Red Team & Operational Security


What To Expect

The Red Team & Operational Security course is designed to help the candidates build the capabilities to simulate a modern adversary. This course will take you through the different stages of an Attacker killchain. You will initially learn to build your own Attack Infrastructure Setup in AWS, Azure or GCP using various Open Source and Commercial Command & Control Systems. After configuring the C2, you will learn to hide your C2 with Domain fronting and Redirectors and modifying the C2 Artefacts such as hiding your stage artefacts and identifying Cloud based Sandboxes and learn to build different types of initial access implants in Word, Excel, HTA and MSI using Open Source Tools and building some part of the code in-house in order to avoid EDR and Network-based Detections.

After gaining the initial access, you will be given access to Active Directory Domain Enviornment Lab on the cloud where you will first execute your initial access implant and gain access to a host. From thereon, you will perform different types of local and Active Directory enumeration to further escalate your privileges to an Enterprise Administrator. These attacks will use but not limited to understanding the Active Directory environment, Kerberos, domain enumeration with open source tools, Brute Ratel post exploitation toolkit and LDAP Queries, exploiting domain service misconfigurations such as unconstrained and constrainged delegations, certificate abuse and more.

The below figure highlights the focus area of the training session.


Training Content

The total course duration are 3 days Online Interactive training sessions over Microsoft Teams. Virtual environments such as Active Directory Lab/C2 access/Domain access will be provided where necessary. A detailed information on the training content can be found here.


Certification

Dark Vortex provides Certificate Of Completion for every completed course. This certificate may be verified by contacting paranoidninja@0xdarkvortex.dev using the enrolment ID from the given certificate.


Prerequisites

The course is highly practical in nature and involves a lot of programming in C/C++, reverse engineering in windbg/x64dbg. Its important to have a good grasp of the below fundamentals before approaching the course.

  • Basic Understanding of operating system architecture
  • Basic Understanding of the Windows Active Directory environment
  • Fundamental knowledge of programming with C/C++
  • Familiarity with programming concepts (pointers, referenceses, addresses, data structures, threads, processes)
  • Strong will to learn and creative mindset.


System Requirements

During the course, we will be working with different virtual machines which will involve cloning, creating, and snapshots and several other hands-on exercises. A properly configured system is extremely important to fully utilize the benefits of the training session. We strongly request you to have fully configured system which meets the below requirements for the course. All the requirements mentioned below are either freely available or open source.

  • Windows 10
    • A laptop with atleast 16GB RAM to run a Kali/Ubuntu virtual machine.
    • VMware/VirtualBox installed
    • Good Internet Connectivity
    • Visual Studio with C/C++/C# packages installed
    • Visual Code/Editor of your choice
  • Kali Linux/Ubuntu 20.04 (Virtual Machine)
    • VS Code
    • Mingw-w64
    • Nasm
    • Wireshark

NOTE: Make sure you have a snapshot of each virtual machine before you start the class, just in case you have to revert everything back to stock if your Virtual Machine crashes during the training.


Course Fees

Red Team & Operational Security | 3 days (Interactive/Online)

At the end of the course, you will receive a Certificate of Completion and all the training materials including course PDFs/slides, content materials, source code for initial access payloads and a trial license of Brute Ratel C4.

$2500 USD

Inclusive of taxes and certification


We conduct live training sessions which are conducted remotely and do not contain pre-recorded videos. For enquiries on training programs or other services, reach us at paranoidninja@0xdarkvortex.dev