Most enterprises deal with misconfigured security controls in their infrastructure. It is well known that attackers have evaded, circumvented, and even abused these controls with the intention to gain access to critical assets. The training is designed for red teams, penetration testers, system administrators, and Blue Team members to understand different tactics, techniques, and attacks used by adversaries. The major portion includes identifying misconfigurations in controls, developing offensive trade-craft & then stealthily evading it following the latest attack vectors.
Candidates will gain enough knowledge of the enterprise-grade security controls and how they can be evaded in Host, Network, and Cloud synced devices. The class will go through various security controls, writing custom scripts in C#, abusing windows internals/features and monitoring solutions, writing custom bypasses for evading host, network, and cloud security (EDR) controls and bypassing cross-forest restrictions in Active Directory Environment, etc. Training is focused on Windows & Linux platforms in order to better refine detection in an enterprise.
Training level: Intermediate; Basic
Apex Threat Actors having advanced capabilities like leveraging in-memory implants, writing custom codes to evade AVs & EDR, moving laterally with custom made Tools, evading host and network-level security solutions for stealthiness, etc are constantly consolidating their attack techniques (and Tactics) against Defensive Teams. To strengthen enterprise-grade security, the training is designed for penetration testers, system administrators, and Blue Team members to understand different tactics, techniques, and attacks used by adversaries.
Day 1 (Introduction to Enterprise Security Controls)
Day 2 (Offensive C# Tradecraft, Windows API & Bypasses)
Day 3 (Abusing / Evading Security Controls - Feature Abuse)
Course material including commands, slides, and enterprise lab walk-through, 30 days of full lab access with technical support during and after the training class.
Manish Gupta is Director of CyberWarFare Labs in India having 6.5+ years of expertise in Offensive Information Security. Where he specializes in Offensive Security and Red Teaming Activities on enterprise Environment. A part-time Bug Bounty Hunter and CTF Player. His Research interest includes Real World Cyber Attack Simulation and Advanced persistent Threat (APT). Previously he has spoken at reputed conferences like Blackhat USA 19, DEFCON 19, Nullcon 2020, BSIDES CT 20 where he showcased his red teaming toolkit "PivotSuite". He is currently working on developing OpenSource Offensive Security Toolkit which helps Red Teamers / Penetration Testers. He will be delivering his next Offensive / Defensive Operations Cyber Security Trainings in Nullcon 21 (Sept 21) & multiple corporate training.
Yash Bharadwaj, working as a technical architect at CyberWarFare Labs. Highly attentive towards finding, learning and discovering new TTP’s used during offensive engagements. His area of interest includes (but not limited to) building Red / Blue team infrastructure, evading AVs & EDRs, Pwning Active Directory infrastructure, stealth enterprise networks & Multi cloud attacks. Previously he has delivered hands-on red team trainings at BSIDES Ahmedabad, OWASP Seasides 20, Red & Blue Team Training at BSIDES Delhi, OWASP APPSEC Indonesia 20, CISO Platform 20 & YASCON 21 & performed. He has trained at various international conferences(Nullcon 21, BSIDES Connecticut). You can reach out to him on Twitter @flopyash
