Host & Network on Windows, and Linux environments & lateral movement to cloud environments.
  • Candidates will get to know how NOT to configure enterprise security controls

< WHAT ATTENDEES WILL GET? />

  • Candidates will get 7 Days of Lab Access (24*7 accessible) with write-ups after training which comes with technical support.
  • Premium materials (Training Materials)
  • Private access to Red Team Automation Framework + Credential Dumping Tool

< WHAT NOT TO EXPECT? />

  • 0 Day
  • Private security control flaw
  • Students must cope with the trainer-taught exercise to save time

< About the Trainer />

Manish Gupta is Director of CyberWarFare Labs having 7.5+ years of expertise in offensive Information Security. Previously he had worked as a red team operator & team lead at MNCs like Microsoft, Grab & Citrix. He specializes in Red Teaming Activities in enterprise Environments including On-premise & Multi-Cloud. His research interest includes Real World Cyber Attack Simulation and Advanced Persistent Threat (APT). Previously he has presented his research at reputed conferences like Blackhat USA, DEFCON, Nullcon, BSIDES Chapters, X33fcon Poland, NorthSec Canada & other corporate trainings, etc.
CyberWarFare Labs: @cyberwarfarelab

Yash Bharadwaj, Co-Founder & CTO at CyberWarFare Labs with over 5.5 Years of Experience as a Technologist. Highly attentive towards finding, learning, and discovering new TTP's used during offensive engagements. His area of interest includes building Red / Blue team infrastructure, Security Controls Internals, and Pwning On-Premise & Multi-cloud infrastructure. Previously he has delivered hands-on red/blue/purple team training/talks/workshops at Blackhat, Nullcon, X33fCon, NorthSec, BSIDES Chapters (US & Asia Pacific), OWASP Chapters, CISO Platform, YASCON & other private trainings.