Applied Purple Teaming w/ Kent Ickler and Jordan Drysdale

Course Length: 16 Hours
Tuition: $575 per person

Includes: Twelve months of complimentary access to the Antisyphon Cyber Range, certificate of participation, six months access to class recordings.

Key Takeaways

• Build a continuously improving IT security lifecycle of responsible network administration.
• Understand and implement “Best Practice” Security configurations for Windows and Active Directory.
• Utilize Modern red team and hacker tactics to audit security posture.
• Kill the LLMNR, NTLM, and SMB Relay attack sequence.
• Understand current frameworks in use by attackers, script kiddies, and nation-state actors.
• Understand business impact and residual risk in balancing security.
• Ability to demonstrate command and control infrastructures and relative defense mechanisms.

Who Should Take This Course

People interested in learning how to red team to drive home the risks of failing to implement improved password policies. Anyone interested in understanding and executing an LLMNR and NTLM relay attack against open SMB services on a network should join us. Any analyst, sysadmin, or network architect looking to build a security team focused on continual improvement should take this course.

• IT System Administrators
• IT Security Management and Leadership
• Helpdesk Technicians and Analysts
• Network Engineers
• Defenders and BlueTeamers
• General security practitioners
• Penetration testers
• Network / Domain Architects

Audience Skill Level

Students should have nominal Windows / Linux / Mac operating knowledge. An ideal candidate is in a position to make lasting changes in a Windows Domain environment. A motivated student will be ready to deploy command and control infrastructure, infect Windows systems, escalate their privileges, and learn defensive strategies to kill these attack chains.

Student Requirements

• Exposure to Active Directory Access to an Azure Subscription for this lab environment
• Signing up is free and includes a $200 credit for 30 days: (Create Your Azure Free Account Today | Microsoft Azure)

What Each Student Should Bring

• Laptop
• Remote Desktop Protocol (RDP) Client

What Students Will Be Provided

• Digital Copy of Book
• Best Practice guides, cheat sheets, and syntax cards

Jordan was around for the inception of Napster and the explosion of P2P networks. This drove his fascination with network systems and led him toward a career in IT. Jordan’s first gig in the industry included supporting Latin American networking customers for Hewlett Packard’s network support division. After five years of support, engineering, training, and stress, Jordan became a wireless escalations team lead and multi-vendor certified problem solver. With kids in tow, Jordan headed back toward the Dakotas to be nearer extended family and friends where he learned Citrix, VMware, VDI, supported Cisco gear, implemented profile management solutions, deployed remote networks at scale, and ensured performance across infrastructure. Before becoming a penetration tester, Jordan supported multiple (50+) domains as part of an MSSP’s rock star team. For the last five years, Jordan has been a penetration tester with the Black Hills InfoSec team.

Kent started his Information Technology career working for an Internet Service Provider supporting the MidWest’s broadband initiatives of the early 2000s. His interest in technology and business operations drove his career into working for multiple Fortune 500 companies and equipping their organizational leadership with business analytical data that would support their technology initiatives. With an understanding of Information Technology, System Administration, Accounting, and Business Law, Kent has helped businesses leverage technology for competitive advantage while balancing the risks associated with today’s dynamic network environments. Kent has been with Black Hills Information Security for three years in security and administration roles.