Sensepost: Introduction To Red Teaming

2 Day u_short 16 CPE Hour Training: August 2020 * AUG 4,5,6

Leon Jacobs, SensePost

Abstract

If you want to transition your penetration testing into red teaming to better emulate real criminal hacking campaigns, and ultimately show real impact, then this course is for you.

It is sometimes said that penetration testers emulate other penetration testers rather than real bad guys, leaving organisations exposed to what they miss.

This course aims to change that. By leveraging our experience in red teaming and business-critical compromises, we've put together a course to teach you how to test your organisation like a real criminal would.

No equipment other than a laptop is needed, however, our lab environment serves as the perfect place to level-up your traditional pentesting experience.

SUGGESTED COMBO: Q DIVISION - HARDWARE TOOLS FOR CLOSE QUARTER HACKING

This course is the result of our 19 years of experience giving training and will advance your ability to understand and compromise organisational networks. We've taken our red teaming approaches and combined them with real-life attacks to give you a wild two days of hardcore hands on hacking.

This is a very hands on course, and some of the topics and practical exercises include:

  • Exploitation and gaining a foothold via phishing
  • Malware delivery vectors using real samples, loaders and developing AV bypasses
  • Privilege escalation and low noise persistence
  • Advanced usage of tools like Empire, Metasploit and Covenant
  • Dealing with different architectures and debugging "broken" tooling
  • Lateral movement and living off the land
  • Using the access you have to your advantage and challenging the myth of always needing administrator privileges
  • Understanding tools vs detection trade offs
  • Unusual C2s and hiding in plain sight (DNS, DNS over HTTPS, and Exchange based C2s)
  • Emulating real threats by targeting financial systems.

Who should take this course

Penetration testers, network administrators, red/blue teams, security professionals, and IT security enthusiasts who have a need to acquaint themselves with real-world offensive tactics, techniques and tools.

Student will be provided with

  • Access to our web class portal containing slides, practicals, walkthroughs and tools and prerequisites.
  • Access to your own individual lab with numerous targets and capabilities, used for the practicals.

System Requirements

Students should bring a laptop that is capable of running an OpenVPN client, an SSH client and a Remote Desktop client.