All Dark Vortex trainings are led by Chetan Nayak. He strongly believes that in order to have a good understanding of information security, you need to have a good grasp on the fundaments of computer science. Its not only important to understand how things work, but also why things work, the way they work.
All the trainings conducted here, contain in-depth analysis of every attack/detection both from the defense and the offense perspective. You will be spending a lot of time on debuggers, wireshark and C/C++/Assembly to create hypothesis, validate the hypothesis and build your own tools/detections from every artefact found during the analysis.
Upcoming Workshops
Malware On Steroids
Slots Available:
- 2nd September 2024 - 5th September 2024 - 7 AM UK | 4 days | 6-7 hours per day (Interactive/Online) | 2500 US$
The MOS training program focuses on a brief introduction towards Windows Internals followed by a full hands-on course on building a Command & Control architecture and different types of payloads. A detailed information on the workshop can be found here.
Certificate Of Completion: Yes
Offensive Tool Development
Slots Available:
- TBA - 7 AM UK | 4 days | 6-7 hours per day (Interactive/Online)
The OTD training program is highly technical in nature which focuses on building a variety of tools for offensive tasks in C/C++ which support in-memory injection. This course will make heavy use of C/C++ programming and reversing with x64dbg/windbg. A detailed information on the workshop can be found here.
Certificate Of Completion: Yes
Red Team & Operation Security
Slots Available:
- TBA - 7 AM UK | 4 days | 6-7 hours per day (Interactive/Online)
The RTOS training program is designed to build the capabilities to simulate a modern adversary and configure your Command & Control architecture for Initial Access while using various techniques to hide in the shadows and move laterally to achieve the final objective of the Red Team. A detailed information on the workshop can be found here.
Certificate Of Completion: Yes
Please contact paranoidninja@0xdarkvortex.dev for registration inquiries.
I've taken a lot of training courses and can genuinely say that OTD/MOS were some of the very best. The content, delivery and relevancy were outstanding.
Eduardo Ribeiro
Principal Security Consultant | Red Teaming | Westpac Group
OTD (Offensive Tool Dev) was a very comprehensive and technical training, covering many aspects from the basics of Windows API programming to offensive repurposing of standard functionality. Also, the knowledge and experience of the teacher allowed him to answer many side questions related to technology and teach the latest offensive techniques. The practical part was excellent too, many programming tasks and provided code examples would allow many tools to be implemented and created at home. Thank you very much, Chetan.
Ruslan Sayfiev
Red Team Lead | Ierae Security
The course content was excellent, Chetan presented information relevant to any red teamer interested in developing their own C2, or in better understanding what the C2 they use is doing behind the scenes. The code samples are all practical and usable, and Chetan gave detailed answers to all questions asked, even if they weren't part of the course outline!
Scott Madison
Principal Security Consultant | Red Teaming | Westpac Group
I’m really happy with the course content and delivery of MOS and OTD. The online training was very interactive and engaging. Chetan was happy to teach numerous ways to manage windows memory protections, modify process internals, and evade common detection patterns. He went beyond the TOC in many cases extending the project files with live changes that not only taught us new/modern techniques but also an approach to debug issues with WinAPI and fix code. If you are looking for a training in C/C++ WinAPI to customise/improve your adversary simulation tradecraft.. look no further.
Ramnath Shenoy
Managing Security Consultant | Red Team | NCC Group
Chetan is a really good trainer and he takes up every question as a challenge. He taught us Malware reverse engineering in great detail by going walking us through every section in the process memory, performing memory dumps and extracting metadata to hunt malwares. The best part of the course was he not only taught us attacks, but also every possible detection artefacts for every attack technique he performed.
Anonymous Military Organization
Totally unique and very interactive sessions. Understanding the things in depth, at the lower level in the MOS and OTD training programs really helped me a lot in threat hunting. Chetan is a professional with an incredible knowledge of both offensive and defensive areas in Infosec. He makes sure to explain the concepts until you completely understand. Whenever there's a problem in code, he opens up the debugger and shows what exactly is happening. These training programs really helped me to get trained on new topics at a faster pace.
Madhukar Raina
Senior Threat Hunter | Securonix
Red Team TTPs Part 2: PUSH 0xPE, CALL 0xLOADER
Posted on 08 Oct 2020 by Paranoid Ninja
.blogPE or Portable executable is one of the most important topic that revolves around information security. Anything ranging from executing a process on windows, loading a DLL from disk, memory based reflective PE injections or even reflecting Dot Net Assemblies, all revolve around the P...
Tagged with: red-team blogs brute-ratel
Red Team TTPs Part 1: AMSI Evasion
Posted on 17 Jul 2019 by Paranoid Ninja
It’s been a while since I wrote my last blog-post. I wrote this post partially quite a while back, but then I joined as a Senior Red Team Consultant at Mandiant/Fireeye and its been a bumpy ride for me since I’ve been too busy with office projects as well as a personal project of mine for...
Windows Shellcoding x86 – Calling Functions in Kernel32.dll – Part 2
Posted on 01 Apr 2019 by Paranoid Ninja
In the previous part, we found the address of Kernel32.dll dynamically by walking through the LDR struct. In this part, we will be focusing on finding the address of the functions(known as DLL symbols) within the Kernel32.dll and calling them by supplying the arguments. One of the methods...
Tagged with: shellcoding blogs