Red Team Initial Access with Michael Allen

Getting a foothold is the first step in a successful breach—and due to modern defenses, it is often the most difficult.

This new course has been completely rebuilt from the ground up to reflect modern initial access methods that work in 2024!

Wild West Hackin’ Fest at Mile High (Feb 4th – Feb 5th, 2025) – Denver, CO

• February 4th – 8:30 AM to 5:00 PM MDT
• February 5th – 8:30 AM to 5:00 PM MDT

Key Takeaways

After completing this class, you will be able to:

• Perform rapid, attack-focused reconnaissance of a target organization
• Find and leverage data leaks on the internet
• Conduct effective credential stuffing and password guessing attacks
• Leverage multiple techniques to overcome multi-factor authentication (MFA)
• Execute social engineering attacks over conventional and unconventional channels
• Obtain access through illicit consent grant attacks (aka “Device Code” phishing)
• Execute Adversary-in-the-Middle attacks for credential theft and session hijacking
• Bypass endpoint defenses to achieve payload execution

You will also learn:

• How operating outside the “Cyber Kill Chain” minimizes detection and multiplies the chances of a successful attack
• How to properly vet attacks before execution, to ensure the maximum chance of success
• Targets that are impossible for organizations to defend or monitor
• Fundamental principles to maximize the effectiveness of social engineering attacks

Who Should Take This Course

• Anyone with an interest in cyber security
• Red teamers who are frustrated with traditional initial access attacks or who want to add more techniques to their toolbox
• Aspiring penetration testers and red teamers who want to quickly learn the latest and greatest attacks that we use on the job every day
• Blue teams and other defenders who want to understand how to defend modern cyber-attacks and how to easily test their own prevention and monitoring capabilities
• Managers of either offensive or defensive security teams, seeking to keep their technical knowledge up to date

Audience Skill Level

Basic familiarity with information security concepts is all that is required to follow along with the presentation and course material. Additional prerequisites required to complete the lab exercises are included in the “Student Requirements” and “System Requirements” sections. 

Student Requirements

The following prerequisites are recommended for students to successfully participate in and complete the lab exercises: 

•  Students should know how to install and run a VMware virtual machine on the computer they use for class

• A modern x64 computer with VMware Workstation Player, Workstation Pro, or Fusion virtualization software installed
• User permissions to install and run a Windows 11 x64 virtual machine in their virtualization platform. The following minimum hardware resources are required to run the virtual machine:
  • 70 GB of available hard disk space 
  • 8 GB of RAM 
• High-speed Internet sufficient for participating in a video conference/webinar
• A credit card – Students need to sign up for cloud service accounts such as Microsoft 365, Azure, and Amazon AWS. These services offer free trials, which can be used for the lab exercises, but a credit card is required for signing up
• A mobile phone – Students may need to receive SMS messages to complete signups for cloud service accounts. Students will also require a mobile phone for multi-factor authentication during the labs

If you are not sure if your computer meets the hardware or virtualization requirements noted above, you can test your computer before purchasing the class by downloading and installing Microsoft’s official VMware Windows 11 image at the following URL. If you can run this VMware virtual machine on your computer, you will also be able to run the virtual machine provided for class. 

• Note that the virtual machine available at the link below is not the same one you will be using in class. It is provided here only for testing your computer before purchasing the class
  • https://developer.microsoft.com/en-us/windows/downloads/virtual-machines/