In this training, we learn the fundamentals of DevOps and how we can code our tactics, techniques, and procedures (TTPs).

Today, to be an advanced and effective attacker, you need to move fast, and that speed requires a move to a DevOps style of managing infrastructure and code. With cloud resources and APIs to manage these resources, the days of manual setup are long behind us.

To conduct an advanced attack, you need more than just a collection of simple scripts. In addition to talent, you need a large amount of managed and unmanaged code. The more code and resources that are required to conduct an engagement, the more time we need. Time is something we don’t have a lot of on an engagement.

Coding TTPs allows for new tactics and improved OPSEC to be shared without the cost of knowledge transfer and manual setup. This class will introduce students to Terraform Ansible and Docker with the goal of writing TTPs to use and share.

In this class, we will learn the fundamentals of Terraform Ansible and Docker with an emphasis on how we can use these tools to code our TTPs. After we have the fundamentals, we will start coding and get comfortable with YAML and will review how to create resources and customize TTPs. Lastly, we will work through multiple labs and examples that you can take with you for your next engagement.

Key Takeaways

After having taken this course, students should have:

A thorough understanding of advanced attack infrastructure
A full methodology for building red team resources
Instructions and sample code on how to build out full attack infrastructure and how to integrate TTPs

Who Should Take This Course

Penetration testers
Red teamers
Ethical hackers
General security practitioners

Audience Skill Level

There is no particular skill level necessary to take this course.

Student Requirements

Students should have general Windows / UNIX command line skills in order to complete all of the hands-on labs.

What Each Student Should Bring

A credit card (You will be signing up for cloud service accounts such as Microsoft Azure and AWS. These services require a credit card for signing up.)
Before registering, please check that both Amazon AWS and Microsoft Azure services are available in your country. (Note that if you cannot sign up for these services you will not be able to participate in the labs)

x86-compatible or x64-compatible 2.0 GHz CPU minimum or higher
8 GB RAM or higher required
40 GB available hard drive space
Windows 10 (This training utilizes VMware Workstation Player to run two different VMs)

There are no scheduled live dates for this course at this time. Private training may be available.

On Demand Training

Train at your own pace with no set course schedule
Access to all course resources, including slides and VMs
Subject Matter Expert support through Discord
Tips, tools, and techniques that can be applied immediately upon returning to work
Strengthen your skills by solving challenges within the Antisyphon Cyber Range
Become part of a community driven to educate and share knowledge