Mosse Cyber Security Red Teaming Master Class

Length

5 days

Price

$5000.00 (inc GST)

The Red Teaming Master Course focus is on advanced reconnaissance, target profiling and modelling, and exploitation of trust relationships techniques. Some of the tools and techniques covered in this course include, but are not limited to: Sieve, DLL side loading, Powershell, Process Hollowing, Autoint, WMI, attacking Kerberos, and abusing Windows Securable Objects.

 

Hardware Requirements:

  • The students are responsible for bringing their laptops to the course.
  • Internet is provided by the training provider.
  • Attendees will have to install a VPN client to connect to the security lab infrastructure.
  • Attendees are required to have an RDP client (installed by default on all Windows machines)

Student laptops must be running either OSX, Linux, or Windows and must have the ability to disable all antivirus, sniff traffic, adjust firewalls, etc.

Students must bring an RDP client to connect to our lab in the cloud.

 

Please be advised that this is a reseller course which is not held at DDLS. Students are expected to organise their own meals.

Skills Gained

 

The Master Course teaches students non-traditional techniques based on what advanced adversaries do, rather than compliance-based penetration testing.

Key Topics

Introduction 

  • Introducing the fundamentals
  • Introducing the mentality for Offensive Hacking Operations

 

Weaponization Software

  • The basics of MSF and why attackers don’t really use it
  • Attacker toolsets ◦How to steal exploits from metasploit, exploit packs, etc
    • Using eclipse and jdk-gui for customizing the exploit
    • Delivering the exploit and custom payloads
  • Rapid malware prototyping with other languages and platforms
    • Concepts of malware and capabilities
    • Learning Autoit
    • Developing some simple tools
  • Utilise Sieve (php web phishing tool)
  • Java exploitation techniques

 

Initial Exploitation

  • Real attacker versus penetration testers reconnaissance techniques
  • Web hacking techniques for Black Hats
  • Building tools to automate reconnaissance exercises
  • Using Powershell and Autoit to avoid detection

 

On Host

  • Undertaking reconnaissance on users registry and file systems
  • Introduction to Windows Securable Objects
  • Identifying securable object vulnerabilities for root
  • Finding assets on a network like a true attacker
  • Event log scraping
  • Bypassing anti-virus and next-gen enterprise security products
  • Powershell ISE 0day
  • DLL Side loading and building your own attack tools
  • Shadow Copy and Persistence ◦Utilising Microsoft Windows against itself for malware hiding

 

Lateral Movement

  • Abusing Single Sign On
  • Building your own mimikatz for evasion
  • Pass the Hash techniques without passing the hash
  • Binary obfuscation techniques
  • Mastering WMI + Powershell
    • WMI for code execution on remote hosts
    • Building your own WMI + Powershell toolkit
  • SSH manipulation for shells ◦The variety of ssh tunnels and how to use them for bypassing techniques
    • Bypassing modern day ssh protections with nothing but bash
    • Trojan keys
    • SSH Master mode and how to use it for remote code execution
    • Chaining Kerberos, NFS, SSH bypasses

 

Unix Network Exploitation

  • Conducting host-based reconnaissance on unix systems
  • Non memory corruption root
    • Abusing incorrect file permissions
    • Hacking Bash
  • Poormans rootkits
  • How to leverage NFS for exploitation
  • Kerberos hacking
    • Exploiting Kerberos from Bash
    • The K's (e.g. init and list)
    • Chaining Kerberos and NFS exploitation
Target Audience

Penetration Tester; IT Manager / IT Security Manager; Incident Responder; Digital Forensic Investigator; Security Analyst

Prerequisites

The supply of this course by ACTE Pty Ltd (trading as DDLS) is governed by the booking terms and conditions. Please read the terms and conditions carefully before enrolling in this course, as enrolment in the course is conditional on acceptance of these terms and conditions.

Course Availability

Please call DDLS on 1800 U LEARN (1800 853 276) or register your interest below.

Pre-Course Requirements

DDLS offers this training through a third party. This arrangement requires DDLS to provide your details to our partner for course registration purposes.