Instructor: Carrie Roberts
Course Length: 16 Hours
Format: Live Online or On-Demand
Includes: Twelve months of complimentary access to the Antisyphon Cyber Range, certificate of participation, six months access to class recordings.
Course Description
Attack Emulation tools help you measure, monitor, and improve your security controls by executing scripted attacks. Atomic Red Team is a community developed open-source library of these scripted attacks that are mapped directly to the MITRE ATT&CK Framework. There are several frameworks available for executing these scripted attacks including MITRE CALDERA and VECTR. This class will provide an overview of the MITRE ATT&CK framework and give you in-depth, hands-on knowledge of how to execute scripted attacks that exercise many of the techniques defined in MITRE ATT&CK. You will be provided with hands-on lab instructions for emulating a variety of attacks and creating visualizations using the MITRE ATT&CK Navigator. At the end of this class, you will have the knowledge and tools to begin executing simulated attacks within your own test environment, allowing you to create and validate detections in a script-able and consistent way.
An abundance of well documented labs with screenshots provided on the following topics:
Whether you are a student of information security or a seasoned network defender there is something to learn from getting involved in the Attack Emulation space and this course will help you do that.
Note: We do not write detections in this class.
Key Takeaways
- General understanding of PowerShell
- In-Depth knowledge of PowerShell execution logging options
- Understanding of PowerShell security features from both an offensive and defensive perspective
Who Should Take This Course
Anyone interested in hands-on learning about cyber-attacks including tools to emulate and report on them should take this course.
- Defenders and Blue Teamers
- Students interested in Information Security
- Penetration Testers and Red Teamers
- General Security Practitioners
Audience Skill Level
Entry level through advanced information security skills.
Student Requirements
General familiarity with the Windows and Linux operating systems.
System Requirements
- Stable Internet access
- x86 architecture CPU clocked at 2 GHz or higher that is capable of nested virtualization
(Apple Silicon is currently not supported) - A computer with at least 8 GB of RAM. 16 GB is recommended
- VMWare Workstation or VMWare Fusion
(VirtualBox and other VM software is not supported) - Windows 10/11, MacOSX+, or a currently supported Linux Distribution
- Full Administrator/root access to your computer or laptop
System should also have at least 50GB of available disk space.
About Antisyphon Training Options
Live Online
Learn via live stream from instructors that are in the field utilizing the techniques they teach. Classes are split into four training days that are each four hours long. Live Online training includes six months access to dedicated class channels in the Antisyphon Discord server, six months access to live class recordings, a certificate of participation, and 12 months complimentary access to the Antisyphon Cyber Range.
On-Demand
Learn at your own pace with access to course content, lectures, and demos in the Antisyphon On-demand learning platform. Most courses are offered with lifetime access to the course and content updates. All On-demand courses include content update alerts, access to dedicated support channels in the Antisyphon Discord server, a certificate of participation, and 12 months complimentary access to the Antisyphon Cyber Range.
Trainer & Author

Carrie Roberts is a programmer, turned pentester, turned red teamer, turned blueish purple. She is currently a Defense Engineer at Walmart. She loves to learn and give back to the community. She is one of the primary Atomic Red Team project maintainers and developers and has developed many of her own open-source tools. She holds master’s Degrees in both Computer Science and Information Security Engineering. She has earned 12 GIAC certifications including the prestigious “Security Expert” (GSE) certification. She has spoken at numerous security conferences including DerbyCon and Wild West Hackin’ Fest, published many blog posts on topics ranging from social engineering to bypassing anti-virus, and contributed new research on the VBA Stomping maldoc technique.
Live Training Events
There are no sessions of this course currently on our schedule.
Please keep an eye on the Live Training Calendar page for updates, or Contact Us for a private training session.