Dive deep into cutting-edge techniques that bypass or neuter modern endpoint defenses. Learn how these solutions work in order to mitigate their utility and hide deep within code on the endpoint. The days of downloading that binary from GitHub and pointing it at a box are over. Today’s defenses oftentimes call for multiple bypasses within a single piece of code.
This course is designed to take you deep into defensive and offensive tooling – an apex attacker must know the indicators of compromise (iocs) they’re creating and the artifacts they’re leaving behind.
Learn the iocs and artifacts of using off-the-shelf tooling. Without understanding the defender’s capabilities, an attacker brings little value to a red team engagement.
WHO SHOULD TAKE THIS COURSE
Anybody that is deeply passionate about penetration testing and red teaming.
AUDIENCE SKILL LEVEL
None, but some background in .Net and modern red team ttps will be helpful.
WHAT EACH STUDENT SHOULD BRING
High-speed Internet connection
WHAT STUDENTS WILL BE PROVIDED WITH
For the duration of the course, students will be given access to a private, fully immersive cloud cyber range hosted in SnapLabs. In addition to receiving course slides, students will receive hands-on training with commercial products, including the Cobalt Strike C2 platform. To keep this course industry-relevant and realistic, students will be developing bypasses for multiple EDR products. Due to the commercial software usage and AWS cloud costs in the course, we must charge an additional $100 fee for this training.
TRAINER & AUTHOR
His time in Army special operations and teaching at the NSA gives him a unique background for conducting full-scope offensive cyber operations. He has led penetration tests and red team engagements that include network, cloud, mobile, web app, and API technologies. He has authored and taught courses at DerbyCon and Calvin University. When he’s not hacking the planet, he’s spending time with his family or trail running.
During the last 10 years he has worked in the following roles: blue team lead, developer, senior penetration tester, and red team lead. Focused mostly on exploit development and offensive cyber operations, he has led red team engagements in highly complex Fortune 500 companies. He has worked hand-in-hand with Microsoft to increase kernel security for the Windows 10 operating system. He has led training at BlackHat and DerbyCon. When not pwning boxes, you can find him harvesting maple syrup or spending time with his family.
Tue, August 2, 2022 11:00 AM – 4:00 PM ET
Wed, August 3, 2022 12:00 PM – 4:00 PM ET
Thu, August 4, 2022 12:00 PM – 4:00 PM ET
Fri, August 5, 2022 12:00 PM – 4:00 PM ET